A virtual private network (VPN) is a vital tool for maintaining your privacy on the internet. It prevents your internet service provider (ISP), and by extension your government, from seeing what you do online, and it helps prevent the websites you visit from uniquely identifying and tracking you across the web by hiding your real IP address.
Learn more about how a VPN works
However, many people are somewhat hazy about how exactly VPNs work, and what they can and can’t do. In this article, we’ll look at some of the most common myths, half-myths, and misunderstandings that surround VPNs.
- VPNs keep you secure
- VPNs protect you from hackers on public WiFi
- Self-hosting your own VPN is better for privacy
- VPNs dramatically slow down your internet speeds
Myth: VPNs keep you secure
Reality: VPNs main purpose is to provide privacy on the internet, rather than security.
VPNs were originally developed to secure corporate resources, allowing employees to securely access company servers from home or remote offices. Proton VPN for Business(yeni pencere) continues this tradition of keeping businesses secure with our 21st-century version of the old corporate VPN: dedicated servers. However, this is not what most modern VPN services offer (including Proton VPN, outside of our Proton VPN for Business plans).
The reason for this is HTTPS, the encryption protocol that secures the internet. When you connect to a website that uses HTTPS, the connection between your device and the website is securely encrypted so that no one except the website owner can see what you do on that website.
Most browsers will indicate that a website uses HTTPS with a lock icon in the URL bar. Tellingly, Chrome has stopped doing this because Google no longer considers it necessary
Thanks to HTTPS, it’s safe to do online banking and pay for stuff online using your credit card; VPN not required.
Until around 10 years ago, it’s true that most websites were not secure (although that would not include banking and e-commerce sites that could expose sensitive information). Back then, using a VPN did improve your online security. But it’s no longer true. Globally, around 85% of websites use HTTPS, but those which don’t are mainly amateur sites that are obviously not secure. The danger these pose to most internet users is minimal, so you no longer need a VPN to protect your online data.
Learn more about how HTTPS keeps you safe (but not private)(yeni pencere)
A VPN also hides your real IP address from anyone on the internet, and it’s sometimes argued this improves your security because if a hacker can’t see your IP address, they can’t hack you. While there is some truth in this, the reality is that this is simply not a major attack vector for hackers.
Myth: VPNs protect you from hackers on public WiFi
Reality: HTTPS protects you from hackers on public WiFi, but we still need a VPN to stop public WiFi hosts from selling your browsing history.
Again, there was a time when using public WiFi was genuinely risky. Hackers would hang around public areas, setting up evil twin hotspots and using WiFi sniffing(yeni pencere) to intercept your unencrypted internet traffic.
But as discussed above, for the last few years there are basically no websites dealing with sensitive data that aren’t secured using HTTPS. This means even if you inadvertently connect to an evil twin hotspot, the person running the fake hotspot can’t know anything you do on the websites you visit. Using public WiFi is therefore much safer than it used to be.
However, HTTPS keeps your connections secure — but not private. It prevents criminals from seeing what you do on a website (including any passwords or payment details you enter), but it doesn’t prevent your ISP or public WiFi host (the person or business who operates the WiFi hotspot you’re connected to) from seeing which websites and services you connect to. And in this age of ubiquitous surveillance capitalism, where everything we do online is monitored and used to target us with ever more personalized ads, this is valuable information.
There is a reason many public WiFi networks (many of which are operated by commercial third-party companies) require you to provide a valid email address and agree to an intimidatingly long and impenetrable terms of service (ToS) agreement before allowing you to use their “free” WiFi. They’re selling your browsing history to advertisers. Using a VPN prevents this.
There’s also a growing trend for governments to buy data(yeni pencere) collected from public hotspots to feed into their mass surveillance. In the US, for example, the 2024 National Defense Authorization Act(yeni pencere) greatly expanded the governments powers to surveil Americans(yeni pencere).
Myth: Self-hosting your own VPN is better for privacy
Reality: Self-hosting does almost nothing to protect your privacy
When you connect to a VPN, the VPN provider can see the same kind of data that your ISP could when not using a VPN, including your real IP address and the websites you visit. And like your ISP, your VPN service can see your unencrypted internet traffic (although this isn’t a major concern, thanks to HTTPS). So on a purely technical level, you’re transferring trust from your ISP to your VPN provider.
However, while your ISP has zero interest in protecting your privacy (ISPs can even sell your browsing history to advertising and analytics companies), reputable VPN services keep no logs and have a business model that entirely relies on preserving your privacy. At Proton VPN, we also perform regular external security audits of our open source apps and of our no-logs infrastructure. But a level of trust is still required.
Those skeptical about VPN services often recommend running your own VPN server instead, on the basis that you don’t need to trust anyone but yourself. Assuming you have the technical know-how and host your VPN server on a secure platform (such as hardware your physically own, or an encrypted bare-metal rented server — most rented servers can be accessed by the server provider, who has no motivation to protect your privacy), that much is true. But…
When you use a commercial VPN service, you’re sharing a VPN server (and therefore IP address) with potentially thousands of other users. Even if a VPN service keeps logs, correlating one of these users with the actions of someone using that server’s IP address is hard. And it’s effectively impossible if the service keeps no logs.
On the other hand, if you run your own VPN server, the IP address of the VPN server uniquely identifies you to every website you visit. If you run your server from home, it will be your home IP address. If you rent a remote server, its still easy for websites to identify and track you, and your server provider has your billing details.
So running your own VPN server does almost nothing to protect your online privacy.
Myth: VPNs dramatically slow down your internet speeds
Reality: If you use a good VPN nearby server, you’re unlikely to notice any slowdown
Using a VPN will slow down your internet, but if you use a good VPN service (like Proton VPN), this slowdown will be minimal. The main factors that affect your internet speeds when using a VPN are:
Encryption overhead
VPNs encrypt your internet traffic to enhance security and privacy. The process of encrypting and decrypting data requires additional computational resources, which can, in theory, lead to a slight decrease in speed. However, all but the most low-end modern devices can encrypt and decrypt VPN data with ease, making any slowdown very theoretical in practice. This is especially true when using modern lightweight VPN protocols such as WireGuard®.
Server distance
When using a VPN, your data has to travel an extra “leg” to the VPN server before being routed to its destination. The physical distance between your device and the VPN server will therefore affect your internet speeds. The farther away the server, the higher the latency (the time it takes for a data packet to travel from your device to a server and back), and the slower the connection.
However, if you’re using a good VPN service and connect to a server that’s geographically close to you (say, within the same country), this slowdown will be minimal enough that you’re unlikely to notice it. Proton VPN also mitigates against this issue with our unique VPN accelerator technology, that hugely improves speed performance when connecting to VPN servers a large distance from you.
Some VPN services offer a “double-VPN” feature (for example, Proton VPN offers Secure Core). These can improve your online privacy by preventing timing attacks and providing additional security should one of the VPN servers become compromised, but your data is now traveling two (or more) extra “legs”, at least one of which may be over a considerable distance. For example, we only operate Secure Core servers in Switzerland, Iceland, and Sweden, because those countries have very strong privacy laws.
Double-VPN solutions will therefore slow down your internet connection much more than using a regular VPN connection, and should only be used if your threat model(yeni pencere) demands it.
Server load
If the VPN server you are connected to is overloaded with users, it can become congested, leading to slower speeds. High-quality VPN services like Proton VPN offer a large number of VPN servers to distribute the load more evenly.
Unless you specify otherwise, we’ll always connect you to server with a low load, so this issue is unlikely to affect anyone with a paid Proton VPN plan. We also clearly show each of our servers’ loads in our apps, allowing you to manually select a server with less demand.
If you’re on our free VPN plan, we’ll also try to connect you to the nearest free server with a low load. However, our free servers can sometimes get busy, which is why they are often not as fast as our Plus servers.
So if you use a good VPN service and connect to a nearby VPN server that isn’t overloaded, using a VPN will have a minimal effect on your internet speeds. Of course, the same is not true if you use a no-name “free” VPN service that runs a couple of VPN servers on the other side of the world from you.
Final thoughts – a VPN is a great privacy tool
A commercial VPN service is an all-but-essential tool for preserving your online privacy in a world where ubiquitous surveillance is the norm. It won’t protect you against hackers stealing your bank details (mainly because HTTPS has made this function redundant), but it will help keep what you do online to yourself, do it without compromising your internet experience, and do it a lot better than rolling your own VPN solution.
