How VPN Works
A Virtual Private Network (VPN) is typically used to allow an employee access to a secure corporate network.
However, with the Riseup VPN, we use the same technology to allow everyone greater security when accessing the public internet. This type of VPN is called a personal VPN.
In a normal internet connection, all your traffic is routed from your computer through your ISP (Internet Service Provider) and out onto the internet and finally to its destinate. At every step of the way, your data is being recorded and is vulnerable to man-in-the-middle attacks (the danger of this is much less if you are using a secure protocol like https).
With a personal VPN, your traffic is encrypted on your computer, passes through your ISP and on to the VPN Server. Because the data is encrypted, your ISP has no knowledge of what is in your data that they relay on to the VPN Server. Once your data reaches the VPN Server, it is decrypted and forwarded on to its final destination.
With the personal VPN, if your data is not using a secure connections then it is still vulnerable from the point it leaves the VPN Server. However, by routing your data through the VPN server, you have acheived two important advantages:
- Your data is protected from blocking, tracking, or man-in-the-middle attacks conducted by your ISP or network operators in your local country.
- Your data now appears to use the IP address of the VPN server, and not your real IP address. Most websites gather and retain extensive data base on this IP address, which has now been anonymized.
Because your traffic appears to originate from the VPN Server, the recipient of your network communication does not know where you actually reside (unless, of course, you tell them).
In the case illustrated above, the website in California thinks that the laptop in Brazil, the laptop in Europe, and the giant cellphone floating over Canada are all coming from New York, because that is where the VPN server is.
The Riseup VPN shares some limitations common to all personal VPNs:
- legal warning: If you live in an non-democratic state, it may be illegal to use a personal VPN to access the internet.
- location info: Using a VPN on your mobile device will secure your data connection, but the telephone company will still know your location by recording which towers your device communicates with.
- Device Security: A VPN helps secure your information while in transit on the internet, but it does not secure your information while in storage on your computer or on a remote server.
- An insecure connection is still insecure: Although Riseup VPN will anonymize your location and protect you from surveillance from your ISP, once your data is securely routed through riseup.net it will go out on the internet as it normally would. Therefore, you should still use secure connections (TLS) when available (ie https over http, imaps over imap, etc).
- VPNs are not a panacea: although VPNs accomplish a lot, they can’t fix everything. For example, it cannot increase your security if your computer is already compromised with viruses or spyware. If you give personal information to a website, there is little that a VPN can do to maintain your anonymity with that website or its partners. For more information, see VPN anonymity.
- The internet might get slower: the Riseup VPN routes all your traffic through an encrypted connection to riseup.net before it goes out onto the normal internet. This extra step can slow things down. To minimize the slowdown, try to choose a VPN server close to where you actually live.
- VPNs can be difficult to configure: Although we have taken steps to make it as easy as possible, any VPN introduces extra complexity to your networking setup.