Useful terminology - The meaning of VPN terms
The meaning VPN, encryption, privacy, and security terms are often unfamiliar to non-geeks, so we’ve created this handy glossary of terms you’re likely to come into contact with when learning about or buying a VPN.
Choose a letter or hit CTRL - F to search for a particular word or phrase.
Adware: Software that is given free of charge but contains adverts and directs users to sponsors websites. Adware can collect user data to be sold for marketing purposes.
AES Advanced Encryption Standard: A set of encryption schemes that is considered very strong. It is based on the Rijndael cipher, which is Explained here and excellent at keeping data private.
Backdoor: A weakness that is deliberately built in to software to allow governments and law enforcement (or anyone really) to bypass security encryption, giving them a ‘back door’ to otherwise private and secure information.
Bandwidth: The total amount of data that can pass through a network in a given timeframe. Bandwidth is usually measured in bits per second.
Brute force attack: The process of trying as many possible solutions to a problem in order to obtain the correct one. Can be used to gain access to encrypted data by using an algorithm to try all possible passwords, although modern encryption is far too strong for this to work in most cases.
BitTorrent: A communication protocol for peer-to-peer file sharing (P2P) which can be used to distribute and share large files quickly and efficiently. Bittorrent is commonly used to download copyrighted material such as movies and tv shows. It is very easy to trace a BitTorrent user’s IP address so it’s important to use a strong VPN service that allows P2P.
Bitcoin: An open source, decentralized virtual currency and payment system that uses a peer-to-peer network to verify and encrypt transactions. It was the first cryptocurrency, and remains the most widely used.
Blockchain: A continuously updated list of records (blocks) used as a public record that cannot be modified. Cryptocurrencies such as Bitcoin use blockchain to record every transaction, and new uses for blockchain technology are being thought up rapidly.
Botnet: A network of computers infected with viruses that can be controlled remotely. A botnet can be made up of thousands of personal computers that the owners don’t know are infected, and can be used to further spread the virus or send spam.
Cipher: An algorithm for encrypting and decrypting data. The most secure cipher used for VPN encryption is OpenVPN.
Client: a desktop computer or workstation that is capable of obtaining information and applications from a server.
Connection logs: A limited record often kept by VPN companies that includes data such as connection times and locations. Different to activity logs, which record a lot more information, such as web pages visited, time on page, etc.
Cookies: Small files downloaded by web browsers that store information about certain web pages. Some cookies are used for harmless and useful user experience optimization such as remembering preferences and login details, while others are used to track users across the internet.
Cryptocurrency: A form of decentralized currency that uses cryptography to secure and verify transactions, eliminating the need for banks. Many cryptocurrencies exist, such as Bitcoin, Litecoin, and Etherium.
Darkweb: A ‘hidden’ part of the internet that requires specific software or authorisation to access. Darkweb pages are not indexed by Google or other search engines. The majority of darkweb sites are private websites, paywalled sites, usenet groups, etc. There are also networks such as the TorHidden Services that offer a high degree of anonymity. The Silk Road is a famous Tor Hidden Services site that people used to buy drugs, weapons, and illicit services.
Data retention: Policies and laws governing the storage of personal or other data.
DDoS: A distributed denial of service attack is a method of overwhelming a network with requests, messages, or other data, from many sources at the same time, to the point where the it can no longer function.
DD-WRT: An open source router firmware that allows greater control and more options over your network. DD-WRT is very popular due to its relative ease of installation (see here), and many personalization options.
DHCP: Dynamic Host Configuration Protocol, the method by which routers assign IP addresses automatically. This allows you to connect to the coffee shop wireless even after more than 254 people have already; IP addresses are recycled as wireless clients come and go.
DNS: Domain Name System, translates people-friendly domain names (www.google.com) into computer-friendly IP addresses (18.104.22.168). DNS is especially important for VPNs as some countries return improper results for domains intentionally as a way of blocking that website. When using a VPN, the DNS is handled by the VPN provider rather than ISP.
DNS Leak: When using an incorrectly set up VPN, an ISPs DNS lookup may be used instead of the VPN company’s. This makes IP tracking very simple, and effectively makes the VPN useless.
Encryption: Turning normal data such as text files, spreadsheets, etc. into code to prevent unauthorized access. Encryption can be found all around us, from Facebook messenger to websites and online banking. Strong encryption is vital for security and protection online.
End-to-end encryption: A form of encryption where only the users have access to the encryption key, meaning the company providing the encryption service can’t decrypt the data, and therefore cannot be compelled to hand it over.
Ethernet: The standard transport used for most LAN connections, connections usually run over CAT5 cable and use an 8P8C/RJ45 plug these days.
False Positive: An incorrect detection of malicious activity or infection.
Firewall A program that checks traffic coming in and out and sorts through it accordingly. It's usually used for blocking unauthorized or suspicious connections. A common setup in routers is to allow all outgoing traffic (assuming devices on the network are not malicious) and any incoming traffic that is part of an established connection.
Firmware: The set of software and data that instructs specific hardware how to behave. Firmware is usually stored in flash memory, so that it isn’t wiped when it loses power.
Flashing: Reinstalling, deleting, or changing the firmware stored in a piece of hardware’s flash memory.
Full disk encryption: Encrypting all data on a disk, including system files and operating system, etc. so that authentication is necessary for startup.
Gateway A machine that serves internet; on most LANs this is the device the router's WAN connects to (like your modem). Sabai VPN Routers have the multi gateway feature which gives the user simple access to both their local ISP's gateway and their remote VPN's gateway.
Geo-blocking: Restricting access to online content based on location. BBC iPlayer, Youtube, and Netflix all use Geo-blocking to uphold licensing agreements. One of the biggest uses of VPN is to disguise location in order to access geo-restricted content.
Handshake: The handshake protocol is used to negotiate, verify, and establish a TLS session between a client and a server. Encrypted data can only be transferred between client and server once the handshake has been successfully completed.
HTTPS: A protocol that provides SSL encryption to websites. HTTPS is vital for any website that asks for user’s information (via forms, payment, etc.) as it encrypts data between the user’s computer and the website’s hosting server. Most browsers show a green ‘secure’ icon in the address bar for pages that have HTTPS. Browsers are also beginning to show a warning message when users try to access a non-HTTPS protected website.
IP: Internet Protocol, usually seen in reference to an IP address, this is how internet service providers know a computers location in order to deliver the packets of information you request. If two computers shared an IP address, the net doesn't know which computer requested to see Google and which requested to see Netflix.
IPsec: Internet Protocol Security, an encryption method used in VPN. Requires client software to be accessed by each device. IPSEC is important because unlike with PPTP and OpenVPN, where packets are encrypted and sent out through normal packets, IPSEC encrypts them at a more fundamental layer. All packets between two machines with IPSEC set up are encrypted (not just those routed through a tunnel). IPSEC is essentially an agreement to encrypt communications between the two devices, which is why L2TP needs PPP for routing. Encrypting all packets between a client and server is not enough to set up a VPN; that also requires the client to forward all its outgoing communications to the server so the server can then forward them to their destination, which requires a tunnel program to handle.
IP leak: One of the major reasons that people use a VPN is to mask their true IP address. An IP leak is when the true IP address of a user can be seen despite the use of a VPN.
ISP: Internet Service Provider, the company that provides your basic internet service. These companies are usually regional and vary depending on your location in the world. Your ISP also provides your DNS service and firewalls, which can be intentionally broken to block either websites or PPTP in countries exercising internet control.
Kill-switch: A VPN/ internet kill-switch is a feature of some VPN clients that blocks all internet traffic if the VPN connection is dropped, thus protecting the user from having their true IP and activity exposed.
L2TP: Layer 2 Tunneling Protocol, another form of VPN, L2TP is more secure and stable than PPTP and usually faster, although application effects this speed. L2TP uses encryption that, like OpenVPN, is based on OpenSSL and AES. This, like with OpenVPN, can be changed (but usually isn't).
LAN: Local Area Network, the very common network that a router operates on. See also WAN.
Logs: Records kept by a service provider. Some VPN providers keep logs of users’ online activities such as connection times and even websites visited. Usage logs contain actual activity when connected to the VPN, whereas connection (aka metadata) logs are records of which VPN server is used, and the times of connecting and disconnecting. Where logs are kept, subpoenas can be issued.
MAC Address Media Access Control Address, MAC addresses are distinct addresses on the device level and is comprised of a manufacturer number and serial number.
Malware: Malicious software used to disrupt normal computer operation, collect data, or hold computers to ransom by encrypting files (see ransomware).
Mpbs Megabit Per Second, literally 1,000,000 bits per second. Generally refers to speed of VPN or Internet connection.
This is a bit muddled by a major nerd oversight for the last fifty years. Mega as a standard prefix refers to 10^6. However, computers count in powers of 2, not 10. By all rights a kilobit should be 1000 bits, but computers consider it 1024 (2^10) bits, just as they consider a Megabit 1048576 bits (1024*1024=2^20). They created new prefixes, kibi, mebi, gibi (kilo binary, mega binary, giga binary) for 1024, 1048576, and 1073741824 (2^10, 2^20, 2^30). So... a service provider may supply their speeds in conflicting notations, though this is usually in the user's favor, as 'kilobits' usually means 1024 bits instead of 1000 bits for ISPs, as opposed to HDDs where users expect 1024 of a unit and get shortchanged by 24 of them.
Further complicating understand speed units is the fact that computers, despite popular misunderstanding, don't communicate in bits. Bits are not addressable as memory; rather, computers speak in what are usually units of 8 bits--the byte. (Though some computers have larger bytes, even as many as 256 bits to a byte--this is not, BTW, the difference between 32 and 64 bit computers; that has to do with the size of the processor's instructions, and I won't even go there!) So a user who gets 8 Megabits/second may be nonplussed when running Speedtest and sees 1MByte/s, even though that's what they pay for.
MRU Maximum Receive Unit, the largest data packet size that can be received by a system. This is an adjustable setting that can cause login lags and problems with Outlook issues. See your VPN service provider for setting help. See also MTU, below.
MSS Maximum Segment Size: specifies the largest amount of data that a device can receive in a single TCP segment. Specific to OpenVPN.
MTU Maximum Transmission Unit, the largest data packet size that can be transmitted through a system. This is an adjustable setting that can cause login lags and problems with Outlook issues. See your VPN service provider for setting help. See also MRU, above.
Network Interface a network hardware device, usually identical to an ethernet port. However, there are also virtual interfaces like pppN and tunN (ppp5 and tun0 for PPTP and OpenVPN on a Sabai router) that don't correspond to physical devices, but are used logically for creating the VPN connection and giving it something to route over.
NIC Network Interface Controller, the piece of hardware in your computer that connects to the network.
Open Source software: Software for which the source code is freely accessible and can be audited, modified, and distributed. Auditing is especially important in security software as it can identify weaknesses or backdoors.
OpenVPN Not just a VPN protocol, OpenVPN is an open source program that facilitates VPN. OpenVPN is a more secure option and will work anywhere in the world.
P2P Peer-to-Peer, allows access and sharing of files in such a way that distributes the workload and only requires a central server to operate as a tracker - a server that sends out client information so that peers can connect to each other. Without the tracker, peers are just like a person sitting by a phone with no phone book.
Packets: data sent over networks is divided into discrete, regularly sized pieces called packets. These have a definite form and size, though there are several kinds of packet.
Port An IP is not enough of an address for all purposes. A single machine may receive all sorts of communications, and so packets come not just with an IP but also with a port. The protocol is usually specified with the port, as the two often go together. Port 80/TCP is used for HTTP--serving web pages; however port 80/UDP is not generally used at all. Port 443 (TCP) is common too (for HTTPS), and port 53 (UDP) carries DNS. Other important ports include 123 (UDP) for time servers, 1723 (TCP) for PPTP, and port 1194 (TCP or UDP) for OpenVPN's default. The combination of an IP, protocol, and port for two sides of a connection is known as a socket.
PPTP Point-to-Point Tunneling Protocol, possibly the simplest form of VPN, PPTP is fast but not the most secure option and is easy to block. Learn more about PPTP.
Protocol (TCP and UDP) Two common protocols for packets. UDP is light-weight and fast, but has no confirmation. Information sent using UDP can arrive incomplete because there is no method for identifying when packets are lost. Video and audio streams are usually sent using UDP because it is very fast and the occasional lost packet doesn't greatly effect the resulting A/V signal. TCP is generally larger, contains more information, and 'always' arrives, as when packets aren't received they're requested again.
Proxy: Similar to a VPN, a proxy server can be connected to by a computer before accessing the internet to change its apparent IP address. Unlike a VPN, proxies don’t encrypt the data, and are therefore not useful as a security or privacy measure.
Shared IP: Many VPN companies provide increased protection to their customers by offering shared IPs, whereby many users access the same IP on the VPN server at the same time, making it more difficult to track an individual user’s activity.
Simultaneous connections: The number of devices a user can simultaneously connect to the VPN service. This could be laptops, smartphones, TVs, etc. Simultaneous connections are only important if you’re connecting directly via a device, a VPN router doesn’t have this limitation.
Spyware: a form of malware that sends the attacker sensitive data about the target’s activities.
Subnet: the range of IP addresses a router can talk to on a certain interface. For our routers it's commonly 192.168.199.1-192.168.199.254. You can get the subnet by taking the router's LAN IP and applying the subnet mask.
SSID: Service Set Identifier, SSID is the unique identifier for a network. SSID functions similar to an IP address or domain name, and can be defined by the network owner.
SSL: Secure Socket Layer, a security scheme which commonly involves certificates, which are hard to fake numbers exchanged between two computers.
TOR: Short for The Onion Router, TOR is a network designed to give anonymity to it’s users while they surf the web. A connection to the TOR network passes through several nodes around the world, each time being encrypted, and finally uses the IP of an exit node to connect to the internet. Due to this very thorough privacy process, the TOR network can be very slow to use. Within the TOR network is TOR Hidden Services, a seperate internet Darkweb, that can be accessed without connecting to an exit node.
Tunnel: A VPN tunnel is the encrypted packets of data travelling between a computer, or other device, and a VPN server. The tunnel part is what keeps the data private. Once the data passes through the VPN server, it is decrypted and the tunnel ends.
Two factor authentication: A two step authentication process that requires, for example, entering a password AND having a code sent to your phone.
Usage logs: information retained by a VPN provider that shows user activity, i.e. web pages have been visited, for how long, true IP address, etc. Usage logs are dangerous as companies can be compelled to hand over data to law enforcement.
VPN is a Virtual Private Network, VPN's create a secure, private network over a larger network like the internet. Most use a client service to connect to VPN. Common uses of VPN include unblocking government blocked websites, security, anonymity, virtual firewall, American IP, safe public WiFi, static IP, and lower skype rates.
VPN Router: A WiFi router with custom firmware that can handle a VPN connection. At Sabai Technology, we specialize in custom VPN routers.
WarrantCanary: Gagging orders are often used to stop companies from alerting their users when a subpoena is issued that could affect users. A warrant canary is a regularly updated statement that no subpoena has been issued. If it isn’t updated, it means there’s an issue and users should assume the service is compromised.
WAN Wide Area Network, generally a connection to the wider, outside world. The internet is the best and possibly the largest example.
WEP Wired Equivalent Privacy, a misleading name because it is not very secure. WEP is an old wireless security scheme that has been widely deprecated in favor of WPA/WPA2.
Wireless A, B, G and N Each a different wireless protocol. A and N both use 5GHz frequencies, while B and G use the 2.4GHz bands. There are some major differences in them, but the frequencies are almost all that ever matter.
Wiretapping: Remote monitoring of phone calls, often by governments and law enforcement.
WPA Wi-fi Protected Access, a system of wireless security; this is less a protocol or encryption scheme as a way of using protocols and encryption schemes.