Photo by You X Ventures on Unsplash

Don’t share your VPN!

Something as trivial as sharing access to your VPN with a relative or acquaintance may appear to be a nice gesture (which it is, don’t get me wrong). But, in reality, you may be jeopardizing the sustainability of your VPN service.

Disclaimer: This post is based off the premise of hosting your own VPN service and sharing access to it with your friends. That being said, it wouldn’t be far-fetched to expand this premise to encapsulate sharing access to big-name VPN services such as ExpressVPN.

Let’s take a step back for a moment to talk about the underlying details of how a VPN works. To put in laymen terms, a VPN works by encrypting all your (in-transit) data and then sending it off to some VPN server. This server, just like every other internet-connected device is assigned a unique public IP-address that will distinguish it from every other computer.

The main advantage and popularity of using a VPN in 2019 is to enhance one’s online privacy! VPN’s increase privacy by encrypting all the data being sent from your computer to the server. This means that no one on the same network as you, or your ISP (Internet Service Provider), will be able to snoop on what websites you’re visiting. This is of course assuming the VPN has been configured properly and does not leak your DNS requests.

VPN’s essentially hide whatever you’re doing from anyone who has access to the network , such as the administrators of the networks. This makes them incredibly popular in environments where your network activity is monitored and filtered. To clarify, I’m talking about where the network administrators block access to certain websites or a certain group of websites (e.g. dating, games, explicit content… etc).

Basically, the VPN will come in and mask the websites that you’re visiting, allowing you to simply remove the restrictions placed on the network. This will allow you to play your games and visit your JDate contestants, without the worry of receiving any interruptions from those pesky network administrators.

Every single time you visit a webpage, assuming you’re connected to the VPN, your browser will request the said information from the VPN server. The same logic applies to increasing the number of users connecting to the said VPN server.

To reinforce this, imagine that you have five users on a network that are all connected to the same VPN server, and browsing the internet. All of their internet traffic will travel through the same VPN server. If you don’t see how this is a problem yet, keep reading!

Let’s dive a little deeper, and say that these users are all still connected on the same network, but this network happens to be a school network, where the users are primarily concerned with unblocking websites that allow them to play games. As we said before, the users are all sending and receiving data from the same IP address.

Here’s where the problems arise!

The first problem: Let’s say that the network administrators have deployed tactics to monitor the network for unusual traffic to uncategorized servers (basically, it’s not recognized in their database of whitelisted servers). Now, in theory the network admins could simply have the said tactics configured to automatically block the unusual traffic (e.g. not email or internet traffic) to this server.

If this were the case, you and your friends would no longer be able to play your games, or visit your possible date contestants. You would be S.O.L. until you switched to a different VPN server. Eventually, the same thing would happen again because of the amount of people contributing to the unusual traffic to the server.

The second problem: Network administrators may also deploy tactics in order to track users who send requests to a certain server. They may do this in order to find out who is really behind the VPN server, because it is against the Wi-Fi policy to use a VPN on the network (read the captive-portal’s terms-of-use).

The network administrators can track users and find out who they really are by logging various details about a computer when it first connects to the network, unprotected by the VPN at this point. They can log details such as the hostname of the machine, the MAC address of the machine, and even the Operating System of the machine, all in order to figure out who is behind the VPN server.

Now, this may seem unreasonable if only one person is connecting to a given VPN server, but if half the school is connecting to the VPN server, they may just start reprimanding random users, by trying to figure out who’s who.

The third problem: In this case, let’s say that the network admins have received a report from the FBI, stating that a certain IP-address that has been somehow (it’s possible) located to this network and has committed illegal, fraudulent activities! It just so happens that this IP-address belongs to your little circle of friends sharing a VPN. If nobody would hone up to the crime, it would more than likely be dispersed among all of the suspects.

This problem does assume that you and your friends are the only users of such a service though, because it would be many many times harder to pinpoint who did-what if thousands of users were connected to the given IP-address.

Albeit I’m willing to admit that the third problem is way less-likely to occur, as opposed to the first or second problem!

Is Sharing Actually Caring?

Many of us have grown up to our mothers and fathers saying that “Sharing is Caring!” But, I’m afraid this just isn’t the case when it comes down to your VPN service. Next time you think about sharing your service, ask yourself if it’s really worth it.

Thanks for reading the entire post. I urge you to pat yourself on the back right now!

If you enjoyed the post (No affiliate marketing! Woo-hoo!), and would like me to continue my postings to Medium, please consider supporting me on Patreon.