Internet privacy issues are rising, and VPNs are widely advertised as the only answer to protecting your Internet from companies and hackers, government websites, advertisers, and other sites from our online lives. Don’t believe the hype. VPN will shield your online connection from all those organizations and more.
It accomplishes this by encrypting your internet traffic and redirecting it through remote servers before it reaches its final destination. Your ISP can only observe the traffic moving through its network but cannot see the content or its final destination. After the traffic leaves the server, websites and applications cannot trace the origin of the traffic more than your VPN server.
The kinds of logs available and the way they’re utilized
VPN logs contain information service providers collect about the use of their services. If you’re wondering what they might keep, it is essential to remember that your VPN provider can access every activity on your Internet. Therefore, everything you and your ISP typically see is accessible to your VPN provider. If providers were to log and store the entire data they collect in their servers, they would not be offering an appealing service and could lose many customers. The absence of logs is one of the most prominent selling points provided by various companies to attract customers.
The fewer logs, the more attractive the service will be. That brings us to frequently used assertions regarding “no logs,” “zero logs,” or “logless.” Of course, you shouldn’t believe these claims as they are. Some providers claim that they don’t have any logs; however, most of them maintain some logs. The confusion arises because there are various kinds of records they could keep. You must dig deeper into privacy policies or the terms of service to discover the details being stored.
Another thing to remember is the duration of the logs are kept. Some providers delete records automatically after 24 hours, while others may control the data for longer or even a long time. From the standpoint of the user, the latter is more beneficial.
A thing to keep in mind before examining the different types of data logs is that you’ll often see mentions in privacy policies regarding cookies and tracking on the provider’s website. This is distinct from VPN use and integral to every online business.
Logs and VPNs
Logs for VPNs are not a good thing. One of the main reasons for VPNs is to conceal your online activities, and keeping a record of all your online communications hinders that goal. In the end, if the VPN kept track of the logs, any person with the power to access it could request them and find out what VPN clients would perform.
In the end, most VPNs declare themselves to be zero-log VPNs, which means they don’t keep any logs. Whether they keep their promises is an entirely different issue. Numerous instances show VPN services capable of producing some record whenever police give an order. But, even taking the most effective VPNs as an example, what are they doing to remove logs?
How VPNs Destroy Logs
In essence, there seem to be two ways to remove logs. The first is less about destruction and more like pulling them to the darkest, deep void, while the other involves not creating them initially.
Writing to /dev/null.
Most VPN servers run Linux, which is an excellent choice for various reasons; among the main reasons is a particular file called”/dev/null. The file is described as the “black hole” by nearly everyone. It’s a data file that, when you write details to it, will likely be deleted and disappear from your system. There’s no record of it, and it’s unlikely to come across again as it’s gone, like it didn’t exist.
This can be useful for numerous reasons, but it’s crucial in the context of VPNs. Instead of writing logs to parts of the system that contain information in the first place, the VPN is set to record the log information to /dev/null and then cast it into the vacuum. Mullvad clarifies some additional aspects of the technology in its privacy coverage.
After speaking to some VPNs with the highest efficiency available, it is apparent that the market is moving away from /dev/null and toward the absence of logs. The coverts were lifted by ExpressVPN in the past when it re-examined its TrustedServer expertise and involved using a specific type of server that relies on random-access memory (RAM).
These servers, which are based on RAM only or diskless, do not have a long-term storage capability. What logs exist are kept in the server’s RAM and only last for a short period. There is evidence of the connection in the RAM, but they’re erased after the server reboots. ExpressVPN restarts weekly, for instance, while other providers may have an individual timetable.
Logs of traffic
And, perhaps the most important is the fact that we have logs of our traffic. In the case of VPNs, they are the most harmful type of record. They contain web traffic content, including browsing history, downloaded files purchased, messages sent, and the software used. In reality, nobody should ever consider using a VPN that has been found to have these types of logs. This is a massive deterrent to one of the primary goals of using the VPN initially in the first place: privacy.
There are various reasons why these logs may be retained, but the primary reason is to earn money. This is why it’s crucial to be cautious about free VPN services. They must make profits, and data is precious. Information that helps build a user’s image is unique and could be offered to advertisers or another third party. In the worst-case scenario, hackers or snoopers might gain access to the logs and expose you to attack. Notably, the leak of personal data can result in identity theft.
No Extra Logs?
The above assertion is not feasible in an array of tightly-knit VPN providers, but it appears that diskless servers will be the norm, in the long run, not less than. In an electronic email, NordVPN confirmed it uses this technique, and Mullvad is changing to this way of handling things. Personal Web Entry’s NextGen servers also run on RAM only.
Whether there’s an issue writing to /dev/null or this transfer is done solely because of rational concerns. RAM-only servers run as fast as lightning and could cope with more visitors faster than a drop in speed, as well as not recording logs. This is excellent information for VPN users and providers, as faster speeds should attract more potential customers.
In reality, there’s the security that the diskless servers provide. Because any VPN ought to be able to prevent it from happening, or not less than a great deal more difficult–to keep logs, even if the VPN is required to do so, there’s further protection in a system which relies heavily on the trust of customers in their provider.
Why You Should Care About a VPN’s No-Log Policy
The information gathered from your VPN usage can let other people learn much about your personal information. VPNs may sell your personal information to third-party companies for marketing even if you do not visit suspicious websites and believe you don’t have anything to hide. This is deceitful when a website claiming to protect your information instead sells it to third parties.
There are certain logs that the VPN must not keep in any way:
- The messages you transmit and the notices you receive.
- The websites you browse.
- The services you are using.
- Your IP address from the beginning.
Certain conditions could alter the logging policy of a VPN—for instance, the country in which the VPN was established or its country of incorporation. The laws regarding data retention vary, and some states require VPNs to keep logs for a specified time if law enforcement officials need access to the records. Data surveillance alliances such as those of the 5-9 and 14 Eyes are just one reason certain states are more tolerant of privacy than others. Countries such as the US and the UK agree to keep track of and share citizens’ data online with other states.
However, some VPNs claim to be zero-log providers but keep the usage logs or connection logs. For instance, some popular VPNs such as Windscribe, Betternet, and ThunderVPN claim that they don’t keep track of usage but store connection logs.