What’s the difference between a proxy and a VPN?
Published by Paul Bischoff on April 1, 2016 in VPN

tunnel

Proxies and VPNs are both tools used to route your internet traffic through a third-party server, masking your IP address and location. Both are used to bypass firewalls and geo-locks while also adding a layer of privacy.

The main difference between all types of proxies (with the exception of SSL) and VPNs is the lack of encryption. Encryption included with most VPN clients makes them more private and secure than proxies, though potentially a bit slower. VPNs usually route all internet traffic from all ports–whether it’s on your web browser, Spotify player, torrent manager, or online game–whereas proxies often just route a specific type of traffic, such as HTTP or torrents.

Both VPNs and proxies have free and paid options, though users should be cautious and read through the provider’s privacy policy. This is especially true for free web proxies because they are unencrypted, meaning the provider has the power to monitor and log your activity. For both VPNs and proxies, seek out “logless” or “zero knowledge” options when privacy is a concern.

Paid VPN and proxy providers tend to have a better selection of server locations than their free counterparts.

Types of proxies

The functionality of proxies vary by type: HTTP, SOCKS, SSL, and DNS are the main types of web proxies we’ll discuss here.

HTTP proxies are the most common free type of proxy and are often used to get around firewalls put in place by schools and offices. They are typically only used with web browsers, either through a browser extension or a web app. Paid HTTP proxies tend to offer excellent speed and mask the user’s IP address, but they are not encrypted.

SOCKS proxies work for all types of traffic including apps and games. They are usually set up in each individual apps settings and can also be used in web browsers for specific sites and pages. This is useful if you want a proxy that works on an as-needed basis instead funneling all or none of your traffic. Again, SOCKS proxies don’t come with any encryption.

DNS proxies are usually set up in your device’s internet settings, rather than installing a native app, extension, or modifying another app’s settings. The main use case for DNS proxies is to fool websites that geographically restrict content into thinking you’re somewhere your not. VPNs can also achieve this, but many streaming sites like Netflix, Hulu, and BBC iPlayer have started blocking VPN connections. DNS proxies, also called Smart DNS, are less likely to be blocked and in fact are faster than VPNs due to the lack of encryption.

SSL proxies are similar to HTTP proxies in that they are primarily used for web browser traffic. The difference is an added layer of encryption. The connection between your computer and the proxy server is encrypted, and the connection between the proxy server and the website is encrypted. The proxy server acts as a man-in-the-middle, on which your traffic is decrypted and then re-encrypted. Because your data is decrypted on the proxy server for a short time, be sure you trust the host. SSL proxies are useful for accessing blocked websites that require more security than what’s offered by HTTP proxies, such as login pages. Be warned, however, that they are still not as safe as VPNs, which never decrypt your traffic on the middleman server.

Shared vs Private VPN IP addresses

VPNs take all the traffic coming to and from your computer, encrypt it, and route it through a server in a location of your choosing. The encryption tends to make VPNs a tad slower than proxies, but they are far more secure. Using a VPN while connected to a public wifi hotspot, for example, makes you far more invulnerable than a proxy will.

VPNs usually run as native clients. Some free options exist, but they tend to be either insecure, slow, unstable, or have a data cap. Paid VPNs, like the ones we review on Comparitech, are far superior and tend to be more feature-rich.

A VPN can either use a shared public IP or a private IP. A shared public IP is exactly what it sounds like: dozens, even hundreds of users connect using the same IP address. This adds a significant layer of anonymity to the VPN, but it also makes it easier for websites to blacklist those IP addresses.

Less common are VPNs that offer private IP addresses. In this case, each user is assigned an IP that only he or she can use. Depending on the provider and app, the user might use the same IP all the time or switch each time he or she connects. This is less anonymous because it’s easier to track a private IP to a specific user, but websites like Netflix have a more difficult time determining whether an IP used by a single person is coming from a VPN or not. Private IPs are less common due to limited supply of unused IPs available.

Tor

Tor, also called the Onion Router, was the gold standard of anonymity on the internet for over a decade. It’s popularity is gradually being taken over by VPNs, but Tor is still free and widely used. Tor routes a connection through several random relays before ending up at the final destination.

Tor encrypts traffic between each relay, but that encryption can be compromised if the end website does not use SSL. Because of all those relay nodes that your traffic must past through, Tor significantly slows down browsing speed. Finally, Tor’s popularity among dissidents, journalists, hackers, and criminals has made governments more suspicious of Tor users, so using it can put a target on your back for closer surveillance.

Related: Beginner’s guide to Tor

Tunnel” by Moyan Brenn licensed under CC BY 2.0

Leave a Reply

Your email address will not be published. Required fields are marked *