As people become increasingly aware of the importance of protecting their personal data online, privacy and anonymity considerations have become central elements of any effective security setup. In most cases, this means installing a Virtual Private Network (VPN) alongside a firewall and antivirus software.
A VPN service can be used to encrypt the data you send and receive online. By running your connection through servers located internationally, not only will your IP address be hidden from third-parties, but your location will also be masked. This means that you can appear to be logging on from anywhere in the world, which has the added benefit of allowing you to sidestep geo-location checks and enjoy iPlayer or Netflix when traveling.
VPN services also provide end-to-end encryption, so even if a malicious third-party did get their hands on your data, it would be unusable.
While a VPN has many benefits, it is not a set-and-forget solution to online anonymity. From incorrect setup to leaks and other issues, there are a number of ways that your IP address could be leaked even if you are connected to a VPN. For this reason, it is vital that you know how to monitor potential leaks and which tools to use.
DNS leak
One of the fundamental elements of the internet is the Domain Name System (DNS). Essentially DNS is the equivalent of a phone book. While people browse the internet using domain names, the devices themselves communicate using IP addresses. The DNS converts between the two so that traffic is directed to the correct location.
However, this can cause issues for VPN users. Devices can sometimes automatically route a DNS request through your real IP rather than the one you were assigned when logging into your VPN. This means that your location and activity could be revealed without you even realizing. Often this is the result of default settings that can be adjusted, but as many people may not realize there is an issue until it is too late, it is vital that you are proactive to make sure that it doesn’t happen to you.
The first step is to use a tool like HMA!’s DNS leak checker. This will reveal the IP address you appear to be using to connect to the internet. If this address is not the one provided by your VPN, it might mean that you have a leak.
A simple step you can take to prevent DNS leaks occurring is to select Open DNS in your network adapter settings. This will mean that your ISP’s DNS will not be used, meaning your real IP address would not be revealed in the unlikely event that your VPN failed. Similarly, configuring your firewall to block non-VPN traffic will also ensure you are unable to connect via your ISP’s DNS servers.
WebRTC leak
As with a DNS leak, the security issue with Web Real-Time Communication (WebRTC) is not with your VPN, but an activity that bypasses it. WebRTC software is commonly used in web browsers and apps. This feature allows the playback of audio and video to be smoother and faster-loading, all without additional plugins. This improves performance with video calls and is integral to popular communication apps such as Google Hangouts.
As useful as this is, it does bring with it a new security concern. In a large number of cases, browsers will ignore a VPN and make DNS requests using your actual IP address. While your VPN will still be working and your activity secure, anything that is sent via apps that use WebRTC could be exposing your IP address and putting your privacy at risk.
While there are often settings to disable WebRTC in browsers, they are usually buried in settings menus as disabling it would mean losing functionality. Other options include moving to another browser that does not use WebRTC, or to install an extension or plugin like ‘ScriptSafe’ in Chrome, or ‘Disable WebRTC’ in Firefox.
For users that do not need to use WebRTC-dependant features, this is a simple solution, but people who use Google Hangouts and other browser-based services regularly will find these features do not work until the plugin is deactivated. In these cases, plugins are a short-term solution until you can update your settings to an alternative DNS provider. Once it is done, use a WebRTC leak checker tool to verify that your browsing is no longer affected by leaks.
VPN services have many benefits and are increasingly becoming as important to personal data security as antivirus software. But like antivirus, VPN is not a universal solution. Instead, it is a useful upgrade in a wider, well-rounded security setup.
This means that the user must remain vigilant and aware of the potential weak points in their security, and be proactive in minimizing the risk that DNS leaks and WebRTC leaks could cause.