One of the best reasons to use a VPN is to get around pesky location restrictions on streaming movies and other content. But before you shell out money to a VPN that promises servers in dozens of countries, make sure they're telling the truth about them. Trust, but verify. Image remixed from originals by SuriyaPhoto (Shutterstock) and musicman (Shutterstock).
Most VPN service providers offer a trial period — however brief — where you can test out the service and cancel if it's not to your liking before you're billed for your first month as a premium subscriber. Luckily, that's all the time you need to make sure that those servers that they promise live in the US, or Germany, or the UK, are actually there and not just proxies, or worse, US IP addresses labelled "Brussels" or "Capetown".
The folks at SlickVPN posted this story to their blog that reminds us that the easiest ways to see through the vapour of a VPN's exit server promises are tools that have been at our disposal since the dawn of the internet: Traceroute and ping.
If you have the technical knowhow, you can perform traceroutes/pings to tell where a gateway is actually located. The results from this test/experiment would look something like this:
ExampleVPN is supposed to have a location in Auckland, NZ. If a traceroute (tracert) to its hostname is performed from Chicago, USA:
Tracing the path to ExampleVPN New Zealand IP location (18.104.22.168) on TCP port 80 (http), 30 hops max
- 10.1.2.25 0.479 ms 0.428 ms 0.556 ms
- 10ge-2.ge146.chi1.colocrossing.com (22.214.171.124) 0.684 ms 0.633 ms 0.595 ms
- ae16-386.chi11.ip4.gtt.net (126.96.36.199) 1.156 ms 1.163 ms 1.137 ms
- xe-9-1-0.chi11.ip4.gtt.net (188.8.131.52) 1.148 ms 1.161 ms 1.166 ms
- be3027.ccr41.ord03.atlas.cogentco.com (184.108.40.206) 1.675 ms 1.621 ms 1.440 ms
- be2461.rcr12.b002281-5.ord03.atlas.cogentco.com (220.127.116.11) 2.011 ms 2.192 ms 2.087 ms
- 18.104.22.168 1.695 ms 18.736 ms 2.145 ms
- 22.214.171.124 [open] 1.565 ms 1.565 ms 1.513 ms
It is apparent from the ping times and traceroute that the server is located in Chicago, not NZ. It's impossible to go from Chicago to NZ in 1.5ms since that's faster than the speed of light.
And when you connect to ExampleVPN's New Zealand IP location and traceroute out:
traceroute: Warning: www.google.com has multiple addresses; using 126.96.36.199
traceroute to www.google.com (188.8.131.52), 64 hops max, 52 byte packets
- 184.108.40.206 (220.127.116.11) 1533.225 ms 67.066 ms 61.497 ms
- 18.104.22.168 (22.214.171.124) 60.668 ms 61.971 ms 60.919 ms
- 126.96.36.199.in-addr.arpa (188.8.131.52) 61.250 ms 72.902 ms 69.437 ms
- ip81.208-100-42.static.steadfastdns.net (184.108.40.206) 69.190 ms 67.959 ms 70.124 ms
- xe-0-0-1.core4.chi02.steadfast.net (220.127.116.11) 74.908 ms 65.975 ms 61.235 m
- eqix-ch-100g.google.com (18.104.22.168) 62.341 ms 61.326 ms 60.149 ms
First few hops confirm that you're in Chicago.
We explain how to use traceroute and ping in this post, so if you're not familiar, don't worry, it's not difficult.
Of course, the full story goes on to highlight how SlickVPN's New Zealand exit server is actually in New Zealand, so it's meant to make them look good. In this case, that's OK, because they're being honest about where their servers are located.
This is another step in making sure your VPN is trustworthy before you give them your money every month. It's all too easy to spin up an instance on an Amazon Web Services or other Virtual Private Server (VPS) provider, download OpenVPN for free, install it and call yourself a VPN provider. Then you can rake in (often pricey) monthly subscription fees from users who think they're getting a secure, multi-site VPN when all they're really getting is a leaky tunnel that anyone with time, patience and a little technical skill can do on their own.
Taking this tiny extra step, as well as checking reviews, looking over the VPN's cancellation and billing policy and checking their logging and data retention policies are critical to making sure your privacy and your security are preserved when you use a VPN — as well as that you're getting the basic service you're paying for.