Can you teach me about VPNs, why I need one and what to get?

Yes, worthwhile. They put an additional level of security between your phone and the destination, particularly for personal emails, web searching, online banking, and so on and so forth.

There is a cost, as you noted. I subscribe to a VPN service (not just phone, but laptop too) for something like $4/month (I pay a year at a time). There are two additional factors: VPNs, because of the encryption they do, make your processor work a little harder, which means that the phone might appear to be marginally (not significantly) slower.

And depending on the VPN you get, it may be on all the time, or you may have to turn it on (using their app).

See the comparison – particularly the side-by-side comparison about privacy – at https://www.torrentfreak.com. Torrentfreak is a neutral observer, not trying to sell you anything. Most websites that talk about VPNs are trying to sell you on their product.

Is it absolutely necessary? No, definitiely not. Does it add a layer of security to your primary communications device? Absolutely.

The one I use is PIA (Private Internet Access), although there are a dozen equally good ones (and a lot of crappy ones).

Thanks @elbanditoroso, although I’m having a little trouble finding the side to side comparisons you were talking about. For some reason your link doesn’t work for me although I can google it.

Let’s assume you’re writing this post from your home computer. It connects to the internet via a router which talks to your ISP’s server (say Verizon as an example). That ISP takes web addresses like fluther.com and converts it into the actual IP addresses via a DNS lookup returning the actual IP of 35.81.115.104. Your computer is doing this via sending and receiving packets of data to and from the server located at 35.81.115.104.

Each packet your computer sends out has something like an envelope that says “from: [your IP address], to: 35.81.115.104” and then an identifier like “packet 5 of 347”. Within each “envelope” is a chunk of the data. All of these are routed through Verizon’s server. Verizon knows exactly what site you’re browsing and can use that data for whatever it wants to do. Furthermore, if you’re visiting a site that’s not protected, then anything between you and the server at 35.81.115.104 can not only read the envelopes, but also the contents of the packets themselves. This is most relevant if you’re on an unsecured network like a coffee shop, hotel wifi, airport, etc. where bad people may be sniffing packets looking for passwords, or the content of whatever’s being sent.

A VPN does multiple things. It acts like a relay in the chain between you and whatever site you’re talking to. So if you sign up with a VPN service, then your traffic gets routed through one of their servers (usually you’ll pick which one you want). This means that Verizon (or whoever your ISP is) will only see the final destination of your packets as the VPN server. They no longer have essentially global access to your browsing history. Likewise it obscures your actual location from the sites you’re browsing. So the admin at Fluther.com can’t see your real IP address, and only the location of the VPN server. This can be useful if, for example, you want to appear to be in a different country to have access to region-locked tv shows/sports/etc. or you’re in China behind the great firewall, or you’re worried about privacy.

Law enforcement and other legal means can subpoena those records from your VPN to identify you if you were doing something illegal (like hiring a hitman on the dark web), or civil suits can get access to this via court orders if you were illegally distributing/downloading copyrighted files, or trying to hack into a bank, so it’s not foolproof 100% anonymity. But if the VPNs are being run out of other countries, this can make the legal process of obtaining the records complicated and expensive. It may also mean the VPN is shady and might sell your info, knowing there’s little you can do to legally come after them if they’re based out of [insert weird country here]. So it’s a bit of a trust-dance if you will: your VPN knows a LOT about you.

The other major role the VPN plays is encrypting your traffic. If someone is running a packet sniffer, and intercepting packets being sent between your laptop (or phone) the hotel wifi and the VPN server, and they try to “open” your envelopes, all they will see is encrypted nonsense. I would expect anything involving HIPAA-protected records SHOULD be encrypted already, but if a colleague sends you a text message with identifying info that’s not encrypted and it goes over an open wifi network, it could be intercepted in theory (if they were sniffing packets on the network you’re connected to when that info happens to be sent unencrypted). Using a VPN could prevent a malicious actor from intercepting info like this.

I’m not an expert by any means, and the risks in these kinds of attacks tend to be lower because it requires the attacker to have physical proximity to your location during the transmission of unencrypted packets. That said, being in the Bay Area and possibly more affluent areas may put you at higher risk. A malicious actor likely would set up in a coffee shop in a nice part of town to try to steal passwords and other credentials that could be useful in a targeted attack on someone with enough wealth (or access to valuable data at their work) that it’s worth the risk. Airports and hotels are also common hunting grounds for this type of attack

Wow, @gorillapaws. You just blew me away. Thanks for the fast education that I didn’t even know I needed.

better link

Fantastic guys, thanks!
Gorilla, what service do you use?

The Opera browser comes with a free one. That is a good way to try one out.

@Caravanfan I use VPNUnlimited.

I can’t say I recommend them, though I’m sure there are many worse ones out there. I don’t have a lot of personal experience shopping many VPNs. A few years ago I asked for a recommendation from someone I trust. He said VPNUnlimited and so I’ve just kind of stuck with them since. If you’ve got an MD friend who is into tech, they might have a better suggestion.