Glossary: VPN, Privacy, and Secure InternetLast edited: June 30, 2020
Computers and internet security are complex topics and a lot of people have difficulty to fully understand key terms used with these matters. Especially abbreviations make it hard to get a hold of the subject. Luckily we offer a helping hand, in this glossary you will read a comprehensive list of terms and abbreviations you might encounter. If necessary, we refer to pages with additional information.
Ad blockers are programs or browser-extensions which block advertisements or obtrusive pop-ups. Often these ad blockers are used in combination with content blockers. The latter block adware and tracking cookies.
The acronym AES stands for Advanced Encryption Standard. It is an encryption technique that encrypts data communication between devices. Therefore, it facilitates a more secure type of digital communication. AES has key sizes of 128, 192, or 156 bits. AES is frequently used in the encryption of VPN connections.
Someone is anonymous when his/her name is withheld or if this person cannot be identified within a certain group.
Anonymous email refers to an email address with an owner that cannot be traced. Most often such an email address automatically forwards messages to the real email address of the owner. There are several places online where you can create anonymous email addresses.
This kind of encryption makes use of two asymmetric/different keys. A public key, which is observable for everyone. And a private key, which is only available to the owner. The public key is a function that can only encrypt data; once encrypted only the private key can decrypt it.
A backdoor is an (often hidden) entrance within software that bypasses security or encryption measures. Frequently backdoors are implemented on purpose during the design phase of software. Unfortunately, these backdoors can be used by hackers as well. This way hackers can get access to computer systems or they can even crack encrypted information.
Bitcoin is a popular virtual currency. Also known as crypto currency. It is characterized by its decentralized exchange method. It works through a system called block chain. All transactions are encrypted making Bitcoin an anonymous payment method.
This is a communication protocol for peer-to-peer file sharing. BitTorrent is especially popular for sharing music, movies and software.
A browser extension is software that offers additional functionalities to your internet browser. This can be anything from protecting your privacy while you’re browsing, blocking advertisements or saving your passwords. Most extensions are free to download.
Browser fingerprinting is a technique which uses unique features of your internet browser to identify the user. This enables third parties to track you on the internet. It is fairly difficult to prevent browser fingerprinting.
A certificate authority is an entity that emits digital certificates. These digital certificates prove the ownership of a public (cryptographic) key.
A cipher or encryption algorithm is used to encrypt or decrypt data. It consists out of a mathematical algorithm. Security experts try to improve these ciphers, while hackers try to crack ciphers.
When two or more devices communicate with each other this is called a connection. Within the context of VPNs, a connection method encompasses the way a connection was established between device and server. There are several types of VPN connections. For instance, OpenVPN, PPTP and L2TP. Every connection methods has its own characteristics.
Cookies consist of a small text document,which is generated by a website you visit and forwarded to your internet browser. This document contains personal data like your username, the content of your shopping cart or your website preferences. Unfortunately, internet cookies are often used in a malicious way to trace your real identity.
The dark web is part of something bigger called the deep web. The deep web consists out of websites that are not indexed by search engines. This part of the internet mainly consists of websites that are only accessible with a password. Needless to say these websites contain private data and shouldn’t be accessible to everyone.
The dark web is part of this deep web, it comprises websites that require certain browser software like the Tor browser. The dark web is known for its large share of fraudulent and illegal websites. Examples are black markets, crypto currency exchanges, or forbidden content.
DD-WRT is Linux-based open source firmware alternative for routers. The firmware is available for a variety of routers. It is quite popular because of the extra functions it has to offer. For instance, with the DD-WRT firmware you can install a VPN on your router.
DMCA (Digital Millennium Copyright Act) is an American law, which aims to protect intellectual property. The DMCA forbids the production and distribution of software that can be used to bypass digital security measures. Among other things, this is meant to protect copyright.
On the basis of the DMCA, owners of websites and servers are often forced to remove content that might infringe on copyright in the form of a subpoena. These subpoenas are called DMCA takedown notices.
DNS stands for Domain Name System. DNS servers function somewhat like a telephone book. These DNS servers associate information with the requested domain name. As an example, it can show you which IP address belongs to the domain name VPNoverview.com. DNS servers enable you to translate the domain name to a usable IP address, with which you can connect to the right server.
When someone is using a VPN they try to stay anonymous. They do so by only connecting with the VPN servers. A DNS leak occurs when a VPN user accidentally visits websites directly through the DNS server. Consequently, the websites you visit can then be linked to your personal IP address.
A download fine or settlement can be imposed if someone downloads copyrighted content from an illegal source. Almost every country has its own copyright organizations that enforce abidance with these laws.
Encryption is the process of encoding information with a cypher in a way that only authorized users can access it. Encryption distorts data in such a way, that only the receiver with a correct key can decrypt it and gain access to the original data.
With end-to-end encryption we refer to data encryption that protects the data from start to finish. Many services don’t use end-to-end encryption, which means that the data is decrypted before it arrives at the user. This creates a weak spot in the security which can be used by hackers to steal data.
The Five Eyes
The Five Eyes refer to the 5 countries that collaborate in an effort to improve their joint espionage activities. These 5 countries are: Australia, Canada, New-Zealand, the United Kingdom and the United States of America.
GCHQ (Government Communications Headquarters) is the British version of the NSA (American Intelligence Agency). Recently they gained increased attention with their Tempora program, which tracks and stores roughly 60% of the internet traffic worldwide.
Imposing geographic restrictions (also known as geo-blocking) is the practice of only making online content available in certain regions. Hence, some content or streaming footage might be inaccessible from certain locations. Netflix, news websites and digital sport passes are good examples of geo-blocked content, meaning that access to these sources can be limited depending on your location. By using a VPN you can bypass these geographic restrictions.
In the IT branch the term handshake stands for the process used by SSL/TLS to verify and exchange certificates. A handshake sets up an encrypted connection between two or more devices.
A HTTPS connection is similar to a HTTP connection. The only difference is that a HTTPS connection runs on an encrypted SSL protocol, which offers additional security. It is used to send and receive data from websites in a secure manner. HTTPS is particularly important to make sure that your personal information is secure when you are browsing the internet.
IKEv2 (Internet Key Exchange version 2) is a technique used to exchange encryption keys within the IPsec protocol. IKEv2s is supported by a lot of operating systems.
IP address is short for Internet Protocol address. Every internet connection has its own IP address. IP addresses consist out of 4 combinations of 1 up to 3 numbers (e.g. 192.168.0.1). It is used as an identification code to set up internet connections. Third parties can track and trace specific IP addresses, which means they can connect your online action to your location and perhaps even person. IP addresses are essential to the use of internet, but they comprise huge privacy risks. A VPN keeps your IP address hidden for third parties and thereby ensures your privacy online.
IP binding is a technique which allows programs to be active only while using a specific IP address. Most often this is a IP-address affiliated with a VPN service. IP binding prevents unintended connections between programs and the internet. This might occur when a VPN connection suddenly malfunctions.
IPsec (Internet Protocol Security) is a security protocol used for the encryption and authentication of data prior to transmission over the internet. IPsec also offers end-to-end encryption.
IPv4 stands for Internet Protocol version 4. It is currently the default system for creation of IP addresses. Due to the rapid growth of the internet the past decennia, there are limited IPv4 addresses left.
IPv6 stands for Internet Protocol version 6, it is the successor of the IPv4 protocol. IPv6 creates 128-bit IP addresses. This way 2^128 potential addresses can be created. Because the IPv4 addresses are almost all in use, IPv6 was created to cater the growing need for IP addresses.
An ISP (Internet Service Provider) is a provider of internet connections. For private users this most often encompasses internet connections, internet TV connections and internet phone connections.
A kill switch is a function often used in VPN applications. It shuts down all the internet traffic when the VPN connection is suddenly lost. VPN connections aren’t 100% stable and can lose connections for a variety of reasons. The kill switch prevents any data from leaking.
L2TP (Layer 2 Tunneling Protocol) is a VPN-security-protocol for encryption and authentication of data. L2TP cannot establish a VPN connection on its own, so most often it is used in combination with IPsec.
L2TP/IPsec is a combination of L2TP tunneling with IPsec encryption. By combining these two protocols you get a strong and secure VPN protocol.
Logs are the files kept by e.g. your computer, websites, ISPs or VPN providers. Logs can be used for a variety of reasons. One of the reasons to use logs is to track someone and identify who this person is. Obviously this creates some privacy issues for users or website visitors.
Metadata describes the characteristics of other information like websites, text documents and pictures. This metadata mostly describes when, by whom, and how long a certain file was used. For example, the date an email was sent, the author of a text, or the IP address that belongs to an account. Metadata commonly has a negative effect on privacy.
The NSA (National Security Agency) is one of the intelligence agencies of the USA. The NSA is responsible for monitoring, gathering and processing information for intelligence purposes. The NSA frequently gets negative attention, due to their unorthodox methods.
Open-source software is a type of software of which the source code is made accessible to everyone for free. Commonly, open-source software is created by a broad network of volunteers. From a security and privacy perspective open-source software is seen as a reliable way of creating a program. Since the source code is available to anyone, any person can check the security and look for any backdoors and bugs.
OpenVPN is an open-source VPN protocol, which is frequently used for setting up an encrypted VPN connection. OpenVPN is seen as one of the most secure VPN protocols.
P2P stands for peer-to-peer, this term is used in context of downloading torrents or sharing of files. P2P describes the characteristics of the connection between two users. This type of P2P connection doesn’t use fixed servers for their service. With a P2P network, data transmission goes from the sender to the receiver without any server stops. The most famous P2P network is BitTorrent. With P2P networks the downloader and uploader are easy to track down if they don’t use a VPN.
A password manager program helps the user to generate and save passwords. It often creates unique, random and safe passwords for you.
PPTP (Point to Point Tunneling Protocol) is a VPN protocol that is outdated. Some computers use this type of protocol by default, but in general it is perceived as unsafe.
PGP stands for Pretty Good Privacy and is an encryption protocol for email messages. At the moment PGP is the most used and secure way of encrypting your emails. PGP can encrypt both text and attached files. Unfortunately, PGP cannot encrypt the header of an email. This header also contains the metadata. Therefore, PGP cannot guarantee complete privacy.
Proxy servers act as an intermediate server between a user and the internet. Proxy servers enable the user to change his or her virtual location. But a proxy server does not encrypt data that passes through it. Hence, free proxy servers are seen as relatively unsafe in terms of privacy protection.
A router is a networking device that forwards data between devices and the internet. Routers perform the traffic directing functions on the internet. A router receives the data packet from connected devices, the router then reads the network address and directs the packet to the next network. This continues until the packet has reached its final destination. The router also receives packages from the internet. It then has to redirect the packet to the right device within its network. With DD-WRT you can set up a VPN on your router.
SmartDNS is a service offered by some VPN providers, it helps to bypass geo-blocking. By using a SmartDNS the virtual location of the user is changed by means of DNS servers in other countries. This enables the user to pretend he/she is situated in another country. This way you can bypass geographic restrictions. Unfortunately, SmartDNS does not encrypt your data traffic. Compared to a VPN a SmartDNS is less safe. Nevertheless, a SmartDNS is a good way to bypass any geo-blocking.
SSL (Secure Socket Layer) is a cryptographic protocol which encrypts communication between devices. There are various types of SSL protocols. SSL is used for websites, email, messaging and VoIP. The successor of SSL is called TLS.
Telemetry is the collection of data from a distance. In the tech world, telemetry data usually refers to the information collected online by, for example, browsers and operating systems. The gathered information is sent to the companies in charge of those systems, who then use it for analytical purposes. This data is usually not considered to be “personal data”, but could still reveal a lot about user experience. It usually isn’t individually identifiable, although it might reveal, for example, how many tabs you opened in your browser at a certain time.
TLS (Transport Layer Security) is the successor of SSL and is used for the security of digital communication. TLS ensures the privacy- and data integrity of digital information. TLS encryption is often mistaken for the term SSL.
Tor (The Onion Router) is an internet network. In combination with free software (the Tor browser) it enables the user to surf the internet anonymously. The technique works somewhat like an onion. Every connection hub can be seen as one of the layers of an onion. The data packets are send in small bits through each of these layers. This way it is very hard to intercept the data or figure out the origin of this data.
Tor is notorious for the illegal activities and content you can find on it. The use of Tor has some disadvantages. It may slow down your internet connection and third parties may be able to hack Tor, if they succeed it could harm your privacy. It turns out the NSA has already successfully hacked Tor in the past.
Two Factor Authentication (2FA)
Two Factor Authentication is a method of confirming a user’s claimed identity. The user will only get access to the account or website by presenting two types of evidence. Commonly this consists of something they know and something they have. For example, online banking, you first need to login with your name and password, then you have to confirm the activities with a generated code on your phone or card reader. 2FA prevents hackers that got a hold of accounts and/or password, from getting into your account.
A URL (Uniform Resource Locator) is an alphanumeric address for websites, it is meant to be usable for humans. An example of a URL is “https://vpnoverview.com”. Internet browsers make use of a DNS server to transpose these URLs to IP addresses that belong to websites.
VPN stands for Virtual Private Network. A VPN is used to create a private network within a public network. A VPN connection encrypts all data traffic. This way third parties cannot read any of your exchanged information, or at least only a severely distorted version of it. VPNs are predominantly used to ensure more privacy and security on the internet. For more information, please visit our page: what is a VPN exactly?
A VPN connection or VPN tunnel is the connection between the user and the VPN server. This connection is secure and encrypted by means of a VPN protocol.
A VPN client (Virtual Private Network client) is a program or app which enables the user to connect with a VPN service. Most VPN providers provide a (free) VPN client with their VPN subscriptions. The VPN client manages the authentication of the connection with a VPN server. Then the VPN client chooses the appropriate or requested VPN protocol and establishes an internet connection. The commercial VPN clients normally offer extra functionality, like speed tests to find a fast server or a kill switch to prevent insecure connections.
A VPN protocol is the type of encryption/authentication used to set up a secure VPN connection. There is a large variety of VPN protocols that can be used. The most widely-known protocols are OpenVPN, PPTP, and L2TP.
A VPN server is a server maintained by a VPN provider to offer secure, anonymous connections for users. The VPN server serves as an intermediate station through which data is channeled between the world wide web and a VPN user.
A VPN tunnel is a secured and encrypted virtual connection, which is established between a user and the VPN server.
A Wi-Fi hotspot is a public wireless network that is connected to the internet. Wi-Fi hotspots can be found all over the world (e.g. cafés, train stations, hotels, libraries, and universities). The use of Wi-Fi hotspots bears some risk; a hacker could monitor your internet behavior or even steal private information. You can minimalize the risks by using a VPN connection while connected with a Wi-Fi hotspot.
VPS stands for Virtual Private Server. VPS providers have large physical servers, which you can rent or buy. When you buy or rent a part of such a server your part is called a VPS. It is used by websites that want their own server. A VPS should not be confused with a VPN server.