Unspoken Downsides To VPN Services

Unspoken Downsides To VPN Services

July 9, 2020 Travel Tech Blog 0

While there is no question WiFi security is top of mind for a lot of people when traveling, the most common solution on the market a VPN service comes with some downsides.

If you are not familiar with VPN services or why you might need one, we suggest jumping over and checking out our article on WiFi Risks and Prevention and How Travel Routers Secure WiFi for more about the risks, guidance and solutions.

So why don’t more article about WiFi risk and prevention discuss the downsides of using a VPN service? We cover some of the common downsides, what you can do about it from a real world perspective.

Slow Performance on VPN

One of the number one issues with using a VPN service all of the time is performance. In a practical sense, you may find using a VPN service can cut any WiFi you are using down substantially; add in anonymity services and this can get even worse.

While this is often attributed to the “overhead” of securing the traffic, this is only a tiny piece of the impact to performance. Much of the decline in performance is because VPN services generally route you through different locations to create the secure tunnel. So for example, while you may be in Denver, if the VPN services nearest data center is in Los Angeles all of your internet traffic routes through Los Angeles before getting to it’s destination, even if that destination is in Denver.

This creates a substantial amount of extra distance. And more importantly it limits how effectively the routers across the internet route your traffic. Another example would be if you are in Denver needing to connect to a website in Dallas. The internet may send the traffic directly SE because there is a direct path. But as we’ve noted in our example, if your VPN service is routing you through Los Angeles. So rather than taking the most ideal path, it takes a substantially long path.

If you add in anonymity services that are not well optimized it could get worse. If your anonymity doesn’t operate off of the same services as your VPN you could be route further away. For example, a common Tor location is Fresno. If your VPN tunnel ends in Los Angeles, you may then need to be routed up to Fresno to hide your location. Only then will you get routed to Dallas to reach your destination.

Its not hard to imagine how this can impact your internet performance without even considering the overhead.

Solutions To Slow VPN Performance

Unfortunately the market is still catching up to the problem. Companies must balance the risk and cost of extra data centers with the potential solutions. However, a few tools have started to present some options.

Turning Off VPN For Select Activities

Many VPN packages will allow you to “exclude” certain activities. For performance sensitive activities like downloading video games or streaming VPN packages will allow you to add exclusions. While this does help, it’s generally a manual effort.

Connection Limitations on VPN

There are two types of connection limitations that are common problems when using VPN services. The first is that some services do not allow or limit functionality when using VPN. While most people use VPN services for security, others use it in an attempt to hide their true identities hoping to avoid rules.

There are also a number of content, social and community sites that may have been subject to bots or attacks by users coming from VPN services. There sites also may require you to identify you are a real person when coming from a VPN service.

Even if you are not blocked you might find you have to go through a CAPTCHA or other verification process to validate you are both a real person and potentially even identify yourself.

Service and Website Limitations

For organizations like social websites and streaming services that are weary of VPN services because of their use to circumvent rules, you may find VPN services a hindrance to normal internet usage. You wind up in a situation where you need to balance usability with security.

Netflix is one of the most common sites that limits their functionality or outright will not work with a VPN service. Often people use VPN services to try to get by Netflix’s restrictions on content to certain countries or markets. Since a VPN service can effectively hide a users true location it is understandable they would be hesitant to allow access.

Some sites that limit usage for certain VPN networks:

  • Netflix
  • YouTube
  • HBO Go
  • Hulu
  • Wikipedia

Doesn’t Work With Corporate VPN

Another rarely discussed downside is how you may be limited in your ability to connect to your works corporate network if you use a VPN service. Generally speaking you cannot connect to more than one VPN service at a time.

This is a limitation exists whether you are trying to run two VPNs on the same PC. It also exists if you try to run a VPN on a PC and on a router.

Two VPNs On The Same PC

If you try to run two VPNs on the same PC you won’t work. Worse, the two VPN software packages may actually interfere with each others installation. This can leave you with a significant technical mess to try to resolve in order to get your PC back to functioning. Even then, it’s very likely you will still only be able to have a single VPN client installed on your PC at a time.

Two VPNs On Different Devices

The problem is called double NATing. NAT (Network Address Translation) is one of the methods needed for VPN. This allows your computers real address and identifiers to remain hidden from the websites along the way. When you attempt to hide your address inside another hidden address, its very easy for the traffic to get lost.

This becomes a significant issue if you run VPN on a travel router or third party device that is sharing your WiFi. For example, running VPN on your laptop and then using it to share its WiFi connection with your phone. You either need to turn off VPN for everything or you can’t connect to any other VPN services.

Solutions To VPN Connection Limitations

Turning Off VPN For Select Activities

Many VPN packages will allow you to “exclude” certain activities. For performance sensitive activities like downloading video games or streaming VPN packages will allow you to add exclusions. While this does help, it’s generally a manual effort on most VPN services. Some may not even allow it.

The best VPN services will be aware of the common websites that restrict access and offer proactive suggestions. This can include suggesting excluding the site.

We recommend using this feature with caution. You should never consider it if you are going to share sensitive information, including passwords, especially when connected on Public or Open WiFi networks.

Changing VPN Settings

There are a few settings you can tweak on some VPN clients to improve access to websites and services that limit access with VPN. Some common suggestions:

  • Switch to a different VPN server if your software allows you a choice
  • Changing the protocol to UDP from TCP
  • Use a different type of VPN tunnel which helps mask the use of the VPN software

Using A Router

An under discussed solution is the ability to use a router to connect to VPN. This is particularly helpful when using WiFi when traveling or on the go. There are a few benefits to this.

  • Offloads the work from the device
  • All devices behind the router can take advantage of the benefits of VPN
  • Can help avoid double NATing issues if it can handle multiple VPN routes (only select devices can do this)
  • Helps avoid public WiFi ability to determine if devices are using VPN tunnels

If you are not familiar with how travel routers secure public WiFi access points we definitely recommend look further into it if you are security minded.

Doesn’t Work With Some Free WiFi Networks

Many VPN users are surprised to find that Public and Free WiFi services may restrict them from using their access points when you are on VPN. There are a few reasons for this, but one of the common ones is they collect and sell your information. When you use a VPN they are limited in their ability to identify and track you.

These services may need the information to provide the Free WiFi, that doesn’t change your need to ensure your sensitive information stays private.

Solutions For When You Can’t Connect To Free or Public WiFi When Using VPN

Changing VPN Settings

The options to resolve being unable to connect to Free or Public WiFi when using VPN software is similar to resolving issues with being unable to connect to websites and services on VPN. Some common suggestions:

  • Switch to a different VPN server if your software allows you a choice
  • Changing the protocol to UDP from TCP
  • Use a different type of VPN tunnel which helps mask the use of the VPN software

We should note that these are general suggestions and you should only change them if you know what you are doing. We also would suggest consulting the documentation for your specific VPN client for recommended settings.

Not Totally Secret

Despite claims from VPN services you are not working in total privacy. There is a common assumption that using standard VPN services means you can literally do anything on the internet without being found. This is simply untrue.

This is generally not a concern for users who simply want to protect their identity from unscrupulous people or companies. The majority of internet users would have no reason to be concerned about the details providers could find out about you.

However, if you plan to push gray areas (or worse), then not only is what you are doing potentially illegal, you may not be as isolated as you think.

Your ISP/Service Provider Knows Who You Are

VPN software will mask many of the details of what you are doing online, but it won’t stop your ISP from knowing a few details about you. One big one is if you use your own residential ISP they still know which customer is using their network.

Also, VPNs won’t stop ISPs from knowing your MAC address, which is the unique identified tied to the network card you are using in your computer. Even with a VPN device this information is readily available to your ISP.

When using someone else’s WiFi network this information is also available to them. So even if you are not at home, while they may know less about you it’s still possible to know some details.

Doesn’t Prevent Cookies Or Other Tracking Software

If you are not actively working to block or restrict access to cookies they are still exposed when on VPN services. Websites will still be able to read cookies. If you go to a website which places a tracking cookie, then visit another website, even on VPN with anonymity services enabled, they will still be able to identify you.

To avoid this you’ll need to ensure you limit access to cookies or browse in private mode. Some VPN and anonymity packages will also attempt to automatically restrict identifying cookies for you. However, so much of this is done in the browser you may still want to take extra precautions.

Information Voluntarily Shared With Websites

While it seems like common sense many VPN packages are so hyped up some people still don’t put together that any information you voluntarily share with a website, they know about. VPN and anonymity services do not hide any information you expose. If you type in a username, password or share other personal information in a form on a website or through social media, they will have access to.

Summary

VPN is a very powerful tool. Our own travel router features automatic and integrated VPN. However, as powerful as it is for security and privacy many VPN companies are not straight forward with some of its downsides and limitations.

We recommend finding a product that intelligently helps you manage some of the limitations. Many solutions require trial and errors, or technical expertise. The users who are most likely need VPN are also the most likely to have limited opportunity to work around its downsides.