When it comes to using Virtual Private Networks to keep your data safe online, most of us will take the legwork out by using a VPN app or client, rather than taking available code and creating our own VPN.
While many VPN providers use the open source software OpenVPN as their default protocol, others have created proprietary VPN apps – but what does all of that actually mean? And if you don’t want to use someone else’s VPN service, is it safe to do it DIY with an open source option?
The main difference between an open and a closed source VPN is as simple as it sounds. Open source VPN software is that which is available for everyone to see and, in theory, use. You can inspect and audit the source code, and the more technically-minded among us can investigate any security flaws and vulnerabilities that might be hiding within. A proprietary VPN does not give you the same transparency – if no-one but the provider can see the source code, vulnerabilities may go unnoticed.
The most well-known open source VPN is OpenVPN, free software which can be controlled with a Graphical User Interface on Windows or Mac OS X. Based on the Secure Sockets Layer protocol, it’s available in a range of configurations that make it suitable for site-to-site VPN setup, enterprise-scale remote access and other uses.
Though there are a variety of VPN options out there which are built on OpenVPN, using the software with their own server setups, it is also possible to set up your own Virtual Private Server. Then, you can use this alongside the publicly-available software to set up your own network if you prefer.
The key issue with this, outside of the amount of time and technical knowledge it requires, is that individual efforts can be more prone to mistakes than those set up by companies whose reputations rely on the quality and security of their services. Those organisations also have the advantage of employing teams of experts, to check the work at every stage.
Even a true internet expert can make mistakes, so it’s worth bearing in mind that hours of troubleshooting may still give you an end result that isn’t quite perfect when working on your own VPN. You should also consider whether you’re able to set up any of the security add-ons that come with a professional version.
Ease of Use
One of the biggest bonuses of using an app made by a VPN provider is the ease of use. Getting manual configurations right can be time-consuming stuff, and on the whole, open source VPN clients don’t come with the same privacy-enhancing features that an app will throw in.
It’s tempting to think that if an app is built on an open source VPN, you could create a similar set up using that same source code and server connections of your own. But what you won’t get, without some degree of difficulty, are features like a kill switch – to cut off your internet connection if the VPN disconnects – or the ability to switch between a range of different protocols and server locations.
When your VPN is managed by the same people who manage the servers it connects to, updates happen at high speeds. You can load new configuration files to your own open source set up each time a server location stops working or becomes available, but it can be a lengthy process, and one which you find yourself repeating fairly regularly.
Protection against DNS leaks, WebRTC leaks and other similar issues is also something to consider, as well as the range of server locations that will be available to you if organising them yourself.
Why Do Some Users Prefer Open Source VPN?
The lack of bonus security features, and the risk of flaws in the setup process, seem like enough to put anyone off setting up their own VPN with open source software. The key reason some users choose to take this route is because of concerns over activity logging by VPN providers.
When you use a subscription VPN service, your web browsing activity takes place through an encrypted tunnel to keep prying eyes away – but the VPN provider responsible for your connection could still “see” your traffic. Different services note different rules on log storing, and while some state that they don’t store any information on their users’ activities, others admit to keeping records. When it comes to choosing a reputable VPN provider, looking at logging policies as well as things like number of server locations and range of security features is wise.
In theory, anyone can use an open source VPN – but without advanced technical knowledge, the best route for most people is to choose a VPN provider who has built a user-friendly app using open source code.