Can you be tracked with a VPN in today’s day and age? Of course – in theory. Speaking of real-world scenarios, however, it’s highly unlikely that your very own virtual private network is under any direct threat.
Naturally, that doesn’t mean you shouldn’t educate yourself about the limitations of VPN technologies, just so that you don’t end up falling in that old trap of paranoia turning into a synonym for ignorance, as Hunter S. Thompson once famously wrote.
The limitations of VPNs
To understand how a VPN can fail to protect your online identity and browsing habits, you first need to realize how it does its magic in the first place. Or, better said, you must never forget that VPNs were designed to serve as masks, not invincibility cloaks.
No data tunneled through a VPN can feasibly be stolen on its travels in a usable form. Brute-forcing a 256-bit key would require countless supercomputers running at full power for aeons. It’s hence perhaps ironic how that impregnability comes at a cost of discretion.
So, don’t act confused after you get a call from IT inquiring about suspicious online activities if you’ve been using an unauthorized VPN at work. IT people have essentially spent years being conditioned to be upset by any volume of information being moved for no apparent reason.
Coincidentally, random data patterns are precisely what a system administrator would see if someone in their domain was messing around with a VPN. As good as they are at hiding the contents of your online sessions and keeping you, yourself anonymous, VPNs often won’t so much as attempt to hide their true purpose
That’s not an issue when you’re surfing from home because even though your ISP can see that you’re using a VPN, that’s where its influx of user activity data gets cut off. On the other hand, it’s probably best to avoid ramming a giant “HEY, I USE A VPN SIGN!” in the middle of your office cubicle for IT to find. That’s pretty much how using a VPN on your company’s network plays out.
The fact that there is a world of difference between someone tracking a VPN and tracking you through it means that truly catastrophic scenarios aren’t all that common. End-to-end encryption, a crucial component of every VPN connection, renders data packets useless to anyone but their intended recipient.
Therefore, if an evil hacker or a devious sysadmin wanted to e.g. steal your Internet browsing history, their options would be rather limited and mostly come down to a man-in-the-middle attack in some shape or form.
That’s the number one reason you shouldn’t assume a VPN is working as intended if you’re using it on a company-issued device. Chances are, you’re running so much hideous malwar… I mean, enterprise-grade apps that your employer can probably tell what you had for dinner if they really wanted to know.
Computers deployed within large organizations also usually allow remote access to IT personnel, meaning they are the exact polar opposite of what a privacy-mindful person would want to use to access the Internet.
The importance of trust
Finally, don’t forget that nothing’s preventing VPNs from keeping customer activity logs and selling them to the highest bidder or four. Most claim they don’t do that, true, so just make sure you’ve done your homework before trusting your sensitive information to some sketchy service incorporated in a third world country.
After all, even some of the so-called “logless” bunch of VPN services were revealed as scams in recent years, so stay vigilant.
To summarize, you don’t need to be worried about somehow being traced through a VPN. Yeah, yeah, the fear of doxxing is real, but if someone truly manages to identify you based on something you did online while connected to a VPN, you probably weren’t hacked insomuch as socially engineered into a proper muppet.
This isn’t meant to argue VPNs are a perfect technology; they’re not. But their decentralized nature does a lot to limit the effects of any actual security mishap that might happen on your or your provider’s end. Case in point – the NordVPN breach.
With that said, if you’re truly concerned about being traced via your VPN, perhaps it’s time to double down on the idea, or at the very least start avoiding services with dedicated IPs which sacrifice a lot of privacy for some extra convenience.
“Can you be tracked with a VPN?” was written by Dominik Bosnjak, a long-time VPN-user-turned-advocate who spends more time scrutinizing VPN Providers on a daily basis than he’d like to admit. When he isn’t writing VPN Guides and covering general Tech News, he’s probably spending time with his dog, video games, or both. Fun fact: the Shih Tzu in question is the only remaining creature in Dominik’s life who hasn’t told him they’re sick of him talking about Best VPN practices and government-sponsored erosion of digital privacy which made using the Internet less convenient over the years. He occasionally dabbles in video editing, Wall Street memes, and demonstrating a remarkable lack of guitar-playing ability.
If you want more tidbit-sized rants about any of those things, you can find him on Twitter @dddominikk.