Blog

VPN Myths, Marketing Lies, and the Truth
You are currently viewing VPN Myths, Marketing Lies, and the Truth

What a VPN Actually Does — and What It Doesn’t

Hey, do I need to get me one of those VPN’s?” or “Which VPN should I get?

I’ve heard this question more times than I can count. Usually from well-meaning folks who’ve been told (by ads, influencers, or that one techy cousin or friend that knows all the things…) that a VPN will make them invisible online, un-hackable, and totally anonymous. Spoiler alert: it won’t. At least, not in the way they think and at the level that they think it will.

If you’re reading this article then you have probably either:

  • Already bought a VPN and are wondering if it’s doing what it promised.
  • Been told you need one, but aren’t sure why.
  • Or maybe you’re the designated “tech person” in your circle and already know this stuff, but you are tired of answering these questions and explaining this stuff over and over again

Well GOOD NEWS!! This article’s for all of you. We’re going to unpack what VPNs actually do, what they don’t do, how they got here in the first place — and hopefully by the end, you’ll be able to spot marketing hype a mile away.

VPNs Weren’t Always for Netflix and “Privacy”

Let’s go back aways. VPN stands for Virtual Private Network and originally, that name meant something very specific.In the early days (we’re talking late 1990s to early 2000s), VPNs were mostly used in corporate settings. A company with remote workers or multiple office locations might use VPNs to:

  • Let employees securely connect to internal systems from outside the office.
  • Build site-to-site tunnels between branch offices over the public internet.
  • Remotely access servers, files, or devices as if you were physically on the network.

And these original uses are all still alive and well and in full use still to this day. I’ve used VPNs this way for many years for both accessing work networks, and to securely connect back to my own home lab when I’m out and about. It’s practical, private, and very specific.

But as the internet matured, so did censorship, surveillance, and content restrictions. VPNs started becoming tools of necessity for things like:

  • Journalists and activists working in oppressive regimes, needing to encrypt traffic and evade censorship.
  • Citizens in countries like China or Iran looking to access the open internet.
  • People living abroad who just wanted to watch Netflix shows from their home country.

And these are still valid use cases. But somewhere along the way, things changed…

Then Came the Consumer Gold Rush

Marketing teams saw an opportunity. Why just sell VPNs to businesses or political dissidents, when you can sell them to EVERYONE with an internet connection? I mean, who wouldn’t want to tap into that monthly or annual stream of recurring revenue? Right? And to sell it, all they needed to do was build a VPN service of some sort, mix in a little fear mongering and make a bunch of generalized claims that most people will have no real understanding of.

Suddenly, VPNs became “essential” for:

  • Avoiding hackers on public Wi-Fi
  • Keeping your ISP from spying on you
  • Getting “complete anonymity” online
  • Protecting your identity
  • Preventing malware
  • Getting cheaper prices when shopping
  • Stopping the government from watching you

If that list sounds too good to be true… well mostly, it is. And that’s the problem.

Now, don’t get me wrong, VPNs do serve a purpose, and in the right situations, they’re incredibly useful. But the way they’ve been packaged and sold to consumers? That’s where we’ve gone off a bit the rails. People are spending money on tools they don’t understand, expecting protections they’re not getting.

Let’s try to fix that shall we?

What a VPN Actually Is (and How It Works)

At its core, a VPN  (Virtual Private Network is exactly what the name implies: a private, encrypted tunnel between your device and another server or network (generally across the internet).

Let’s use the postcard analogy. Imagine your internet traffic as postcards. Normally, those postcards are being sent straight from your house to various places online. Along the way, your ISP (and anyone else watching your connection) can read everything you’re doing. They see the addresses, the content, even what websites you’re sending them to.

But, when you use a VPN, all those postcards get shoved into a sealed envelope first — then sent to a trusted middleman (your VPN provider), who opens them and sends them to their destination on your behalf. From the outside? All anyone sees is you talking to your VPN. They don’t know what’s inside the envelope, or where it’s going.

Here’s what a VPN actually does:

  • Encrypts your internet traffic between you and the VPN provider (so your ISP, public Wi-Fi snoopers, etc. can’t read it).
  • Routes your traffic through a VPN server — which could be in your own country, or halfway across the globe.
  • On the other end, your traffic appears to be coming from the VPN provider and not your “real” IP address. In this way, it masks your IP address from the websites and services that you connect to.

That’s it. That’s the core functionality. Everything else you’ve heard is either:

  • A side effect of that behavior,
  • A misunderstanding of how the internet works,
  • Or straight-up marketing fluff.

A Quick Word on VPN Protocols (Without the Headache)

You might’ve heard terms like OpenVPN, WireGuard, IPsec, or L2TP thrown around.

These are just protocols — or in plain English, the rules that define how your device and the VPN server communicate securely. Some are faster, some are older, some are more secure — but they’re all just different flavors of encrypted tunnels.

Think of it like sending a secret message through a tunnel: whether you’re whispering Morse code, using walkie-talkies, or shouting through a series of vacuum tubes, you’re still getting your message across — it’s just the method that changes. The key is that the tunnel stays sealed, no matter what you’re using to talk through it.

For most people, if your VPN lets you pick between them, choose:

  • WireGuard for speed and modern encryption.
  • OpenVPN for maximum compatibility and proven security.

But honestly, if your VPN app just works and doesn’t leak data, you’re already ahead of the curve.

Who Can See What? (With and Without a VPN)

Let’s clear up a huge misconception. Using a VPN doesn’t mean nobody can see what you’re doing. It just shifts who can see it.

Without VPNWith VPN
Your ISP sees every site you visit and whenYour ISP sees only that you’re connected to a VPN and amount of traffic you send and receive. But they cannot see what it is or where it going to beyond the VPN provider.
Websites see your real IP addressWebsites see one or more of your VPN provider’s IP addresses. And usually, they can tell and do know that you are using a VPN provider.
DNS lookups likely go to your ISP’s serversDNS often goes through the VPN’s DNS servers (this might be configurable depending on the provider and client software).
The path to the destination is directYour traffic takes a detour through the VPN tunnel

So in short:

  • You’re hiding your traffic from your ISP and local network (coffee shop Wi-Fi, hotel, etc.)
  • But now you’re placing full trust in your VPN provider because now they can see everything your ISP could before.

If your VPN is shady, you’ve just traded one set of eyes for another. And how would you “really” know that you can trust the VPN provider? I mean REALLY trust them…

What VPNs Actually Protect You From — And What They Don’t

Let’s break this down myth-by-myth — here’s what VPNs actually help with, and what they absolutely do not cover, no matter what that flashy ad told you.

What a VPN Can Protect You From

1. Snooping on Public Wi-Fi
When you’re on free hotel, airport, or coffee shop Wi-Fi, a VPN encrypts your traffic so others on the same network can’t intercept it. This protection becomes even more important when you consider how easy it is for a hacker to set up a fake Wi-Fi network that looks like the real one — same name, open access. You think you’re connecting to “CoffeeShop_WiFi,” but it’s really just someone’s laptop running a hotspot. Once connected, your traffic can be intercepted, logged, and even decrypted if it’s not secured. This is called a “man-in-the-middle” attack, and it’s disturbingly common in the wild. A VPN prevents this by encrypting your data from your device all the way to the VPN server, so even if you’re unknowingly connected to a malicious hotspot, the attacker sees only unreadable gibberish.

2. ISP Monitoring
Generally speaking, when you’re connected to a VPN, your ISP can no longer see what websites you’re visiting or what specific data is being transferred — it’s encrypted. However, they can still see that you’re using a VPN, the IP address of the VPN server, and how much data you’re sending and receiving.

It’s important to note that this protection isn’t foolproof. If the VPN is misconfigured, it might still leak information through DNS queries or allow some traffic to bypass the VPN altogether via a feature called split tunneling. In those cases, your ISP might still catch glimpses of what you’re doing online, even if most of your traffic is hidden.

3. Basic IP Masking
Websites see the VPN’s IP address, not yours. This can help you access content restricted by region or prevent immediate geographic profiling.

4. Avoiding Geo-restrictions
Trying to watch Netflix libraries from another country? VPNs can sometimes bypass those restrictions — though streaming services actively block many VPNs.

5. Getting Around Network Restrictions
Schools, employers, or public networks often block certain sites. A VPN can tunnel through those filters. A word of caution here, your school or employer might not take to kindly to your use of a personal VPN on their network and YES, they can usually tell that is what you are doing if they are looking at your traffic or the logs.

What a VPN Does NOT Protect You From

1. Malware or Viruses
A VPN doesn’t scan downloads or websites for malicious code. If you download a bad file, the VPN won’t save you. For that, you need really good antivirus and some good old common sense to not do dumb things on the internet.

2. Phishing Attacks
Fake login pages? Scam emails? VPNs can’t stop you from typing your password into the wrong box.

3. Website Tracking / Fingerprinting
Cookies, scripts, and browser fingerprinting still work with a VPN. Sites can identify you by your browser version, screen size, fonts, and other metadata — regardless of your IP. What makes this even more concerning is that many of these digital fingerprints are quietly shared or sold between advertising companies, social networks, and data brokers. So even if you’re using a VPN, these entities can collaborate to track your activity across different websites and apps, creating a comprehensive profile of who you are. Want a real-world example? Check out this old eye-opening article from the FTC on various tracking practices or this article from IBM.

4. Logged-in Account Tracking
If you log into your Facebook, Gmail, Microsoft, Amazon or any social media accounts, etc… while on a VPN, those services still know it’s you and they absolutely can and will track you. And yeah, they often also share their data through one means or another. Again, for those services, YOU are the product!

5. “Hiding from the Government”
If you think a basic VPN makes you invisible to law enforcement or surveillance agencies… sorry. If your provider logs your activity (and many do despite their claims), your traffic can be traced right back to you. Even many VPN providers who say they won’t give data to law enforcement without a warrant doesn’t really help you because warrants are very easy to get and the VPN providers will readily hand over your data to them. Often they are also served witha gag order to prevent them from even notifying you that your data has been provided to someone. The best option here is, use a provider that doesn’t even keep logs at all so that they simply cannot be forced to comply with LEO or government requests even if they wanted to. And there are VPN providers that claim they do this, but make sure you really check them out for proof that.

6. Leaky Apps or Devices
A misconfigured VPN (or one without DNS and WebRTC leak protection) can still reveal your IP. Many apps also ignore VPN settings altogether.

In short? A VPN is a helpful tool for specific problems, BUT, it is not a magical privacy shield. If you want true anonymity, you’ll need more than a shiny app and a monthly subscription — you’ll need to layer multiple tools and actually understand what you’re defending against, and how the technology works. And that takes work and careful planning.

Common Use Cases: When a VPN Makes Sense (And When It Doesn’t)

Let’s walk through some everyday VPN use cases and break down when it’s actually the right tool — and when it’s either overkill or just plain wrong.

Situations Where a VPN Makes Sense

1. Traveling and Using Public Wi-Fi
If you’re at an airport, hotel, or cafe, a VPN helps protect your browsing from snoops and sketchy routers. It’s one of the few cases where a VPN is genuinely essential.

2. Accessing Region-Locked Content
Trying to stream a show only available in another country? A VPN can help — but results vary depending on how good your provider is at staying ahead of streaming service blocks.

3. Bypassing Censorship in Oppressive Regions
If you’re in a country that blocks access to social media, messaging apps, or news, a VPN can provide a lifeline to the free web.

4. Working Remotely / Accessing Internal Networks
This is classic VPN territory — connecting securely to your office network or home lab while you’re away. However, keep in mind that these types of VPNs are not the kind the typical consumers buy for protection or anonymity. These types of VPN are usually setup by your employer (or yourself on your home network) and are used in the opposite direction — meaning you use them to connect to a single private network, and all your traffic typically routes through that internal network. You’re not using it to browse the internet anonymously, but rather to securely access private resources like files, databases, or servers — often behind a corporate firewall.

5. Avoiding ISP Throttling
Some users report improved speeds on streaming or torrenting when ISPs can’t inspect their traffic. VPNs may help, depending on your provider and setup. However, the opposite can also be true and you may get slower speeds while running through a VPN, either because the ISP is slowing it down on purpose or perhaps the VPN provider network is congested. Something to be aware of…

Situations Where a VPN Doesn’t Help (Much)

1. Everyday Browsing at Home
Unless you’re doing something sensitive, you probably don’t need to keep your VPN on all the time at home — especially if you’re using encrypted websites (HTTPS).

2. Trying to Be Anonymous Online (Without Other Tools)
VPNs don’t mask browser fingerprints, device info, or account logins. For real anonymity, look into tools like Tor or hardened virtual machines, disposable VM’s on a VPN etc. (We may cover some of these in a later hot-to article)

3. Online Banking and Shopping
In some cases, logging in from a VPN server in another country might even trigger fraud alerts or block access.

4. Thinking You’re “Untraceable”
If you think a VPN makes you immune to tracking or surveillance, scroll back up. It’s not that simple. Even the best hackers manage to get traced sometimes. Your consumer VPN provider is “probably” not going to help you much in this area depending on who is trying to trace you.

How to Pick a VPN (And Why “Free” Is Usually a Trap)

Now that you know what a VPN does — and more importantly, what it doesn’t do, let’s talk about choosing the right one. Because not all VPNs are created equal.

Some are built by trustworthy security professionals. Others? Not so much. And then, there are the “free” ones that promise everything but actually you and your activities are the product. These free services usually end up selling your data, injecting ads, or worse. Like the old saying goes, “there is no free lunch in life.” VPNs cost money to build and maintain. So the provider has to pay for them somehow. And usually, this means you and your data ARE the product they actually sell.

And to make matters worse, some free VPN operators have been caught doing much more than just monetizing your browsing habits. Some have injected malware into user devices, logged sensitive data like usernames and passwords, or even sold access to user bandwidth in shady “residential proxy” schemes. In 2020, several free VPN apps were removed from app stores after being caught exposing terabytes of user data. Others, like Hola VPN, were found to be turning user devices into exit nodes without consent. This isn’t just sketchy — it’s dangerous.

The bottom line is that running a fast, secure, and reliable VPN service costs money. Bandwidth, server infrastructure, maintenance, etc are NOT cheap.. So, if you are getting the service for free, they’re likely making money some other way, and it’s usually off your data. If you’re not paying for the service, there’s a good chance that YOU and your data are the product being sold to make them money. They log and sell your data to advertisers or brokers, lack encryption standards and leak your traffic, and they can inject ads or malware directly into your browsing and they don’t give you transparency, support, or reliability that you really want.

So what should you look for?

What to Look For in a Good VPN

1. Proven No-Logs Policy
Look for providers who don’t store logs of your activity. Bonus points if they’ve been recently audited, or proven it in court (as in legal cases where they had no logs to actually give). Some VPN providers (such as Mulvad) now use diskless servers to avoid having the ability to even save logs in the first place. Once the server is powered off, any type of logging information that may have been in memory, disappears instantly.

2. Strong Jurisdiction
If avoiding government surveillance is your goal, avoid VPNs headquartered in countries with aggressive surveillance laws (think 5 Eyes or 14 Eyes alliances). Favor those based in privacy-friendly regions.

3. Modern Protocols
Support for WireGuard or OpenVPN is key. These are the most secure and trusted VPN protocols currently available. Personally, I prefer the WireGuard protocol for its speed but I use both protocols depending on my use case.

4. DNS and WebRTC Leak Protection
Make sure the VPN protects against leaks that could expose your real IP address and DNS queries.

5. Transparent Business Practices
If a company doesn’t list its owners or operating entity, that’s a red flag. You should know who’s running the servers you’re routing your data through.

6. Performance and Server Choice
Look for VPNs with multiple server locations, fast speeds, and the ability to handle high traffic loads without choking. This is especially true if you are using your VPN large downloads or media streaming.

Real-World VPN Use: How I Use Multiple VPNs Daily

While this article focuses on educating people about what VPNs do and don’t do, I thought it might be helpful to show how I personally use multiple VPN setups in daily life. These aren’t just examples — these are real use cases that demonstrate how VPNs can be flexible tools when used with intention.

1. Personal VPN for Public Wi-Fi

When I travel or find myself working from a coffee shop or hotel medical facility, etc…, I use a commercial VPN (typically PIA or Mullvad) on all my devices (laptops, tablets and phones. This protects me from shady hotspots and ensures no one’s sniffing my traffic on open networks.

2. Home Lab Access VPN

I’ve set up my own VPN endpoint on my home network using pfSense and WireGuard. This lets me securely connect to my home environment when I’m on the road. I use this to access internal services like file shares, management consoles, and dashboards, and services that are only available inside of my home network.

3. Special-Purpose Virtual Machines with VPNs

For more privacy-focused work (or even just browsing I don’t want tied to my main identity), I run disposable virtual machines with snapshot rollbacks. These are often routed through different VPN providers — and yes, sometimes chained through multiple hops or combined with hardened DNS setups. This helps reduce cross-session tracking and keeps the machine’s fingerprint minimal and ever-changing. In my day job, I often need to test files for viruses or malware, or check out web links sent via email etc.. For this I typically use a KSAM server or a Virtual Machine running Linux with locked down settings and browsers. Both of these things FORCE all of their traffic through a VPN. And in all cases, the “sessions” on KASM and my VM’s are 100% disposable. Meaning that whatever happens on them during a session, completely disappears and they are reset back to a known good status as soon as the session is done.

4. Testing Geo-Content

I occasionally use VPNs to test how websites behave from other countries. Whether it’s checking for localization, censorship, or service availability. I may also use a VPN in this way to validate if I firewall I am working on is acting as expected. For instance, blocking all visitors from a certain geographic region. This helps in both research and development contexts.

5. Application-Specific VPN Routing

Some of my devices and services (like torrent clients or certain APIs) are configured to only run through a VPN using policy-based routing. This isolates risky or noisy traffic from the rest of my activity and prevents accidental leaks.

 6. Accessing my employer’s network

I use my employer’s VPN to access internal resources on their network and support the user base and infrastructure. (This one sure beats a drive into the office 😎)

These are just a few examples. And, while some of these might be overkill for the average person, they do showcase what’s possible when you understand the tools and build a system and processes that supports your actual goals. VPNs are just one piece of that puzzle.

Final Thoughts: Do You Really Need a VPN?

Hopefully by now, you have a much clearer picture of what a VPN can and can’t do. It’s not a silver bullet, but  when used properly, for the right reasons, is a valuable tool.

If you’re simply browsing at home, using strong and unique passwords, visiting HTTPS sites, and routing your DNS queries through good provider such as Quad9 or Cloudflare, a VPN might not be strictly necessary. 
But if you’re:

  • Traveling and using public Wi-Fi of any kind,
  • Concerned about ISP tracking, and interference.
  • Trying to bypass censorship or geo-blocks,
  • Or just want to keep your IP off the radar from websites and advertisers,

…then yes, a VPN can help.

Just remember these things…

  • You need to know what you’re trying to protect yourself from.
  • Don’t trust shiny marketing. Actually read the fine print and do your own research. It could be eye-opening!
  • Layer your defenses. A VPN is just one piece of the puzzle. Consider combining it with private DNS, secure browsers, good operational security practices, and maybe even hardened setups (like browser sandboxing or isolated VMs). And as always, make sure you are using a good anti-virus as well.

But most importantly, don’t let the illusion of security keep you from learning the reality of it.

A VPN is just a tool in the toolbox. Nothing more, nothing less. Used smartly, it’s powerful. Used blindly, it’s just another monthly bill that provides you with a false sense of security and comfort.

Thanks for sticking with me through this guide and I hope you found it both enlightening and enjoyable to read. Hopefully the next time someone asks, “Should I get a VPN?” you’ll either have a solid answer… or just send them this article. Knowledge and understanding is POWER! While no technology can 100% guarantee you online safety, understanding the dangers and what technology protects you from which dangers goes a long way to help keep you safe in a dangerous online landscape.

Tags: , , , , , , , , , , , ,