Understanding VPNs
A report of my exploration on how well I understand VPN tech.
Background
Sometime in October, Nigerians made their discomfort with the state of affairs in the country known to the government through public protests. The government did not respond favorably.
The nature of the protest was largely decentralized. Several groups and individuals supported these protests, though. One of them is the Feminist Coalition. I mention them in particular because, in the aftermath of the demonstrations, the government sought to identify and punish “those they could identify” (for the avoidance of using the term, leader).
Soon after, the Feminist Coalition mentioned that their website was being censored by the government, still is as of today, Dec 11, 2020. It is accessible via VPN though. And now, we’re at the crux of the matter.
During the protests, several folks said to install and use VPNs to prevent the government from “censoring” us. The narrative was that VPNs would prevent the government from “taking away the internet”!
As at that time, I couldn’t quite agree with that notion, even though I did not know enough to argue against it. I installed one but didn’t use it. Its use came, though, when the Feminist Coalition announced their website being blocked. I turned on the VPN and they weren’t lying.
Still, I couldn’t reconcile the “taking away the internet” part. Your VPN depended on your internet connection being available, and the government still has reasonable control over that. I just had to (re-)learn the details of the internet and its limitations. At least in the context of how VPNs work.
Internet Service Providers
The first bone of contention.
I’ll relate/simplify them to a router on a local network. Say, two networks.
Network A has the Johnsons on it. Network B has the Starks on it. Each “network” is their router, the family’s. To connect both networks, creating an inter-network, you just need to connect both routers.
Now, in the event that a family’s router fails, or rather, the connection between both routers fail, they would be cut off the “inter-network”. Their networks will work fine but they won’t be able to reach the other family’s.
Using that example, say, the Stark Big Brother wanted to prevent his siblings from connecting to the media player on the Johnson’s network, all he needs to do is block the resolution of that device’s IP address. Or at least, that’s one way, simple way, to go about it.
I’ll relate a VPN then to an “allowed” device on the Johnson’s network, that the Stark’s network “allows” a connection to. This device can then connect to the Johnson’s media player on behalf of the Stark siblings and route traffic back and forth. But you see, the effectiveness of this is dependent on the network connection between Johnson and Stark still existing and the Stark’s network “allowing” that other device.
That pretty much summarizes, quite abruptly too, the purpose of this note. I’ll recap how I got to that understanding.
How VPNs work
Doing internet research on that topic, I came across an analogy that stayed with me but just felt so wrong.
It related a VPN to an “underground” system of tunnels a person can use to avoid surveillance on the regular roads. That is, if there were people outside of your door watching when you come out and go in as well as where you go to, then you could travel underground instead and nobody will be the wiser.
The problem with this analogy is that it creates another Internet Service Provider. A better parallel would be using a tinted car and telling surveillance that you were going to your friend’s house. When you get to your friend’s house, you go where you need to go, and when you need to go back home, you use the tinted vehicle parked at your friend’s place.
These images, from my investigation, show what I’m talking about.
In the images above, the VPN is off. Traffic is normal: DNS, TCP, and UDP. Making requests to and receiving from different devices on the internet.
Here the VPN has been turned on and it’s attempting to connect to the “proxy” server.
And here, the VPN is connected. It now stands between me and all internet traffic.
Private VPNs then, following the same analogy, will require you to be specific about which house you’re going to proxy from as well as a keyphrase to allow you entry into said house.
Censoring and taking away the internet
The VPN provides an alternative, a possible method to circumvent restrictions. I can’t lose the thought of the government turning off the internet for its citizens, but now I know VPNs would not help against that.
The solution to that, having as an alternative an ISP that does not go through a government-controlled exchange point.
Cheers.
— Deji Joseph