How does a VPN work and is it worth the money?

VPN work and is it worth the money

A VPN (a virtual private network) is a secure connection between your computer and a remote server. It hides your location and provides an encrypted “tunnel” for your data as you send and receive the data to another server. Your destination server detects your location as different from your original log in location.

The term “virtual” denotes the system of software coding that relies only on software—not wiring or hardware. A “tunnel” means that the data you transmit is encased in a packet within a packet. (Packets are portions of data streamed in aggregate.)

Then there is the middle term “private,” which arises from how VPNs are encrypted. Encryption converts information into secret code that can only be deciphered through a key. Encryption is the most effective way to protect sensitive information, especially while data is in transit.

What a great VPN does best

A VPN provides an extra element of security to deceive hackers and government surveillance by:

  • Masking/hiding user data. A premium VPN provider with a “no-logs” policy” will not collect information on the user’s web activity. Free VPN providers and ISPs (internet service providers) in general want to get into the data mining bonanza begun by Google and Facebook. They sell that data to marketers or use it themselves to track and target users for ads, promotions, and marketing.
  • Bypassing so-called geo-blocking. With geo-blocking, host servers can detect the user’s geographical area. If the host has the content, it only wants local users to access; it can block access or refuse to complete an important part of a transaction, for example. Some vendors, ticketing, travel, and auto-rental agencies have different prices, depending on the user’s detected login location.
  • Defeating censorship on the internet. Some governments block their citizens from accessing content considered politically subversive. With a VPN, local citizens can bypass that censorship.
  • Providing deception on unprotected public Wi-Fi “hot spots,” which are spreading worldwide and are prime targets for man-in-the-middle (MITM) attacks.

About man-in-the-middle attacks and what a VPN does to prevent them

A MITM attack can occur when someone uses a public Wi-Fi service and does not have a VPN deals installed on the device. The hacker can access the web traffic being sent and received to/from a third party. The attack can be live, or the hacker can download malware that can execute later.

Hijackers employ strategies to carry out their attacks that are both clever and tech-savvy. For example, MITM attackers can:

  • use a “web pineapple” device or a Windows or Mac network detector to find nearby unsecured networks.
  • spoof a DNS (Domain Name Server) and trick the user into logging into fake websites.
  • steal session cookies, which have your email login information, for example.
  • use freely available “sniffer” software to detect a victim’s online activity to intercept data transfer between the user and receiving server.
  • use a spoofed or faked web application to lure the victim into signing in with authentic user information and passwords

Your best defense against a man-in-the-middle attack—aside from never logging into a public Wi-Fi service—is to load a premium VPN onto your mobile device. That hacker sitting at a nearby table in the coffee shop will know you are online, but won’t be able to get between you and your online destination, because your connection is virtual, private, and encrypted.

Make a VPN an important part of your online security strategy.

Along with loading a premium VPN, make sure you optimize your operating system’s built-in security measures—firewalls, encryption, etc. Also, remember that a VPN is not a virus hunter. You need commercial-grade products like Norton or Kaspersky, which stays well ahead of your operating system’s periodic downloads as new threats occur.

What does a VPN cost?

There are several cost-free VPN services available. They provide free downloads, but then they come with hidden costs to the user in terms of stripped-down functionality, security vulnerability, and exploiting the user.

Specifically, a free VPN will encrypt your connection, but to remain free, the service must rely on ads and other sketchy practices to monetize their business. Many free VPNs sell online client logs to marketers, and some have downloaded spy- and adware to their user’s networks. Some even admit selling free users’ bandwidth to give their paying customers faster service.

Pay a few dollars a month for a premium VPN

Premium VPNs provide inexpensive full-strength services by:

  • Guaranteeing a “no-logs” policy—the user is not tracked; anonymity is protected
  • Providing the best secure connections with 256-bit encryption, twice that of many free VPN services
  • Preventing data leakage if the secure VPN server disconnects from the user—Surfshark, for example, provides a “kill switch” to take down the internet connection before any more data can be compromised
  • Providing a better quality of geo-blocking bypassing/thwarting—Netflix, for example, will typically shut down free VPN servers, but premium VPNs can stay a step ahead by hopping to other locations, not on the Netflix blocking list.


What a VPN does best is to provide a secure encrypted connection that masks the user’s location. Other benefits include bypassing geo-blocking and defeating internet censorship. A VPN will also protect a user from hackers executing attacks at public Wi-Fi spots.

A VPN is but one part of an overall online security strategy that should include taking advantage of your operating system’s built-in security and encryption capabilities. You should augment those features with commercial-grade virus hunters.

A premium VPN service is not expensive and should be used in lieu of a free service. Free VPNs come with hidden costs of intrusive ads and a lower level of security. Premium services like Surfshark protect user privacy with “no-logs” policies, have high-grade encryption, and do a better job bypassing geo-blocking.