WordPress Plugin Acquisitions: What They Say About the Future

The WordPress plugin marketplace is seeing quite a bit of consolidation lately. And, even if you aren’t a close follower of the business side of things, it’s likely some of these moves will impact you. For example, the recent sale of the wildly-popular Advanced Custom Fields plugin is a pretty big deal. The free version…

VPNs: What They Are, and Why You Need One

VPNs: What They Are, and Why You Need One – SitePointSkip to main contentFree JavaScript Book!Write powerful, clean and maintainable JavaScript.RRP $11.95 Are you concerned about your online privacy and security? The first thing you should do is use a VPN service. They’re effective, affordable, and easy to use. There are plenty of effective options that cost between $3 and $10 per month.
If you’ve been thinking about using one, now’s the time. Privacy is an important issue that we become more aware of as it’s taken away. You’re losing more of it day by day, and today you can do something to take it back.
In this article, I want to let you know how precarious your online privacy has become, outline how a VPN can help, and examine how well popular VPN services are doing with the issue.
Let’s get started by looking at the fundamental concepts of VPNs.
What Is a VPN?
When you use the Internet, you are identified by your IP address. It’s assigned to you by your internet service provider (ISP) and used by them to send back the information you request, such as web pages. They can also use it to make a record of every website you visit.
As you surf the Web, each packet you send contains your IP address. When you realize how much about you can be learned from that simple piece of information, it’s scary!
An IP address can reveal your location and ISP. It’s logged by most of the websites you visit, and over time, they can associate it with other personal information you supply, such as your name, phone number, and address.
When you type in the address of a website, a DNS server is queried so that you can be directed to the IP address of that website. By default, that DNS server belongs to your ISP. They create a log of all of your DNS queries to create a complete history of your web activity.
As you can see, the Internet is not a very private place.
A virtual private network, or VPN, protects your privacy by routing your traffic through a third-party server. Everything still goes through your ISP, of course, but it’s encrypted.
That means they can see that you’re connected to a VPN, but that’s all. Even your DNS queries go through the VPN server so they don’t know which sites you visit.
On the other side of the connection, all traffic is associated with the VPN server’s IP address, not your own, and that address is likely to change on a regular basis. Your web activity is visible, but your identity isn’t. There’s no way to trace that activity back to you.
Privacy Is the Primary Reason to Use a VPN
Maybe you feel like you have nothing to hide, but that doesn’t mean that others should be able to create a complete log of everything you do. You wouldn’t be comfortable if I followed you around recording everything you say and taking photos of everything you do. You’d find that creepy.
The same goes for our online activity. We shouldn’t feel that Big Brother from George Orwell’s Nineteen Eighty-Four is looking over our shoulder.

The way most of the Internet works today would be considered intolerable if translated into comprehensible real-world analogs, but it endures because it is invisible. — Signal.org

But that sort of tracking has become pervasive. In fact, in some parts of the world it’s a legal requirement. Some governments require ISPs to log your entire web history and provide government agencies and other authorities controlled access to it.
What’s the situation where you live? Let’s look at the mandatory data retention laws in four parts of the world.
The UK
The Investigatory Powers Act was passed by the UK government in 2016 and requires web and phone companies to store the browsing histories of all of their customers for 12 months. They are required by law to share these records with the police, security services, and government agencies.
Chris Yiu, who leads the Technology & Public Policy program for the Tony Blair Institute, compiled a complete list of who can see where British web surfers have been. I counted 48 different agencies. Since this information is stored online, Chris also wonders how many malicious actors have also got their hands on the information.
Can things get any worse? Unfortunately, yes.
The Register reports that the list is set to expand considerably. They reference a 2020 government memorandum (PDF here) that recommends adding even more agencies.
They feel that the environmental agency, department of health, pensions regulator and others deserve to see which websites Brits are accessing. It’s comical and ridiculous that the UK National Authority for Counter Eavesdropping is included on the list.
The European Union
Browser history tracking is less of a concern in the EU. The Data Retention Directive of 2006, which allowed police and security agencies to access users’ IP addresses, email metadata, phone calls, and text messages, has been annulled.
After a landmark court case in 2014, it was found to violate human rights. “The blanket retention of data of unsuspicious persons generally violates the EU Charter of Fundamental Rights” (a legal opinion quoted by Wikipedia). The Data protection and online privacy page on Europa.eu outlines new rules that protect your personal data, and you can learn more from the Blueprint for Free Speech’s “EU Court Rules Users’ Data Can’t Be Collected by ISPs for Surveillance”.

While that’s encouraging, it’s not all good news. There are major concerns on another front: censorship.
The EU is planning to launch a content filter in 2022 with the goal of protecting press publications. We don’t yet know how it will be implemented, but it has the potential to break the Internet. In recent news, an upload filter passed into German law (details here in German). Fortunately, VPNs are also an effective way to bypass censorship.
Australia
The Australian Department of Home Affairs summarizes the data retention obligations Aussie ISPs are under, and Aussie Broadband and Comparitech spell it out a bit more clearly. Here’s what they need to retain for two years:
Who you called, texted, and emailed
When you made those calls, texts, and emails
Your location
The volume of data exchanged
Information about the device you use
Your email address
Your IP address
One thing’s clear: ISPs aren’t required to log our browsing history. That government web page states that “Internet service providers are not required to retain a person’s web-browsing history or any data that would amount to web-browsing history.”
But before you breathe a sigh of relief, The Guardian reports that they’re doing it anyway, quoting Michael Manthorpe, the Commonwealth Ombudsman. He warns that some telecommunication companies are logging our web browsing histories and handing it over to law enforcement when their customers are under investigation. ITNews confirms this.
The United States
There are no mandatory data retention laws in the United States, but they’re probably doing it voluntarily. Ars Technica and Proton Mail report that a law passed by Congress in 2017 (S.J.Res.34) allows ISPs to sell and share users’ browsing history with advertisers without their knowledge or consent.
As scary as that is, ISPs are not the biggest threat to privacy in the USA. There are bigger players tracking you.
The first is the National Security Agency (NSA), who store the whole world’s internet metadata in their enormous database. US tech, communications, and finance companies are legally obliged to share customer data with them when presented with a National Security Letter (NSL). ExpressVPN’s helpful article, “10 ways the NSA is spying on you right now”, clearly enumerates the concerning details.
There are also big tech players like Amazon, Google, and Facebook. They know everything there is to know about what you buy, where you browse, and what you like. A VPN won’t stop you voluntarily sharing your personal information with them, but it can make it harder for them to connect the dots by tracking every site you visit.
Which VPN Services Are Most Committed to Protecting Your Privacy?
Using a VPN entrusts your privacy into the hands of a single entity: your VPN provider. They alone know which websites you visit. It’s crucial that you choose one that you can trust.
What is their business model? If they’re not making money from the subscription fees they charge, they may be monetizing your web history.
Where are they located? They will often (but not always) be under the same data retention obligations as ISPs in that country.
What personal details do they collect about you? Do they allow you to pay for the service anonymously by using cash, gift cards, or cryptocurrency?
Does their privacy policy state that they won’t log your activity? How do you know that they don’t? Are they audited by third parties? If they’ve been taken to court, did they have any logs to share?
Let’s look at how some leading VPN providers protect your privacy.
1. ExpressVPN
When it comes to privacy, ExpressVPN is one of the most highly respected VPNs out there. Their most affordable plan is $99.95/year (equivalent to $8.32/month) and anonymous payments via bitcoin are possible.
They’re not as fast as some of their competitors, or as successful at streaming geo-protected content. But their servers use RAM-only servers, so once the power is turned off, no data is retained.
They’re located in the British Virgin Islands, where your data can legally be kept private, and their no logs policy has been tested in court.
As reported by Techspot, Turkish authorities failed to force them to provide customer data in one case. They rightly pointed out that they’re not subject to US and EU laws. When they couldn’t obtain information, they decided to seize hardware — an ExpressVPN server located in Turkey — but recovered no information because there were no logs.

2. Surfshark
Surfshark provides many of ExpressVPN’s privacy benefits as well as faster servers, reliable media streaming, and no limit on the number of devices you can connect. Their most affordable plan is $59.76 for two years (equivalent to $2.49/month). Anonymous cryptocurrency payments (CoinPayments, CoinGate) are supported.
Like ExpressVPN, they’re located in the privacy-friendly British Virgin Islands and use RAM-only servers. Their no logs policy has been independently audited, and the source code of their Chrome and Firefox extensions have been analyzed by Cure53, a German cybersecurity company. VPNInsights summarize the findings.

3. NordVPN
NordVPN is fast, secure, and easy to use. It has a good privacy policy and offers additional security features. Its most affordable plan is $89 for two years (equivalent to $3.71/month) and this can be paid for with cryptocurrency if you want to remain anonymous.
You can trust their no logs policy. They are located in Panama where there are no mandatory data retention laws, and they’re audited by PricewaterhouseCoopers AG in Switzerland, an independent company who verify they keep no logs.

4. Private Internet Access (PIA)
Private Internet Access is a company whose no logs policy has been verified in court. It’s a service with an easy-to-use app suited to non-technical users, and its most affordable plan costs $69.95 for two years with a bonus two months (equivalent to $2.69/month).
While the company is based in the Unites States, Techspot reports that their no logs policy has been tested and verified in two different court cases, one in 2016 and the other in 2018. They had no information to hand over to the court or FBI.

5. ProtonVPN
ProtonVPN is a company that places a strong focus on privacy. Their service costs $159 for two years for the Plus plan (equivalent to $6.63/month) and a limited free plan is also available. Payments can be made via bitcoin.
They company is based in Switzerland, which has strong privacy laws and remains outside of US and EU jurisdictions. Their apps are open-sourced and independently audited.

6. CyberGhost
CyberGhost is fast and affordable, and offers excellent security and privacy. Their most affordable plan is $99 for three years (equivalent to $2.75/month), and this can be paid using bitcoin.
They’re based in Romania and have a UK parent company. They have a strict no logs policy and also offer “NoSpy” servers for an additional fee. These are housed away from third parties in a special data center.

7. TorGuard
TorGuard allows you to choose the balance between speed and security with easily-accessible settings. Their most affordable plan is $139.99 for three years (equivalent to $3.89/month), which can be paid for anonymously with gift cards or cryptocurrency.
They’re based in Germany and claim to keep no logs at all, though their policy could be clearer. According to PCMag Australia, company representatives report that there are constant security audits and a bug bounty program, though none of the audits are publicly available.

8. PureVPN
PureVPN is a popular VPN service that was unfortunately found to be keeping records of which IP addresses clients access while claiming to have a no logs policy. The most affordable plan is $79.92 for two years (equivalent to $3.33/month), but there’s no way of paying this anonymously.
Restore Privacy reports that, in a court case, they were able to attain enough information from PureVPN to arrest a suspect on cyberstalking claims. They are obviously keeping some record of user activity, but they’re not the only VPN where “no logs” means some logs.
The company, which is based in Hong Kong, has since tried to clean up their game, and their no logs policy has been audited and verified by Altius IT.

9. Mullvad VPN
Mullvad VPN is a lesser-known VPN with a good reputation in privacy circles. They have a flat monthly rate of €5/month and one-time payments can be paid anonymously using cash, gift vouchers, or bitcoin. However, they have servers in fewer countries than most of their competitors.
They do have strong privacy policies and don’t ask for any personal information (not even an email address) when you set up an account. They’re based in Sweden where VPNs are not required to log their users’ activity, and they hire lawyers to keep abreast of changes in legislation that affect privacy. The only personal information they’re required to keep is your payment method.

Final Words
If you’re concerned about privacy, I hope I’ve convinced you to do something about it. Start protecting your online privacy today by signing up with a reputable VPN service. They cost as little as $3 per month when you pay in advance. You can’t afford not to use one!
Privacy is just one benefit. I cover more in The Best VPNs for Developers and also explore each VPN provider in more detail. Check it out so you can make a more informed decision.
Related Articles10 Top WordPress Ecommerce Themes for 2021WebBy

8 Tips for Designing Instagram Stories That Don’t Suck

Instagram stories are one of the hottest social media formats. The vertical format allows creators to share videos, photos, and mixed media content in a streaming medium, and introduces an entirely novel layout to design for. The tricky part is creating stories that are enjoyable, shareable, and help people engage with your account, brand, or…

40 Free Web & Mobile UI Templates for Figma

Designing an effective user interface is not an easy task. However, when you have the right tools at your disposal, it becomes easier. The first step is to find a tool that you’ll enjoy working with and that has all the features you need in UI design software. Luckily, Figma fits that bill quite nicely.…

OAuth redirect URIs

I started working with a company yesterday to help with their blog and social media (I’m not a web developer at all), and they sent over an email basically saying “we have no idea what this means, can you help?”Should I be concerned about this? And can anyone point me in the right direction. Most of the stuff I’m reading from Google is going over my head.

Which free or cheap VPS management software would you recommend to a complete newbie?

I’ve recently bought an offshore VPS, but I don’t know much about Linux and server management. I just know basic stuff.I came across Moss.sh and I fell in love with it. It’s easy and does the job without any complex configurations. One thing that bothers me is that there haven’t been any changes in their platform or social media for months. I’m not even sure if the project is alive or not.I’ve checked RunCloud, and it will be my final purchase if I don’t find anything better and affordable.I’ve also tried ApisCP and CyberPanel, and both of them are very complex for a beginner like me.After reading all this, what would you suggest?ThanksEDIT: I will be hosting a WordPress site on the VPS