Monday, 17 June 2013

Proxies vs. VPN – What’s the difference?

Proxies vs. VPN – What’s the difference?
----------------------------------------------
The purpose of using both VPN and proxy servers is to conceal the users identity, or to spoof a certain geo-location (so for example geo-locked services such as many TV streaming websites may be watched outside their country of origin). Many VPN Providers, in addition to offering VPN also provide some kind of proxy service, and there are also many public proxy servers which can be used for free.


So the question for many people is ‘what is the difference between a proxy and VPN?’, and perhaps even more importantly, ‘do I need to use VPN or will a cheaper / free proxy suit my needs?’.

Although performing a similar function, the actual processes involved are very different, and therefore have very different consequences.

The subject is further complicated by the fact that there are a number of different types of proxy services available.

Proxy Servers
---------------
A proxy (technically an open proxy) server is a computer that acts as an intermediary between your computer and the internet. Any traffic routed through a proxy server will appear to come from its IP address, not your computers. Unlike VPN servers, proxy servers do not have to devote resources to encrypting all traffic that passes through them, and therefore can accept simultaneous connections from a great many more users (typically tens of thousands)

Proxy usually servers communicate with the internet using one of 2 different protocols; HTTP or SOCKS.

HTTP Proxy Servers
----------------------
The HTTP protocol is designed to interpret traffic at the HTTP level, which means that it can only handle traffic that starts with http:// or shttp://, i.e. web pages*. It is therefore only good for web surfing, but because all it is doing is handling HTTP request, it is faster than either Socks proxies or VPN servers.

Pros
------
-Cheap (and often free)
-Will hide your IP from basic checks, and is therefore ok for accessing some geo-restricted websites and for account creation

Cons
-----
-Only useful for accessing websites*
-Clever use of Flash or JavaScript allows many websites to detect your true IP
-HTTP traffic is not encrypted so government t surveillance systems and your ISP can see what you are doing. If connected through HTTPS (SSL) then traffic cannot be monitored but the IP of the SHTTP website can be logged. SSL encryption is roughly equivalent to 128-bit key length.
-Each web browser must be configured individually to use the proxy server. However, the good news is that this is well supported by all browsers

SOCKS Proxy Servers
--------------------
SOCKS servers do not interpret network traffic at all, which makes them much more flexible, but because they are usually handling more traffic, usually slower. The big advantage of the SOCKS protocol is that it supports any kind of internet traffic, such as POP3 and SMTP for emails, IRC chat, FTP for uploading files to websites, and torrent files. The latest iteration of the protocol is SOCKS5.

Pros
------
-Can handle any kind of internet traffic (including torrents)

Cons
--------
-Slower than HTTP
-Each piece of software (e.g BitTorrent client) must be configured individually
-Same security issues as HTTP

If you only need to hide your identity for BitTorrent downloading then a SOCKS proxy with an SSL connection may be all you require.

Public Proxy Servers
---------------------
Because proxy servers can accept so many connections, many public servers have sprung up which allow anyone to use them. Both HTTP and Socks servers are available (with HTTP being more common), lists of which can be found, together with the necessary IP address and Port number from such sites as freeproxylist.org and Hide My Ass.

Unfortunately, public proxy servers tend to be highly unstable, going on and off-line without notice and varying hugely in the speed they offer. In addition to this, you have to trust the owners of theses anonymous servers with often quite sensitive information, and there is no support available. On the hand … they’re free!

Private Proxy Servers
----------------------
These proxy servers are of course not open to the public and are usually available for a fee. VPN.S for example offers both an HTTP and SOCKS5 service, while BTGuard and TorGuard offer SOCKS5 ‘torrent’ services.

These services tend to be much more reliable, are run by companies with good reputations, and provide comprehensive support. They also often provide customized software – for example BTGuard and TorGuard offer pre-configured BitTorrent clients.

Web Proxies
------------
Web proxy services, such as those found at Hide My Ass and CyberGhost, connect to a public HTTP server and allow you to surf the web anonymously from within your browser window, without the need to download and install any extra software or configure your bowser settings. They are also free. However, not only does using such a service usually expose you to a stream of adverts, but it usually falls down when encountering anything complicated such as Flash content or Java scripts. In addition this, many of the better known web proxies IP addresses are widely known and blocked by some websites. While incredibly easy therefore, their practical use is somewhat limited.

*Through the use of the CONNECT method HTTP proxies can behave like SOCKS proxies, but only with SSL or https:// sites that support it.

VPN
-----
Virtual Private Networks create an encrypted ‘tunnel’ between your computer and the host server, with the internet traffic going in and out of the host server. Your ISP or government can only see that you have connected to the VPN server and nothing else – your activities, IP addresses you have visited etc. are all completely hidden from them behind a minimum of 128-bit encryption.

However, the VPN server can see what you get up to on-line, which is why we feel it vital that a good VPN provider to keeps no logs. Anything less and its users’ activities may be compromised (thus making the precaution of using a VPN in the first place redundant!).

Although setting up VPN does usually involve downloading and installing a VPN client, or otherwise configuring your computer or mobile device, the computing skills needed are minimal, and most providers supply detailed step-by-step setup guides in any case. One good thing is that once set up, all your internet activity, no matter which program you use, is now safely routed through the VPN.

The only notable negatives to VPN are that it is comparatively pricey, and the encryption process taxes the servers so that when in heavy use internet access through them can slow down noticeably.

Pros
------
-Internet activity cannot be spied on by ISPs or governments
-High levels of encryption (128-bit to 2048-bit)
-All internet activity masked (once VPN set up on device)

Cons
-----
-More expensive than proxies
-Can be a bit slow during peak times
-If VPN provider keeps logs then these may be obtained by the authorities

Conclusion
----------
VPN is superior in almost every way to proxies. It provides vastly improved online anonymity, and protects your entire on-line life. In addition to this, because ISPs cannot monitor your online activity, it is an effective means of bypassing ISP throttling.

The only real reason for choosing a proxy service is over VPN is price, which we understand is a real factor for many. However, for typically less than $10 per month, VPN services do represent excellent value for money.

One word of caution: nothing in this world is ever absolutely 100% secure, so be careful out there!

No comments:

Post a Comment