The primary function of a Virtual Private Network (VPN) is to enhance your online privacy and security. It should do this without slowing your Internet too noticeably. Performing a VPN test or two can help you ensure that it's up to the mark.
VPN privacy test
Your Internet Service Provider (ISP) assigns a unique IP address to your router, the device that connects the computers, phones, and tablets in your house to the Internet. Every device in your home that connects through that router uses its IP address on the Internet. The IP address is allocated from a pool of addresses your ISP controls, so it can change from time to time, but it probably doesn't change very often.
IP addresses are necessary for getting your Internet traffic to the right place, and getting the responses back to you, but they have a couple of drawbacks:
- They are allocated geographically, so they can be used for a form of crude geolocation.
- Because you have to tell all the websites and services you use what your IP address is, it can be used by advertising and tracking services to track you across the web, either on its own or as part of a fingerprint.
When you use a VPN, you create an impenetrable, encrypted tunnel between your computer and your VPN provider, and then join the Internet from one of your VPN provider's computers. This protects your privacy in a few different ways.
- Because your connection joins the Internet from your VPN provider, you use an IP address assigned by your VPN provider, rather than your router's, on the Internet.
- The encrypted tunnel between you and your VPN provider stops your ISP, rogue Wi-Fi hotspots or other interlopers snooping on your traffic. In particular it stops them looking at your DNS traffic, which can reveal which websites you're visiting.
Part of a VPN's privacy protection comes from hiding your real IP address, so it's important to understand that IP addresses can "leak". You can leak your IP address via DNS, if your DNS traffic passes through the encrypted tunnel where your ISP can't see it, exits your VPN, and the goes back to your ISP's DNS servers for resolution.
You can also leak your IP address via WebRTC, a real-time communication protocol your web browser uses for things like video calls.
Checking for basic IP address leaks
- Ensure that your VPN is disconnected and visit a search engine like DuckDuckGo. Type "what is my IP address." Hit enter and then note down your IP address.
- Launch your VPN client and connect to a VPN server. Double-check to see that you're connected and note down your the IP address the VPN has given you (if it tells you).
- Repeat step one and note down what your IP address is now. If your IP address hasn't changed from step one, your IP address is not being masked. If it matches the one you picked in step two, your IP address is being masked.
Testing for DNS and WebRTC leaks
Even if your VPN passes the basic IP leak test, you should run tests for DNS and WebRTC leaks. You can test for IP address leaks via DNS on websites like DNSLeaktTest or DNSLeak. You can test for IP leaks via WebRTC on websites like browserleaks.com. You may have to disable WebRTC to stop the leak.