What VPNs Actually Do
VPNs DO
- Encrypt traffic between you and the VPN server
- Hide your IP address from websites you visit
- Prevent your ISP from seeing what sites you visit
- Bypass geographic content restrictions
- Protect on untrusted networks (public WiFi)
VPNs DON'T
- Make you anonymous (you shift trust to VPN provider)
- Protect against tracking cookies and fingerprinting
- Secure your accounts if passwords are weak
- Protect against malware or phishing
- Hide that you're using a VPN
Choosing a VPN
Key Criteria
- No-logs policy (verified by audit)
- Jurisdiction (privacy-friendly country)
- Open-source clients
- Independent security audit
- Anonymous payment options
- WireGuard or OpenVPN support
- Kill switch feature
Recommended Providers
Mullvad
No account, accepts cash, audited
Best PrivacyProtonVPN
Swiss, Secure Core, free tier
Good ChoiceIVPN
Audited, open source, privacy focus
Good ChoiceAvoid: Free VPNs (they sell your data), VPNs with aggressive marketing, VPNs based in surveillance-friendly countries.
When to Use VPN
Use VPN For
- Public WiFi networks
- Hiding activity from ISP
- Bypassing content restrictions
- Preventing IP-based tracking
Use Tor Instead For
- True anonymity requirements
- Hiding from well-resourced adversaries
- Accessing .onion sites
- Whistleblowing or sensitive journalism
Proper Configuration
- Enable kill switch (blocks traffic if VPN drops)
- Disable IPv6 or ensure VPN covers it
- Use VPN's DNS servers
- Check for leaks (ipleak.net, dnsleaktest.com)
- Start VPN before other applications
leak-test
# Check for DNS leaks
Visit: dnsleaktest.com → Extended test
Should show only VPN's DNS servers
# Check for WebRTC leaks
Visit: browserleaks.com/webrtc
Should NOT show your real IP
Important Limitations
Trust Shift
You're trusting VPN provider instead of ISP—choose wisely
Not Anonymous
VPN + browser fingerprinting = still trackable
Payment Trail
Credit card payment links VPN account to you