https://www.youtube.com/watch?v=A_l4WB2Yvk8&list=PLcajvRZA8E09bgru8xIqsQrEjgH6YM27e&index=70
VPN client and the VPN server refer to software, but oftentimes a computer is dedicated to function as a VPN server, so the hardware and software can be thought of as one and the same.
The VPN client software connects to a computer running VPN server software. Typically, the VPN client software runs on your devices:
phone,
tablet,
laptop,
desktop computer,
router etc.With Consumer VPNs, the servers are provided by a VPN company such as
Mullvad,
ProtonVPN,
NordVPN,
IVPN and
hundreds more.
(Google’s Jigsaw division provides a free VPN called Outline. It differs from Consumer VPNs in that they provide the VPN server software that you have to install, configure and operate. They do their best to make setting up the VPN server as easy and cheap as possible. As to easy, they provide desktop software to install and configure the VPN server. As for cheap, the point out that the VPN server can be run on cloud-based Linux Virtual Machines for as little as $5 US/month. They also claim that their VPN is harder for bad governments to block. In October 2022, the Washington Post said that nthLink offers a version of Outline that is easier to install and more flexible but nthLink website appear totally devoid of information; a useless site chock full of buzzwords.).
The connection between VPN client software on your device and a VPN server, somewhere on the Internet, is referred to as a “tunnel“.
When it is working as designed, all data entering and leaving your computing device travels through the tunnel and is encrypted/decrypted by the VPN software at each end.
Only the two devices at each end of the tunnel can see the data. To anyone/anything outside the tunnel, all they see is encrypted useless junky bits.
Who is outside the tunnel? The router you are connected to and the ISP connecting it to the Internet. If you are in a public coffee shop, your fellow coffee drinkers are outside the VPN tunnel.
Blocking spying by an ISP is especially important in the US, where ISPs are allowed to spy on their customers and sell that data. For details on this see, Internet Service Providers Collect, Sell Horrifying Amount of Sensitive Data, Government Study Concludes by Karl Bode (Oct. 2021).
That a VPN hides everything from the router and the ISP is how people can bypass restrictions and see websites that others try to block.
Routers are computers and some routers can function as VPN client, some can function as a VPN server, some can do both and some can do neither. Most likely the router provided by an ISP can not do either function.
The advantage to using VPN client software in a router is that all the devices connected to the router are protected by the VPN tunnel created by the router.
This can protect devices, such as a Smart TV that are not able to run VPN client software on their own. There are two reasons to use a VPN server in a router. The first is to provide a secure way to access the devices in your home when you are away from home. The other reason is to use your home router as a free replacement for paid VPN providers.
Again, when away from home, you can connect to the VPN server software in your home router and use that secure, encrypted tunnel to hide your activities from the devices near you. Note however, that this does let your home ISP spy on you.
Some people have argued that since a “secure” website (using HTTPS) prevents others from reading the content of web pages, there is little need for a VPN. However, others can still tell which websites you visited. In some cases, just the website name gives away too much information. And, websites are not the only thing on the Internet. With mobile apps, for example, you can not tell if data is being transmitted securely or not.
In addition, a VPN will change your public IP address, so you can pretend to be in a different physical location. This can be used to hide your physical location, just as Tor does. However, Tor only attempts to hide activity inside the Tor web browser, whereas a VPN typically functions at the operating system level and thus controls all the bits coming and going.
However, by the time a VPN client program on any computing device connects to a VPN server and creates a VPN tunnel, the public IP address of the device has already leaked.
Thus, people who really want to hide their physical location should not use a VPN on their computing device. Instead they should connect to a router with an existing VPN connection.
Picking a VPN provider is difficult, see:
Android VPN Permissions – 2019 Study;
How a VPN Review Site Dominates Google Search With a Scam;
How to Find a Trustworthy VPN;
Do You Trust Your VPN? Are You Sure?
Signals of Trustworthy VPNs – Questions for VPN Services;
Michael Horowitz has his opinions on good/trustworthy VPN providers, email him for his suggestions.
VPN providers can spy on you, in the exact same way that an ISP can spy on you when you are not using a VPN.
If you are using a VPN on a device capable of both Wi-Fi and 4G/LTE/5G (pretty much every smartphone) it is best to disable the network connection that is not connected to the VPN. There is always a chance, especially on iOS, that data can leave the device on the network without the VPN.