What is the different of VPN and Proxy

images-15A proxy connects you to a remote computer and a VPN connects you to a remote computer so they must be, more or less, the same thing, right? Not exactly. Let’s look at when might you want to use each, and why proxies are a poor substitute for VPNs.

Selecting the Right Tool Is Critical

Practically every other week there’s a major news story about encryption, leaked data, snooping, or other digital privacy concerns. Many of these articles talk about the importance of beefing up the security of your Internet connection, like using a VPN (Virtual Private Network) when you’re on public coffee shop Wi-Fi, but they’re often light on the details. How exactly do the proxy servers and VPN connections we keep hearing about actually work? If you’re going to invest the time and energy in improving security you want to be sure you’re selecting the right tool for the right job.

Although they are fundamentally different, VPNs and proxies have a single thing in common: they both allow you to appear as if you are connecting to the internet from another location. How they accomplish this task and the degree to which they offer privacy, encryption, and other functions, however, varies wildly.

Proxies Hide Your IP Address

A proxy server is a server that acts as a middleman in the flow of your internet traffic, so that your internet activities appear to come from somewhere else. Let’s say for example you are physically located in New York City and you want to log into a website that is geographically restricted to only people located in the United Kingdom. You could connect to a proxy server located within the United Kingdom, then connect to that website. The traffic from your web browser would appear to originate from the remote computer and not your own.

Proxies are great for low-stakes tasks like watching region-restricted YouTube videos, bypassing simple content filters, or bypassing IP-based restrictions on services.

For example: Several people in our household play an online game where you get a daily in-game bonus for voting for the game server on a server ranking website. However, the ranking website has a one-vote-per-IP policy regardless of whether different player names are used. Thanks to proxy servers each person can log their vote and get the in-game bonus because each person’s web browser appears to be coming from a different IP address.

On the other side of things, proxy servers are not so great for high-stakes tasks. Proxy servers only hide your IP address and act as a dumb man-in-the-middle for your Internet traffic. They don’t encrypt your traffic between your computer and the proxy server, they don’t typically strip away identifying information from your transmissions beyond the simple IP swap, and there are no additional privacy or security considerations built in.

Anyone with access to the stream of data (your ISP, your government, a guy sniffing the Wi-Fi traffic at the airport, etc.) can snoop on your traffic. Further, certain exploits, like malicious Flash or JavaScript elements in your web browser, can reveal your true identity. This makes proxy servers unsuitable for serious tasks like preventing the operator of a malicious Wi-FI hotspot from stealing your data.

Finally, proxy server connections are configured on an application-by-application basis, not computer-wide. You don’t configure your entire computer to connect to the proxy–you configure your web browser, your BitTorrent client, or other proxy-compatible application. This is great if you just want a single application to connect to the proxy (like our aforementioned voting scheme) but not so great if you wish to redirect your entire internet connection.

The two most common proxy server protocols are HTTP and SOCKS.

HTTP Proxies

The oldest type of proxy server, HTTP proxies are designed expressly for web-based traffic. You plug the proxy server into your web browser’s configuration file (or use a browser extension if your browser doesn’t natively support proxies) and all your web traffic is routed through the remote proxy.

If you’re using an HTTP proxy to connect to any sort of sensitive service, like your email or bank, it is critical you use a browser with SSL enabled, and connect to a web site that supports SSL encryption. As we noted above, proxies do not encrypt any traffic, so the only encryption you get when using them is the encryption you provide yourself.