26 Feb VPN 101 – Part 1: What You Need to Know to Stay Safe and Protect Your Privacy Online
February 26. 2018
Submitted by Brook Stein
The Internet is a wonderful thing. But we all know there are also risks lurking around every corner. We want to protect ourselves from malware and identity theft, prevent third-party trackers and advertisers from slurping our private information and keep our kids safe when browsing. One way to do this is to use a virtual private network (VPN).
VPN tools can offer a range of privacy and security benefits, but features can vary greatly from one to the next. Trend Micro’s local VPN in Content Shield, for example—part of Trend Micro Mobile Security for iOS—focuses on web threats and web content filtering.
Here are some basics on VPNs.
What is a VPN?
Most VPNs provide an anonymous, secure way to browse the web. How do they do this? By providing a secure connection between your computer or mobile device and a server (another computer) run by the VPN provider. In effect, you’re browsing via this third-party computer. This means that the sites you visit won’t be able to track your IP address — they’ll only see the address of the VPN computer.
This is great for privacy. But what about security? Well, VPNs can also provide a secure, encrypted tunnel out to the web. This will protect you from attacks that try to snoop on your connection to banking and other sensitive sites. These attacks are particularly common over public Wi-Fi hotspots, where hackers often lurk, waiting for you to connect to your Gmail or online banking account. They can then do the digital equivalent of shoulder-surfing your account logins or PIN to hijack your identity.
With a VPN, all of this information is kept hidden in that secure tunnel. Some VPNs also claim to protect you by preventing any malware you might accidentally download, which could be hidden in a spam email attachment or a mobile app. Others, like the local VPN in Content Shield inside Trend Micro Mobile Security for iOS, also prevent you visiting fake phishing and other malicious sites.
What does a VPN not do?
However, you must remember that not all VPNs are created equal, so it’s important to do your research before choosing one, as the quality and type of service you receive can differ considerably, as can the features—such as the range of main and mobile platforms supported, the number of simultaneous connections allowed in one subscription, and even smart gear support.
VPNs do not offer complete anonymity. VPN providers can store logs on your web browsing activity — records that, if they keep, they’ll be forced to hand over if requested by the authorities.
Also, do not rely on a VPN as your only online security tool. While some can certainly help, they’re no substitute for good anti-virus and a password manager, and should be used in combination with these and other tools rather than as a substitute.
Is a VPN the same as my private/incognito browser?
No. This is an important distinction to make. Your private or incognito browser might not make your browsing habits as private you think. In this mode, the computer you’re using will not store any data on what sites you search for or what pages you visit, nor will it store any login details or cookies. All that data disappears after you shut down the private window.
This is useful if you’re on a shared computer, as it means the person after you can’t snoop on your browsing history or try to hijack your online accounts. It can also make it cheaper when booking flights or hotels as the providers, unable to track your browser’s cookies, aren’t as likely to automatically raise their prices because they know you’ve visited their site recently.
However, any files you download or bookmarks you create during a private browsing session will be kept. In addition, the private browser mode does not protect you from visiting malicious sites, or downloading malware. ISPs and any other third parties that know your IP address will also be able to track your browsing habits.
VPNs, by contrast, spoof your originating IP Address (like proxy servers) and obscure the content of the web pages you’re visiting, so your ISP or the site owners can’t track it (although the VPN provider might hold these records). The most the ISP can see is that you’re connected to various Internet addresses, but not the kind of information you’re exchanging with those sites.
What can ISPs and VPN vendors track?
In short, without using a VPN, your Internet service provider (ISP) can see all the URLs and content of sites you visit, unless they are encrypted. If the site is encrypted (i.e., the URL begins HTTPS://), your ISP can’t see the URLs or content in unencrypted form, but it may monitor and log your DNS queries, allowing them to see what sites you visit in a slightly different way. Other techniques known as website fingerprinting could allow the ISP to identify what web pages you’re visiting. And ISPs in the US can sell this kind of data to advertisers, and of course hand it over to the authorities if requested.
A VPN can hide this kind of data from your ISP, but some are not as effective as others, plus the tool must be properly configured — making it difficult for many consumers to know if they’re truly protected or not. Another fact to consider is that the VPN provider itself can technically see everything you’re doing online during a session, and it can be difficult to find out what they do with that data. This makes it important to find a provider you trust – many experts advise that users avoid free services.
There are multiple different types of VPN implementation, and in some cases, the encrypted tunnel isn’t quite as impenetrable as consumers would like. Some services also been accused in the past of security flaws that could allow the bad guys into that tunnel, to snoop on your data—so do your homework when deciding which VPN service to use.
Local VPNs vs cloud VPNs
Up until now, we’ve been talking mainly about “cloud” VPNs: that is, VPNs that allow users to tunnel out securely and privately to cloud services on the worldwide web. Another option is one used by Trend Micro: a local VPN inside Trend Micro Mobile Security for iOS. It’s part of the Content Shield function.
Content Shield’s local VPN doesn’t use an encrypted tunnel to connect to a VPN provider’s server out on the web. Instead, a scaled-down web threat and filtering “server” is located on right on your device. When compared to a cloud VPN, this optimizes the speed at which you can browse the web, because typically the local VPN only has to check web data stored on the device rather than connect out to the web every time it checks a website.
Content Shield: Secure browsing and parental controls
In short, Trend Micro’s local VPN focuses on web threat protection and parental controls within the Content Shield in Mobile Security for iOS. It provides highly effective protection from visiting malicious URLs, and filters and blocks inappropriate sites when your kids are browsing. It intercepts search queries and results to ensure your family doesn’t visit any sites which could steal their identity or download malware to their device, and filters URLs according to pre-set parental controls stored on the device. By also checking many of these URLs according to data stored temporarily on the device, it speeds up browsing.
Content Shield works across all iOS browsers and even other apps that might try to load a website, like Facebook, Line, Gmail and others.
For help on setting up Content Shield, see our companion blog: VPN 101 – Part 2: How to Set Up the VPN/Content Shield in Trend Micro Mobile Security for iOS.
To download Trend Micro Mobile Security for iOS, go to the App Store for iOS on your iPhone, iPad, or iPod. You can view the app preview here.