Photo by Markus Spiske on Unsplash

Do You Need A VPN In 2019?

Yes. No. Maybe. It depends.

What Do You Use A VPN For?

The biggest factor to answer the question in the title is what you use a VPN for.

Encryption

You’re probably reading this over an encrypted connection, wether or not you have a VPN active. That’s because of HTTPS, the secure version of HTTP. Since the necessary certificates for HTTPS can be obtained for free from Let’s Encrypt, many web hosting providers offer the feature for free, and most others offer it for a pretty low price. Because it’s free, and often little hassle for website owners to configure, more and more are opting to do so.

If you’re on a desktop browser, then look at the left of your URL bar. Chances are, there’s a little lock icon there right now. That means the connection between your web browser and the web server is encrypted, and hackers can’t see what’s going on. Even if a hacker attempted to intercept the connection, your browser would show you a big, red, full screen warning message. Unless you’re on a computer which isn’t yours(such as at a library), in which case someone could have technically installed their own certificate, and be routing all traffic through their servers. But, then again, they could just record the screen and everything you type on the keyboard. So, don’t do anything important on a computer which you don’t trust.

If all you want to do is encrypt your web traffic, then you don’t need a VPN.

Hiding Your Web Traffic

Although HTTPS hides what you’re doing on a website, it doesn’t stop your ISP from knowing which websites you’re visiting. The easiest way to know which website you’re visiting, from an ISP’s standpoint(or at least what I think the easiest way would be, if I were an ISP), is by monitoring your DNS requests. In order for your computer to load a website, it needs to know which IP to send a request to. Since remembering a bunch of numbers isn’t exactly ideal, most websites you visit will have a domain name. But, the domain name is mostly for you, the user. Your computer still has to know where to send the request. That’s what a DNS server does; your computer requests the IP address for a domain name, and the DNS server responds with it.

If you didn’t change any settings, you’re probably using your ISP’s DNS server(s). Since they run it, and know your IP address(as they are the ones who gave it to you), it doesn’t take a genius to figure out which websites you visit. Even if you don’t use their DNS servers, the protocol used for DNS requests isn’t encrypted by default. As you probably know if you’re wondering whether or not you should get a VPN service, anything unencrypted can be at the very least seen by anyone in between you and the server. At worst, that information can be modified without you realizing. The solution to this is simple: encrypt DNS traffic. Luckily, DNS over HTTPS exists, and does encrypt your DNS queries. But, even that doesn’t solve your problems because of reverse DNS. Similar to how your computer can get the IP address of a service from its domain name, there is a way to get the domain name from the IP address. Technically, there isn’t a guarantee that every IP address will return the correct domain, but it will work for some websites.

If you want to hide your web traffic from your ISP, then use a VPN.

Bypassing Geo-restrictions

You pretty much need a VPN or proxy to do this for you. A lot of services that geo-restrict content do so by checking your IP address. Therefore, a VPN or proxy routes your traffic through a server, changing the IP address the service can see.

If you need to access content blocked in your country, there’s probably a reason it’s blocked. But, if you must, you’ll need a VPN.

Accessing Devices On Different Networks

This is what a VPN was designed for in the first place. If you need a way to access your devices across different networks, you can either set up port forwarding, or use a VPN. Since port forwarding means anyone can access those devices, you’re probably better off using a VPN. At least with a VPN, hackers will need to crack the authentication for that before mounting any attacks against your actual devices. That being said, if all you need is remote access to your computer, there are other tools you can use. Probably the easiest one is Chrome Remote Desktop, because you most likely already have a Google account. But, in general…

To securely access your devices across networks, use a VPN.

Overall

When in doubt, use a reputable VPN service. Assuming the VPN service itself isn’t spying on you, I can’t think of any situation in which you’d be worse off by using a VPN, except for the fact that it makes your connection slower. But, if all you want is to be sure no one is tampering with your connection, a browser extension such as HTTPS Everywhere should do the trick. For extra security, consider using a DNS service such as 1.1.1.1

Speaking of VPN services, did you ever consider setting up a VPN server yourself? Luckily, I made a tutorial for that: