[ELI5] how do VPNs work?
Imagine the internet was good old fashioned snail mail. If you sent a letter to The Pirate Bay, your mailman could see that letter in your outbox and know where you’re sending it to. They could also see the letter coming back from The Pirate Bay and know you’re getting a response.
With a VPN, it’s kind of like you putting your letter to the Pirate Bay in a different envelope and sending it to your friend Nord. Nord will then open up the outer envelope, take the real letter, and send it on. The reply from The Pirate Bay goes back to Nord. Nord then puts that response letter in another envelope and forwards it back to you, where you open both envelopes. Your mailman sees a lot of letters from Nord, but not from the Pirate Bay.
All a VPN is doing is doing is wrapping your network traffic in a way that it gets sent via the VPN provider. If this is a work VPN, then really that’s more of a mechanism to forward stuff to inside your corporate network. If it’s something like any of the VPNs that sponsor a billion YouTube videos, the end goal is to keep your ISP from spying in you, and perhaps to route your traffic to appear to be coming from a different country for Geolocked content.
VPNs are just an encrypted remote tunnel into a private network such as your home or business network.
What is sold to the public as a “VPN service” for “privacy” and “security” does neither of those… it just provides you with an encrypted tunnel into the provider’s network where they can look at your traffic before sending it out to the internet.
Using a VPN is often called “tunneling” – if you imagine your standard internet connection as going outside and driving to the store, someone could see that your car left your house, drove to the store, and came back.
A VPN is like an underground tunnel, instead of driving on the public roads, you drive through this underground tunnel and pop out of the exit where a bunch of other people are also popping out in cars that look just like yours. If someone was watching your house, they might notice that you went into the tunnel and came out a while later, but they wouldn’t be able to see into the tunnel to know exactly where you’re going, and anyone watching the exit of the tunnel wouldn’t know which car is yours.
Slightly less ELI5: Your connection, rather than going directly to your destination, (i.e. Reddit) first gets encrypted (can be seen but not understood by 3rd parties) and goes to a VPN server which is shared with many other users. Then, you are connected to your destination as if you came from that VPN server. It makes it more difficult to determine which packets (information transferred on the internet) belong to you.
Imagine your Internet traffic as a handwritten letters you’re sending and receiving. Normally you mark them with the return address of your home and mail them from your personal mailbox, but for security you may not want to do this. So you hire a company and use their address as yours on your letters. When then get a letter for you, they put it into a different envelope and send it to you. When you want to send a letter you mail it to them with a note of the actual address you want to the mail sent to. Then, they make a new envelope with that address and mail it for you from their address.
A VPN is this hypothetical company. It acts as a disconnect between the website you’re trying to access and your router. This hides your computers Internet protocol or “IP” address from the websites you visit, which makes it more difficult for anyone with bad intentions to find and access your computer.
Imagine your friend ask you to pass a message to their crush but you cannot tell from whom it came from. Unless you’re being spied on or thoroughly interrogated, their crush wont know the origin of the message.
Now, you’re the VPN, your friend is the client and their crush is the server. Reimagine.
A VPN (Virtual Private Network) is a tool used to securely connect a device like a laptop to a remote network.
Ostensibly they were invented to allow people to work from home while treating their device as if it was in the building.
VPNs created encrypted tunnels where the traffic to and from your devices are encrypted (scrambled in a way they can be unscrambled) to prevent eaves dropping.
Imagine living in a world where someone in the post office actively opens your letters and reads them. A VPN scrambles the contents of the letters to prevent them from being read unless you know how to unscramble them. That way the post office can open the letters all they want but they can’t understand them.
Recently VPNs have become popular as personal protection.
These types of VPN primarily serve to help hide your identity online.
You sign up for the service and you create a secure tunnel from your computer to their service somewhere on the web. Your web traffic travels in an encrypted form to their services, is decrypted, and then is sent to the website from there while appearing to originate from their server somewhere in a datacenter instead of your laptop.
They sell this as ‘protecting your computer from eavesdropping’ which is kinda BS. Technically they do that, but the actual reasons to use a VPN have nothing to do with this and they can’t exactly advertise it as such.
The real reason to use a VPN is to get around Geo-blocking and government/corporate level censorship. The fact that they advertise that they “do not log activity of their customers” just shows this is the case.
Because your traffic appears to be coming from the IP of the VPN service in another country you can get around things like Netflix’s geo fencing and watch TV shows not available in your country.
Or if you live in a country that has strict laws against porn for example you can use a VPN to appear to be in the US to get around that.
VPN services have been criticized for positioning themselves as a security service that doesn’t do what they claim it does. Yes it can make you a bit more anonymous online but not really. Particularly if you are still logging into a service or paying for it with your credit card. Using one doesn’t actually make your day-to-day surfing any more secure.
Also arguably they are a big problem because they are used by hackers to hide their activity, because if you are using such a service along with thousands of other people it’s that much more difficult for your illegal activity to be traced back to its source.
Imagine you want to tell someone a secret, but you don’t want to do it directly because you don’t want to reveal your identity.
Instead of telling it directly, you tell it to a friend you trust and let them pass this information to that person.
That’s what a VPN does. The VPN server stands between the internet and your PC or phone. Instead of accessing the internet directly, all the data flows through that server in both directions.
Basically all Internet data is sent in little packages called packets. Think of these like letters in the mail. The have a to and from address so you can communicate. A VPN is basically a service that sits in the middle and reroutes traffic from various addresses to other addresses. So basically I write a letter to YouTube from my local computers IP address. But I’m using a VPN and the VPN gets that letter. Notes down my IP address and replaces the from on the letter with their own address and then send it. YouTube gets the letter and replies with the video you want to watch but they think the VPN sent the letter so they send it back to the VPN. Once the VPN receives it the look back at what your original from address was and send it back to you.
So from your browsers perspective it asked for video and received one. From the VPN perspective it intercepted you requesting a video, fetched it for you, and gave it to you. And from YouTubes perspective some random server somewhere asked for a video and it sent it one. Now the great thing about this is YouTube no longer knows who is asking for the info. This can help you anonymously browse websites. You can also get around country restrictions for things like Netflix. Basically if Netflix only shows X movie in Europe you simply need to have a VPN that is physically hosted in Europe. Then when you ask Netflix for the movie it will think some European server is asking for it and allow you to watch it despite being in another country
Imagine the Internet is an ocean and your internet traffic is a boat. Everyone can see the boat, they can steal your boat, they can even make a copy of your boat and pretend to be you.
Now instead of a boat, imagine you have built a secret tunnel under the ocean and that is what you use to travel from one point to another. People can see the tunnel but they can’t see inside it.
A VPN is an encrypted tunnel from your device to another point.
A sewer pipe usually carries all kinds of nasty. What if you fed a flexible garden hose into your neighbour’s toilet, and popped it out yours? You could carry fresh water pipe inside an otherwise tainted pipe…and the city would be none the wiser.
This actually made sense.
Going on a tangent here, but it really annoys me that practically every VPN advertises that you can watch geolocked Netflix content. Netflix tracks and blocks the IP addresses of most major VPNs, so these companies are committing blatant false advertising.
Since you used the example of the pirate bay, I know the VPN would mask the traffic to and from the actual website, but if you then got a torrent from there and downloaded something (obviously something totally legal and not copyright infringing since we’re all good law abiding citizens here) would the VPN also mask that traffic? Or would the ISP (and any potential big media companies) still be able to see what you were downloading and send your a cease and desist letter? (If you were downloading something illegal which we’ve already established no one would ever do)
Would that not be a proxy ?
I understood VPN more as you sending from “VPN corp” in a VPN enveloppe. So the mailman only see a company sending among other mail to that one
So the VPN company knows my address?
So Nord would know you’re communicating with The Pirate Bay. Which means you’re not really anonymous.
VPN seems kind of pointless knowing that.
This is the right answer
One can use a service like privacy.com to mask their credit card number.
In summary, a VPN hides who you are and where you’re connecting from, while also protecting your data from prying eyes.
It hides your point of origin, but doesn’t necessarily protect identity. For example: a VPN user could be identified using a browser fingerprint.