VPN stands for “Virtual Private Network” and originally describes a technology that allows you to securely access resources in your private network from anywhere in the world.
VPN encrypts your Internet connection from your network card to a VPN server. This encryption takes place in real time and reliably prevents recording or eavesdropping of the transmitted information. The type of your Internet connection (modem, ISDN, GPRS, UMTS, LTE, cable, leased lines, WLan), the choice of your terminal device or the location where you are, does not matter – your Internet connection is completely encrypted by using VPN.
How does VPN work?
A VPN (Virtual Private Network) is a self-contained subnetwork within a larger IP network in which the subscribers are spatially (sometimes thousands of kilometers) separated from each other. The participants connect to a login server via a VPN protocol (login servers are available worldwide) and receive their own “new (internal) IP after setting up the encrypted tunnel. Since the entire connection to the Internet is now encrypted, computers outside this network can no longer read or change the communication. This ensures that the client computer can securely communicate with selected other computers. This is done via a virtual network card in the customer’s computer.
This network card appears in the operating system as a normal Ethernet adapter and is used by the system as well as the programs in such a way, only the difference that the data transferred via this network card is automatically highly encrypted. In addition, settings of the VPN login server prevent customers from influencing each other, each customer receives its own tunnel and its own encryption.
All sent or received data is then sent to the Internet from the server via a single IP (the IP of the respective VPN login server) – this server IP applies to all customers and again ensures anonymity. If the computer is not connected to a VPN or to a VPN provider that distributes fixed Ips, everyone can be identified by his IP, which is unique worldwide at this moment.
Encryption via the internal, virtual VPN network card ensures that the Internet connection is not transparent for providers, data collectors and other computers in the local network and cannot be assigned to the Internet user.
Surfing with VPN encryption
A “normal” Internet connection such as UMTS/GPRS/ ISDN/ DSL etc. does not include encryption by default: all data you generate (e-mail, surfing, chat etc.) is split into small packets and sent to the recipient unencrypted via the TCP/IP protocol.
Participants in local networks, e.g. public hotspots, can listen to and record this data with simple means. But it is also possible to park close to your apartment and to tap your WLAN via laptop.
The following is an example for illustration:
You are at home and surf via your (only) WEP-encrypted WLan. Your neighbor has Wireshark running in parallel, a free program for analyzing network communication connections, and records everything. Since WEP and WPA are no longer secure, it is easy for your neighbor to generate your WLAN password from the data obtained. The next step is to surf your line and monitor your laptop in real time and receive so much of your private data – your bank/account details, your e-mail access data, what you buy when and where, with whom you chat and so on.
In many countries the Internet is censored by the respective government, so that many offers (e.g. Facebook, YouTube, Wikipedia) are not available. In these cases, the Internet cannot be used to its full extent without a VPN connection, only by activating the VPN will you have access to all content worldwide again.