Our Take on VPNs and Privacy Services
Most of us want some kind of magic bullet that will keep you safe online, protect you from scams, and keep your activities on the web private. And we know that many of you are seeing advertisements for VPNs on TV and the Internet.
The acronym VPN stands for Virtual Private Network. There are dozens of VPNs available. Norton/Lifelock (with a VPN) and Nord VPN have advertised extensively on TV, spending millions of dollars in the process. This tells me there’s a lot of money to be made by scaring people with a lot of half-truths and downright prevarication. And sadly, it tells me that fear sells. It’s too bad that so many companies feel they have to scare you to sell a product.
Let’s briefly discuss Virtual Private Networks (VPNs). A Virtual Private Network or VPN certainly has a place, especially if you’re living in a country where certain sites are blocked or if you’re working from home and your employer requires a secure VPN connection. But for most of us, VPNs are not necessary.
A VPN cannot and will not protect you from:
1. Malware
2. Installing sneaky browser extensions
2. Scams
3. Identity Theft
VPNs can lie and misrepresent their services and you have no way of verifying their claims. VPNs can claim they don’t log your Internet activity but log it anyway. And some VPNs claim they don’t sell your personal information but sell your information anyway.
VPN services can be hacked.
“…Leading consumer VPN service provider NordVPN announced today (Oct. 21) that one of its servers had been hacked. But the damage may be worse than NordVPN wants to admit, and rival VPN providers VikingVPN and TorGuard may be affected as well.
In what seems to be a related matter, TorGuard has sued NordVPN, possibly twice. It alleges that NordVPN tried to blackmail TorGuard by threatening to reveal stolen trade secrets, and that NordVPN orchestrated distributed denial-of-service (DDoS) attacks against TorGuard’s servers. (TorGuard is not affiliated with the Tor Project that provides anonymous web surfing and hosting, and NordVPN denies the allegations.) …” (Tom’s Guide )
While Lifelock is not a VPN, I want to touch upon it since it claims it can protect your identity. Not only is that a highly questionable claim, but the price you see advertised for Norton with Lifelock of $9.99 monthly is also misleading. The commercial touts Lifelock will protect your identity with a one-million-dollar guarantee. BUT… if you want the million-dollar protection, it’s not $9.99 monthly, it’s $29.99 monthly for the first year, and $34. 99 thereafter. That adds up to $359.88 for the first year and $419.88 per year after that. You could buy a nice new car for those kinds of monthly payments.
Norton recently bought LifeLock. We have worked on Norton-protected computers that were rife with malware and PUPs. And Lifelock claims it can protect your identity, yet it has been sued several times for failing to prevent identity theft.
FTC Sends Checks Totaling More Than $31 Million to LifeLock Customers
LifeLock Class Action Challenges Identity Theft Protection Promise
Now Back to VPNs
But I digress… let’s get back to VPNs. VPNs make a lot of claims – most of them are not completely true.
“VPNs Protect You From Ad Tracking”
VPNs will mask your IP address and make you relatively invisible to your ISP, but they will not block the millions of other ad trackers on the internet. Ad networks generally use cookies instead of an IP address to identify you, so if you’re using a VPN to get away from ad tracking, you’ll be sorely disappointed. Worse, some VPN providers actually serve up their own ads or sell your browsing data. The most notorious example of this was Hola Better Internet, which users caught injecting its own ads.
If you want to block ad trackers, you should use privacy-focused browser extensions like uBlock Origin and Privacy Badger. These will prevent ad-trackers from following you around and won’t slow down your web browsing like a VPN does. (Lifehacker )
VPN offers complete anonymity
The goal of a VPN is to offer online anonymity via the encrypted tunnel to a secure server. And the high level of 256-bit encryption that better VPNs offer can be very difficult to break. This leads to the myth that the VPN user is completely anonymous online.
However, it is not that simple, and really a VPN makes the user ‘more anonymous’, which on face value is a bit of an oxymoron, and rather like saying someone is ‘almost pregnant’. You must realize that a VPN is not impenetrable, and encryption can be broken – it’s just a matter of how much in the way of computer resources need to be applied to the decryption process.
Additionally, VPNs can keep some kind of log of the user’s activity for a time period ranging from weeks to forever. These logs can be subpoenaed, and the VPN will respond to these lawful requests, thereby not providing anonymity. Basically, when it comes to users looking to commit a crime via a VPN, the VPN provider has no interest in becoming a partner in this type of unlawful activity (nor should they). (Techradar)
A VPN keeps you safe
A VPN is an important tool to keep a user more anonymous online, with their communications staying private and not public. However, relying on a VPN as your only security tool is quite foolhardy. A VPN is not a substitute for an antivirus program, nor does it keep your browser safe and secure.
Just like having a security alarm system in your house is not a substitute for locking the front door when leaving your home, realize the limitations of a VPN, and consider it only one piece of the puzzle when it comes to putting together a comprehensive security package for your PC. (Techradar)
Using a VPN will not make you safer. It will not prevent you from being tracked. It will not protect you from identity theft or scams. It will not protect you from malware.
If you are thinking about buying a VPN service (or Norton + Lifelock) think again. Never let anyone scare you into buying something.
Thank you for this in depth account of VPN’s. And especially linking it to the Norton/LifeLoock ( as I see it) scam. I’ve been paying attention to LifeLock, in particular, since it first appeared on a TV commerciel where the guy’s social security number was painted on the side of a van as if in a “dare”….”Go for it. Steal my identity”. Well. evidently several did..and successfully. Google it.
I find the willingness of Norton to even associate it’s reputation, as tainted as it has become, with LifeLock.
Norton used to be a reliable and thorough AV. It’s been resting on its laurels for years.
What I find most disturbing. is that consumers are willing to pay hudreds/thousands of dollars without even 5 minutes of substantiated background research on the internet before they sign up……it’s all there. So why don’t they even look……amazing!!!!
Hi regarding VPN for watching TV programs from other countries which is fine
I also use Emisoft , does the VPN s actuality block the security programs
I do actually turn of the VPN after watching the program
Regards
Bill
VPNs do not block your antimalware/antivirus program.
Thank yuou for a very informative article.. I will not waste my money on a VPN. Nor would I install Norton. It is as invasive as as malware.
The only program that I will ever consider is CloudEight and Emsisoft! Amen!!!
Apparently there is one VPN that lives up to its name.
PIA VPN does not log anything.
And you believe that? You believe that at your own peril. The only proof you have that they don’t log is they say they don’t. Can you prove they don’t keep logs? See this article…
Zero Log VPN? Your No Log VPN is Lying to You
Thank you for the informative article.
No I can’t prove that they do not log.
I can only make my decision based on the proof provided ,
a clip of a court record. and their word.
Do you Log? …
https://www.privateinternetaccess.com/helpdesk/kb/articles/do-you-log-2
Trust at your peril. Do you think a VPN, when subpoenaed by the authorities would actually allow themselves to be complicit in a customers’illegal activity? If that VPN was served a warrant for the identity of one of their customers, who hid behind their VPN thile selling drugs, for instance, do you not think that VPN would quickly come up with the identity of the user? Or do you think the VPN would accept responsibility for criminal behavior and allow themselves be prosecuted? All for a few bucks a month?
Thank you for the valuable info.
It was greatly appreciated.
Have a great day!
I bought a watch-exercise tracker that offered a VPN. Since the clock is wrong by 2 hours and 10 minutes and the calendar is a year or more incorrect I think I’m expected to use the VPN which I don’t trust. The only records are the ones I write down before bed.
Can I test it and then delete it safely.
Mae
Mae, I do not know what exercise tracker or what software it is using or even what app. I have an app on my phone that tells me what the weather is for my location and a compass app neither would work if I have a VPN unless I overrode the location. A VPN is basically a proxy server. Removing the VPN would not affect the operation of the device, in fact, it would probably make the connection faster.
Hi TC & EB,
Thank you for the article.
In Australia (as I am a Brit) the only VPN I will use after I tested every one of the ‘recommended’ Top Ten was Express VPN, the only one not geo-blocked for connection to the the BBC and ITV in Britan.
(despite the un-true sales pitch of other VPN’s)
The risk of being tracked/hacked is offset by the great range of programs on offer from both companies compared to the ad-filled, low grade, pathetic programs on Australian TV.
It is amazing in 2020 that extremely weak excuses prevent most people in the world from watching TV in any and every country’s TV shows without having to theoretically , “Jump through hoops sideways”, to watch well-made, interesting shows for a few hours in the evening.
This is an extremely misleading take on VPNs, not all are liars. In fact, quite a few VPNs have undergone audits by reputable 3rd-parties to verify their zero-logs policies. And others have had their zero-logs policies confirmed via court cases. ExpressVPN, for example, has now moved to RAM-disks which makes it impossible to store logs on any server, and more VPNs are following suit: https://restoreprivacy.com/no-logs-vpn/
You also tend to confuse security with privacy. VPNs are primarily a privacy tool, not a security tool. The main reason VPNs have gained in popularity is because of governments interfering with and censoring of the internet. VPNs are way to regain the freedom of the net for all users… as it should be. Potential VPN users just need to do their due diligence and check them out thoroughly before committing. Not that different to choosing any other software really.
You’re so wrong on many levels. The ones who are misleading are the ones who are selling VPNs. Anyone can hire someone to do an audit at a point in time. All VPNs keep logs.
And I don’t confuse privacy and security. VPN advertising promises privacy and security. VPN companies constantly mislead. There is not one VPN company based in the USA that will not keep logs and who will refuse to identify a user for illegal activity when faced with a court order, a warrant, or a subpoena. Feel free to check out the privacy & security claims made by a couple of VPNs for example, who do a lot of TV advertising. Are you saying they don’t try to confuse privacy & security? NORD VPN. NORTON VPN.
It really aggravates me when people make false claims to generate fear to sell something. And read this about how VPNs lie about keeping logs.
I am not saying VPNs do not have their place. When using public Wi-Fi or when required by an employer, if content in a country is blocked and you want or need to access that content, but for the vast majority of our readers, VPNs are not necessary.
And you are so wrong on many levels. PricewaterhouseCoopers , for example, is not just “someone”, it is one of the leading and most reputable accounting firms in the world who would definitely not sully their reputation by producing an audit report that was not 100% truthful.
“All VPNs keep logs”. Totally inaccurate. You are confusing “data” with “logs”. Yes, all VPNs do collect a certain amount of data but if that data is not retained then it is not logged – a log is, by definition, a permanent record. For example; in the article you linked to, the author is discussing Astrill VPN whose privacy policy he quotes and which clearly states:
“Our system keeps track of active sessions – connection time, IP address, device type and Astrill VPN application version during the duration of your VPN session. Once you disconnect from VPN this information is removed permanently from our system”.
“removed permanently from our system”. If that is not a no-logs policy I don’t know what is. So, not only is the author selectively highlighting only those parts of the privacy policy that back up his own assessment, he is also ignoring that part of the privacy policy which clearly contradicts his assessment.
When VPNs mention ‘security’ they are talking about the encryption technology they employ, I would have thought that for someone of your experience that would be obvious.
I agree that some VPNs do make outrageous claims but for you to lump all VPNs together as untrustworthy is neither accurate nor fair. I guess we’ll have to agree to disagree.
First of all, you missed the point of the article – but that might be my fault for rambling.
Before generalizing, I think you should consider your reference to PwC (PricewaterhouseCoopers) to support your argument. PwC is not the paragon of virtuous infallible audits as you would have us believe. They have been accused of fraud several times, and even cursory research would have revealed that. See this article, for example, about sloppy auditing practices at PwC. There are more articles about problems at PwC.
Ifs funny how you play semantics with logs. According to you this VPN you refer to – the paragon of all VPN services, logs you while you use their service, but they delete them when your sessions end. Really? You believe that? I was born at night, but not last night.
So you’re saying if you’re selling illegal drugs online and you’re using that VPN service, that they’ll tell the FBI… “Sorry G-man, but we don’t know anything. We can’t help you! we don’t keep logs!” Right. Well, let’s say the VPN you refer to is not located in the USA and therefore not subject to U.S. laws. Are you a legal expert who knows the laws and regulations of the country in which the VPN is located? Nord VPN has its headquarters in Panama for example.
I don’t know what your agenda is or why you’re trying so hard to sell our readers on VPN services. The point of the article was not to point out that all VPNs are shady, scurrilous outfits out to trick you, the point, had you read it was to inform our readers so they are not motivated to buy something they don’t need and which can never provide the privacy or security claimed by the numerous VPN advertisements on the Internet and television as well as the ads running on radio and in the print media.
A VPN will not stop users from being tracked. A VPN will not prevent identity theft. A VPN will not stop malware, hijacking, or hackers. A VPN will not prevent you from being arrested for conducting illegal activities online. Those were the points of the article and I’ll stand by those claims.
VPNs have become a multi-billion-dollar industry. Many technology-oriented sites and blogs seem to be recommending this VPN or that VPN for this or that reason. Ane whil3e, I’m sure, many believe what they write, I can’t help but think another motive is encouraging people to buy a certain VPN service because a commission is involved. There’s nothing wrong with that, but there’s a lot wrong with filling people’s heads with nonsensical stuff like VPNs protect your identity, keep you anonymous, save you from hackers, and so on.
For further reading may I suggest you read this?
VPN might not protect you from everything, but it definitely helps you with secure connections. Also, it has more features it can be used for not only for security. Of course, every VPN differs, but I’m quite happy with mine: https://surfshark.com/use-cases
No connection is secure because someone sees it. And someone logs it. Whether that be your ISP or your VPN provider.
I’m curious, what they will do to our data? I heard they sell it to big companies.
So what’s the best solution for data logging? should we use Tor Browser?
I can’t say what any company will do, generally, they sell data as data = money.
I enjoy British TV but I live outside the UK. Over the years I have used a VPN without encountering any the ” very high risks ” After using many different providers I have (upto now ) ExpressVPN to be the best I have used. Do not mess around with the free version but go for the Premium. You get a months trial which is more than enough time to try it out
We have never said there were any “high risks” in using a VPN. We said that people who use VPNs because they think VPNs can stop malware, phishing, viruses, ransomware, or identity theft should be aware that VPNs do not protect the user from any of those thing. These beliefs come from false advertising by VPN companies
You can use VPNs when traveling to keep from exposing your IP address and keep your connection on public Wi-Fi safer or use a VPN to access content that is blocked. For instance, if the U.S. government were to ban TikTok, anyone using a VPN would still be able to access TikTok by connecting through a server in a country where TikTok is not banned. But we never said using a VPN is dangerous or carries any high risks. The only risk I see is someone believing the false advertising the VPN services generate.