You've seen a lot of people talk about how a VPN will help your privacy because it encrypts your traffic and masks your IP address. Basically, a VPN works by encrypting your traffic and sending it to a remote server. This server then decrypts the data and sends it to where you want to go. On paper, this sounds really helpful but there are multiple ways this can actually hurt you.

If the target server uses HTTPS, the data is already encrypted. Adding an extra layer of encryption doesn't really help that much. If it's already encrypted, it won't help against a Man-In-The-Middle attack which is basically when someone will intercept the traffic and log it. Your ISP can already do this pretty easily but so can a VPN provider. All you're really doing is giving power to someone else, who might be even less trustworthy.

"But Aaron, I've seen a lot of reviews for this VPN and they said it was fine." A lot of these so called reviews are actually just advertisements for that VPN. It's super misleading and to back up my point, if you look at other reviews on those sites, they often say not to use other VPNs and to use theirs instead. There are legitimate VPN review sites out there, but those aren't the sites I have a problem with. If a company is going to make an advertisement, it has to look like an advertisement.

You can host a VPN yourself but remember, most VPS providers can sniff traffic just as easily as any VPN. If you want privacy, here's some ways you can do that without a vpn.

• Using a search engine with a decent privacy policy like Qwant or DuckDuckGo instead of Google. Search results aren't always as good but usually you can find what you're looking for. If you want to go extreme look into self hosting searx, I don't typically recommend public instances as they usually get IP banned from search engines pretty fast
• Not using Google Chrome. Instead, use Firefox (or librewolf if you wanna go even further) or if you prefer chrome, Ungoogled Chromium
• Check the privacy policy of everything you use. If you're not okay with what they collect, don't use it
• if you want you can set up Pi Hole on your home network

Notice how I mentioned not using Google a lot? They are notorious for data collection. Facebook is also just as bad. And Instagram is owned by Facebook so using it does not help you. Most social media tends to track you, it's just how the industry works (there are some dedicated to privacy like mastodon and they're great) There are also browser plugins that can help you block trackers. Here is a list of the ones I use

• uBlock Origin with a custom block list imported. I use https://dbl.oisd.nl/
• PrivacyBadger is a good addition to uBlock for trackers it might not catch.
• HTTPS Everywhere is helpful because sometimes a website might accept HTTPS traffic but might not be using it. This is a good way to make sure everything does use it. (already built into brave)

Even if a VPN doesn't protect your privacy though, there are legitimate uses for them in a lot of cases.

• You're running a server for something and don't want your IP exposed to everyone who uses it
• You're on public WiFi in which case, you should use a VPN that is trustworthy (might I suggest selfhosting it? If you're on a Debian server PiVPN makes it VERY easy to do)
• You're torrenting stuff and don't want to show your IP to peers or let your ISP know (I'm not endorsing piracy, this isn't a guide on that)

If you need a VPN for one of these reasons, make sure their advertisements actually look like advertisements, check their privacy policy, see if they have ever been hacked (this can show exactly what kind of data they log, as well as their security), see what company owns it and if they are known for their privacy, and make sure any reviews are credible.

A VPN which does seem to do a good job checking the boxes is Mullvad because when you sign up, you are given an ID to log in with so they don't collect your email. I'll also give my approval to IVPN and ProtonVPN. I still don't advise a VPN for daily use though as it can still hurt your privacy and security. If you do use one though, please never do any banking stuff over it regardless of what VPN you have.