Eli5: How do VPNS work and why are they considered safe? Couldnt the network Im connecting to not just read out all my passwords etc.?
In: Technology
It depends.
A VPN is just a secure connection between two endpoints. The security of the connection is pretty damn invincible, to be honest, for any practical purpose. The identity of the endpoints is also guaranteed (i.e. someone else can’t just pretend to be either end of the connection, if you have it set up properly).
The problem lies in that one endpoint is YOU (and that can be a security risk in itself, as your network and computers also have to be secure) and the other endpoint is… who? Some random third-party provider that you don’t know? There’s the problem.
VPNs, however, can be used to connect YOU to YOUR WORKPLACE. Both endpoints are well-known, so the VPN is useful and secure. I VPN into my own servers remotely. I know both endpoints are secure, hence everything is good.
But using a commercial VPN provider, say to bypass geographical restrictions on media playing, or to torrent or whatever… there you are trusting that other endpoint to not snoop on you and to also pass on your traffic to/from the wider Internet without modifying/snooping it.
VPN is just a secure connection between two endpoints that trust each other. If that trust is misplaced, there’s nothing the VPN can do for you. When you use a VPN you just have a secure connection to the other end of the VPN. That’s all. Beyond that, whatever that endpoint, or the wider Internet, does with that information is beyond your control. All you can be assured of is that nobody snooped on your traffic between your endpoint, and the other endpoint.
P.S. A VPN encrypts all network traffic that is sent over it, and decrypts it at the other end. Effectively it “joins” the two networks together as if you had put a cable between them, even if they are thousands of miles apart, and does so in a manner that an eavesdropper couldn’t see what traffic was being sent or received. It’s pretty much identical to a secure website, in that respect, and even uses the same kinds of key-exchange, authentication (i.e. checking that the endpoints are who they say they are), encryption, etc. as a secure website. Some VPNs even operate over a secure website connection rather than directly over the Internet, too.
Latest Answers