Reading Time: 6 minutes

VPN Glossary

AES

AES stands for Advanced Encryption Standard, which is a symmetric block cipher audited and used by the U.S. government to protect classified information since 2002. AES is also referred to as Rijndael, which was named after its inventors Vincent Rijmen and Joan Daemen.

Anonymity

Anonymity is a state in which someone or something can’t be uniquely identified. For example, if you post a comment online without registering first, you will appear as anonymous. No one knows who posted the comment. In the online world, people use VPNs or Tor to gain online anonymity.

Bitcoin

Bitcoin is a digital currency that was created in January 2009. This currency is not owned by any government and is instead operated by a decentralized authority. Bitcoin payments are secured by cryptography and allow individuals to make completely untraceable anonymous payments. The identity of the individual who created the technology is still unknown to this day.

Censorship

Censorship is a process through which regulatory authorities control or suppression of what kind of content can be accessed, viewed, or published on the internet. In China, for example, almost all mainstream social media websites are blocked.

Cryptography

Cryptography is the process of converting ordinary plain text into unreadable text. It is used to securely transmit data in a particular unreadable form so that it can be only read and processed by someone for whom the message was intended for. Think of it like a safe that can be opened with the right passcode. Cryptography not only protects data from theft, but it is also used for authentication.

Dark web

The dark web is a part of the internet that you can’t access through any search engine like Google. The dark web is linked to many shady and illicit criminal activities. The only way to access the dark web is through an anonymizing browser called Tor.

Data retention

Data retention refers to a law or a policy that mandates businesses to store certain information about their users. In the United States, for instance, internet service providers can retain and sell any customer data that passes through their servers.

DD-WRT

DD-WRT is a Linux based open-source operating system for Wi-Fi 4 and Wi-Fi 5 wireless routers. Routers that run on DD-WRT firmware can be modified rather easily. Many VPN providers offer VPN apps that can be directly installed on DD-WRT supported routers. That said, do keep in mind that installing DD-WRT may void the warranty of your router.

DDoS attacks

DDoS stands for Distributed Denial of Service. It is a type of attack in which too many requests are sent to a particular server. As a result, a DDoS attack overwhelms a website’s capacity to handle multiple requests and stops it from functioning properly.

Deep packet inspection

Deep packet inspection or DPI is a type of network packet filtering technology that checks the data part and the header of a packet to filter out spam, viruses, or any malicious content. Basically, Deep packet inspection locates, detects, and blocks unwanted content that may have gone undetected by conventional packet filtering.

DNS

DNS stands for Domain Name System which is basically like an address book of the internet. DNS works by converting hostnames such as www.example.com into a computer-readable IP address such as 192.168.2.2. So when user types in CBS.com on their browser, DNS resolvers converts the hostname to an appropriate IP address to locate the web page.

DNS leak

A DNS leak occurs when a VPN app fails to use its own proprietary anonymous DNS servers and uses default DNS servers hosted by an internet service provider. Doing so, a VPN app will leak private data and expose its user despite being connected to a secure VPN server. Free VPNs are often prone to leaking.

Encryption

Encryption is a process of converting plain information into a code to prevent unauthorized individuals from accessing it. Encryption converts plain text into ciphertext which can only be decrypted with the key provided by the originator to the recipient.

Encryption key

An encryption key is made up of a string of bits that is used specifically to encrypt or decrypt certain information. Encryption keys are generated through complex algorithms to ensure that every key is different and unique. The longer the length of the key the harder it is to break.

Firewall

A firewall is basically a network security tool that monitors and controls the incoming and outgoing network traffic of a device based on predetermined security rules. A firewall creates a barrier between trusted networks and untrusted networks.

Five Eyes

The Five Eyes is an international intelligence-sharing alliance comprised of Australia, Canada, New Zealand, the United Kingdom, and the United States. These five countries are known to unlawfully spy on their own citizens and share intelligence information with each other. The existence of the Five Eyes was a well-kept secret until Edward Snowden leaked a number of documents exposing the alliance in 2013.

Gag order

A gag order is a legal court order that prevents any information from being made public or disclosed to unauthorized third parties. A gag order can be issued to a company during an ongoing investigation to prevent information relating to the case from being leaked.

Geo-blocking

Geo-blocking is the process of limiting what information or website an individual can access depending on their physical location. A database of  IP addresses is often used to enforce geoblocks. Geo-blocks are usually enforced due to copyright restrictions or to comply with the rules and regulations of a country.

Geo-spoofing

Geo-spoofing is a technique through which anyone can use a VPN, proxy, or Tor to mask their original IP address and obtain a totally different IP address to appear in some other part of the world.

Great Firewall (GFW)

GFW or the Great Firewall is a technology used by the Chinese government to regulate the internet within the country. The purpose of the GFW is to block almost all foreign websites like Google, Facebook, YouTube, etc. Because of the GFW, roughly 800 million people in China get access to a highly restricted internet.

HTTPS

HTTPS stands for the Hypertext transfer protocol which is used to send data between a web browser and a website. HTTPS is the more secure version of the older HTTP. The reason why HTTPS is more secure is that it is encrypted. Because of that, HTTPS increases the security of data transfers which is important for transmitting sensitive data to banking websites, email accounts, etc.

IP address

IP address stands for internet protocol address. It is comprised of numbers or characters and is associated uniquely with a computer or a computing Network. An IP address looks something like this (192.168.1.1). All devices connected to the internet have unique IP addresses similar to phone numbers. IP addresses allow computing devices to connect with one another over the internet.

IP leak

IP leak is an event in which a user’s real IP address leaks even when connected to a VPN. If you run an IP leak test and are seeing your default IP address instead of the one assigned to you by your VPN provider, then your IP address is leaking. This happens when a VPN fails to utilize its own encrypted servers and uses the default servers of the internet service provider.

IPSec

IPSec stands for Internet Protocol Security. It is a network protocol that creates an encrypted connection between devices. The purpose of this protocol is to secure data being transferred over public networks. IPSec works by encrypting IP packets and authenticating their source.

IPv4

IPv4 stands for Internet Protocol version 4. It is the fourth iteration of the Internet Protocol. IPv4 is one of the core protocols responsible for all internet communications.

IPv6

IPv6 is the newer more modern version of IPv4 and its predecessors. The reason why IPv6 is better than IPv4 is that it offers a location and identification system for computers on the internet. IPv6 is the reason why all devices that communicate on the web have their own unique IP addresses.

ISP

ISP is just short for an internet service provider. It’s any company responsible for providing an internet connection to consumers. T-Mobile, AT&T, Comcast are all examples for internet service providers or ISPs.

Jurisdiction

In the world of VPNs, jurisdiction refers to the country in which a VPN provider is headquartered. Jurisdictions are important because it determines if the VPN provider is obligated by law to log user data or not. For example, VPN providers that operate from the governing jurisdictions of the Five Eyes, retain and share VPN logs.

Kill switch

A Kill switch is a VPN security feature that automatically disconnects you from the internet in case your VPN connection abruptly drops. It is designed to prevent your real IP address from leaking in case you get disconnected from the VPN server.

LAN

LAN stands for Local Area Network. Mostly, LANs are used to connect workstations or personal computers. LAN basically allows computing devices in a small area like office space to communicate through an Ethernet cable.

Log

A log is basically a file that is stored by a server. A log file stores every action that happens on a server with timestamps and credentials. VPN logs store information about how a particular user uses their service. VPN logs are extremely harmful to user privacy.

Man-in-the-middle attacks

Man in the middle attack or MitM is an attack where a malicious entity sits in the middle and secretly intercepts and alters the communications between two parties.

OpenVPN

OpenVPN is one of the safest and widely used protocols in the VPN industry. It is super secure and is known to be able to bypass strict geo-blocks. But aside from just being a protocol, OpenVPN is also a software that lets users establish a secure point to point connection. OpenVPN was developed by James Yonan and was released to the public in 2001.

Obfuscation

Obfuscation is a technology that adds a layer of stealth to encrypted VPN traffic. Obfuscation is used to disguise encrypted VPN traffic and make it appear like regular HTTPS traffic so that it may not get blocked by firewalls. This technology is widely used in heavily censored countries like China.

Perfect forward secrecy

Perfect forward secrecy is an encryption method that creates unique session keys for each transaction. This way, even if a hacker manages to access the data of one transaction on a server, he/she will not be able to access any other data from a group of transactions. Perfect forward secrecy is a process of making sure that all transactions that are sent over the Internet remain secure.

Ping time

Ping or latency is the amount of time measured in milliseconds it takes a data packet to travel to a server and then back to your device. Ideally, the lower the pings the better your internet speeds will be.

PPTP

PPTP or Point-to-point Tunneling Protocol is a rather old network protocol that is still being used by VPN service providers. Introduced in 1995, it is less secure than OpenVPN as it lacks encryption, however, because of that, PPTP is quite fast which is ideal for streaming.

Proxy

Any computing resource such as a server that helps users bypass geo-restrictions is referred to as a proxy. Virtual Private Networks are proxies that route user’s traffic through remote servers and facilitate them in bypassing geo-blocks.

Ransomware

Ransomware is a type of malware that encrypts all the files on a victim’s computer. The attacker then demands a ransom in exchange for the victim’s valuable personal data. Typically, hackers demand cryptocurrency to avoid leaving any trails behind.

Router

A router is a networking device that is to used forward data packets between computer networks. Routers are responsible for directing data packets to their destinations on the internet.

Simultaneous connections

In the context of VPN, simultaneous connections refer to the number of users a VPN provider allows to use a single account. Some VPN providers allow 5 devices to connect at the same time while others allow unlimited devices.

SmartDNS

SmartDNS is a feature offered by VPN providers that allow users to bypass geo-blocks by using DNS servers based on the user’s location or the streaming they’re trying to unblock. SmartDNS lacks encryption, which is why it is only preferred for unblocking streaming services.

Snoopers’ Charter

Snoopers’ Charter or more formerly the Investigatory Powers Act is legislation proposed by the former Home Secretary Theresa May which mandates ISPs in the UK to store customer data and share it with the local law enforcement.

SSL

SSL stands for Secure Sockets Layer. This technology is responsible for securing sensitive data being transferred between two computers. SSL prevents malicious entities from intercepting and modifying any data being transferred online.

Split-tunneling

Split-tunneling is a feature offered by VPN providers that let users route some of their traffic through the encrypted VPN tunnel while leaving the rest of the traffic unencrypted. For example, allowing banking apps to pass through the encrypted tunnel while excluding social media apps.

Tor

Tor or The Onion Router is an open-source network that allows users to browse the web anonymously. Tor network can be only accessed through a Tor browser. Tor anonymizes your web traffic by passing it through scattered nodes.

Tunnel

A VPN tunnel is an encrypted connection between your device and the VPN server. No one outside the tunnel can see or intercept the data passing through it.

VPN client

A VPN client is an app that you install on your phone, laptop, or router which allows you to establish a secure connection with a VPN server.

VPN protocol

VPN protocols are a set of rules which determine how a VPN app will establish a secure connection to a VPN server. Some protocols offer powerful security while others offer fast speeds. Some common VPN protocols are PPTP, OpenVPN, and IPSec.

VPN server

A VPN server is an intermediary resource between a user and the internet. It is responsible for assigning its users with a different IP address and facilitating them in bypassing geo-blocks.

Warrant canary

A warrant canary is basically a blog post through which VPN service providers inform their users if they ever receive a government subpoena to disclose customer information. It helps create transparency between the provider and its customers.