You’ve purchased a subscription to a VPN, and you’re confident that you can now carry out your online activities in privacy. Maybe you’re using the VPN to bypass Geo-restrictions on your favorite content streaming services, or to ensure your security when you use a public Wi-Fi at a library or coffee shop.
However, are you aware that there are some experts who believe that there is a chance that VPN technology—at least in its current form—might be in danger of becoming obsolete? Like many VPN users, we were also skeptical the first time we heard the idea, but after carrying out research, we found seven problems that VPNs are currently working on to make sure they don’t die out soon.
The NSA might have enough technology and expertise to infiltrate VPN connections
Let’s begin with the most unsettling fact: the NSA might be in possession of technology that can break into your VPN connection.
Most 1024-bit encryption relies on the Diffie-Hellman cryptographic key exchange. It has, however, been discovered that this technology relies on a limited set of prime numbers, and the NSA is currently exploiting this flaw to decrypt encryption.
According to researchers, the NSA can passively decrypt connections to 25% of all SSH servers and just a bit more than 66 percent of VPNs worldwide by breaking one common 1024-bit prime. The agency can passively monitor connections to almost one-fifth of the top million HTTPS websites by breaking a second prime. In short, a single massive investment in mammoth computation would open the door to monitoring trillions of connections that were otherwise impenetrable.
Of course, Snowden had already warned us about this when he revealed the capacity of the agency to eavesdrop on connections before recent researchers published their findings. Therefore, your VPN is not 100 percent secure, but it is still among the most powerful tools in your privacy and security arsenal.
Internet Service Providers can block VPN connections
You might be among the numerous people who use Kodi to access a server with content that is blocked in your country or region. Or perhaps you’re simply interested in watching your favorite TV shows in private. With a good VPN, you can get around blocks put in place by Internet Service Providers (ISPs) to access such servers.
Does this affect all VPN users? Well, many people have complained about this issue on Kodi forums and Reddit. You can determine whether you’re affected by trying to stream a TV show or movie using your VPN. If your attempt is unsuccessful, but all other unencrypted online activities work just fine, then your VPN has likely been blocked.
Also, bear in mind that if you’re in the US, ISPs can now monitor your online activities and sell your personal data. VPN providers are working on improving their technology before it is surpassed by the technology used by ISPs.
Free VPNs are destroying the reputation of the industry
Our experts carried out research and extensively tested free VPNs that seem to be worth trying. These, they discovered, were few and far between. We do not recommend using them on a long-term basis. You’re far better off using a premium VPN service.
Sure, it feels great getting a service for free, but the vast majority of free services exhibit a disturbing disregard for the privacy policies at the core of the industry as many of the free services store and pass along your personal data to advertisers. Even worse, these free VPN services appear to be casting the entire industry in a negative light.
You need not be too worried about this, though. A number of free VPN services are actually operated by premium VPN providers. So, considering their attitude towards free customers and the evident effect these services are having on the industry, these providers may eventually pull the plug on free VPNs, which appear unable to operate with complete transparency.
Known server addresses of VPNs are targets for Geo-blocking
VPNs used to easily get around Geo-restrictions. That’s not the case nowadays.
Let’s say you’re a US citizen with a US-based Netflix account. You travel to the UK for the holidays, and thanks to Geo-blocking, you can’t watch all the TV shows and movies you have access to while at home. Thankfully, you can use a VPN to bypass these restrictions, making it appear as though you’re accessing Netflix servers from your home country. All you need is a VPN provider with servers in the US and you can watch whichever shows you want.
However, Netflix—along with a few other streaming services—have employed technology that makes it increasingly difficult to connect to their servers. For example, previously, you could easily avoid the polite error message aimed at people from restricted regions by using a UK-based VPN to access the streaming service website. These days, however, many of the VPNs that used to work can’t get around the restriction.
The reason is that content streaming services are blocking a growing number of VPN servers. They do this by checking the VPN and noting their server addresses, then blocking their access to BBC iPlayer and Netflix, among others.
100 percent logless VPNs are not a guarantee
The VPN industry is highly competitive. So to get the attention of potential customers, many VPNs will promise anything as long as they can get away with it. One of the most common promises is “no logging”. It makes sense: what would be the point of paying for privacy when your personal data and identity can be obtained using logs?
In reality, logless VPNs are never absolutely free of logs. Many VPN providers use third-party servers, and these leased servers usually keep a log of a variety of data. Therefore, even though a VPN provider may stay true to its policy of never log your activity, there’s no guarantee that the actual owners of the servers won’t maintain a log.
The implication of this is that there might always be a log of your activity on a server somewhere. Chances are that the log is harmless, and your online activities are not a cause for concern. However, considering what we’ve learned up to this point, this is another reason to check your activities even if you use VPNs.
Furthermore, some server logs are required for maintenance of the server. In the complete absence of logs, a VPN would not be unable to distinguish between users with different packages, troubleshoot connections, prevent abuse, and handle DNS requests.
Your personal data can be mined without your knowledge
Granted, it is highly unlikely that a well-established VPN provider with a strong reputation will do this. However, even if they did, you have no way of knowing. And in the age of insanely cheap VPNs, you can be certain that these companies need to generate revenue one way or another.
Well, one way to generate a revenue is by mining user data and selling it to marketers and advertisers. In other words, spammers. We already accounted for this possibility when we mentioned free VPNs, so it’s not behavior that one would expect from a VPN provider that charges for its services. Nonetheless, cases of companies betraying the trust of their customers are not unheard of.
A subscription VPN service can make a few extra dollars by sharing some information about its users, who then get a few extra spam ads without noticing. This is, however, not what you signed up for. Your top priority is private browsing, not personalized ads.
100 percent anonymity is not a guarantee
As mentioned earlier, recent research has revealed that the NSA has for a while now been able to break into the most common types of encryption. As a result, VPNs may not be able to guarantee anonymity in absolute terms. However, this is not limited to just the NSA.
One of the major problems with many VPN services are DNS leaks and IP leaks. Beyond the trust issues we’ve seen earlier in this article, there’s one more problem that is often overlooked: Your VPN can only offer privacy and security between your device and the VPN server. Beyond that, you can be identified, and not just by the account with which you log in. If the traffic between the VPN server and your destination website is not encrypted, anyone can read it.
Add to that what we already know about how government agencies handle encryptions and you have cause for worry. Perhaps the greatest concern is that VPN providers can see a user’ destination. Sure, they may not know exactly who among their users is visiting those websites, but the fact remains that they know which websites those are, and that should be unsettling enough.
What are VPN providers doing about this?
According to some experts, the future of VPNs is in peril. We’ve only scratched the surface of the problems above, but the real issue isn’t just addressing these seemingly impossible difficulties. It is clear that VPN providers need to develop new, better technology.
Several VPN technological advances are already underway. Protocol obfuscation is one such solution. It is, at least in theory, more secure than current HTTPS/TLS/SSL systems. In other efforts, developers are working on a way to integrate VPNs directly into your operating system and strengthening connection authentication. The universal advocacy for HTTPS is also helpful.
However, the most important step that VPN providers can make toward improving privacy might be their approach to TOR. Currently, the most powerful privacy and security tool online integrates VPN and TOR. Granted, VPN-over-TOR is slow, but experts expect that increasingly speedier connections by ISPs will soon overcome this problem. A growing number of people are using TOR, so it is reasonable that it be combined with VPNs for maximum privacy.
Failure to adopt these and other technologies may spell imminent demise for VPNs, leaving us all at the mercy of bad actors!