VPN - Virtual Private Network
  • is a private network that allows you to communiate over Internet privately.
  • it is like your home/ office private network, where you can transfer data between computers accross the router. Nobody outside the network can see those data. The "virtual" part of VPN is that your private network is protected because it is physically separated from the Internet. A VPN, on the other hand, is inside the Internet and is protected by encryption.

Imagine you are browsing your favourite website in a coffeeshop via their free wifi. Your connection to the website server will look like this:

There are a few actors can potentially steal your data, given that the website you are browsing doesn't employ https and the coffeeshop's wireless router use a weak encryption standard.

  • wireless router
  • ISP
  • anyone between your ISP and server's ISP
  • server's ISP

If you use a VPN service, your connection will be like this:

So, a few potential evil actors are prevented like: wireless router and ISP because the data flow between your browser and VPN server is encrypted and hidden. The only thing they can see is you are connected to a VPN server.

However, as you can see on the diagram, there are still red arrows, which imply unencrypted - unsafe connection, that means if you are transferring sensitive data via a VPN, you are not safe.

That is where HTTPS play its roles.

HTTPS - Hypertext Transfer Protocol Secure
  • is a protocol the web browser use to communitate with websites
  • it ensures both parties (browser and website) are who they say they are and data being sent is encrypted and hasn't been modified in transit.

So Https give us an end-to-end encrypted connection, so powerful, why not use https all the time and forget the VPN?

VPN has a few advantages over HTTPS:

  • HTTPS needs to be enabled on both your browser and on the website you visit, while a VPN will always work as long as you keep it on.
  • A VPN secures all online communications coming from your device, while HTTPS only provides encryption between the website and your browser over port 443 of the website. Many website on the Internet only use HTTP protocol over port 80.
  • Using only HTTPS, the ISP can know which website are you trying to access, imagine your internet provider knowing that you frequently access a dirty-secret website. Using VPN, what ISP know is that you are connecting to a VPN server.
  • Since VPN act like an intermediary between you and the website, it can bypass the censorship and you (your ip address) remains anonymous to the website. So, VPN can be used to accessed restricted content on the Internet (e.g. access Facebook, Google from China). You cannot do such thing with HTTPS.

The last advantage of VPN remind me of Proxy server

Proxy server
  • is a server that acts an intermediary for request from client seeking resource from other servers.
  • in some sences, proxy server is similar to VPN. The differences are:
    • Proxy server does not encrypt your data.
    • It is cheaper.