What’s a VPN kill switch?
A kill switch is a security feature of a VPN. It suspends your device’s internet connection if your virtual private network stops working. This is an essential feature for torrent users, for example.
The whole point of using a VPN is that it conceals your browsing activity and masks your IP address. It creates an encrypted tunnel between your device and its own servers, preventing external entities from seeing your activity.
And by routing your connection through one of the VPN’s own servers, your true IP address will be concealed.
But if your VPN connection fails, neither your internet activity nor your IP address will be protected. With no encrypted tunnel, whatever you’re doing online will be visible to your ISP. Similarly, your true IP address would be displayed, meaning other users could potentially see it.
So as a last resort, a kill switch forces your internet connection to cut off automatically if it detects your VPN is no longer working. This ensures your data will never be exposed, even if the VPN itself is disrupted.
How does a VPN kill switch work?
A kill switch has four responsibilities: it tracks your internet connection, detects technical issues, disconnecting you from the internet and resuming your connection once your VPN issues are resolved.
Here’s a step by step description of how a VPN kill switch works:
Scanning
It constantly watches your device’s connection to your VPN, scanning for technical problems, inconsistencies or changes in your IP address.
Identifying
It detects changes and issues that could disrupt your virtual private network.
Blocking
Once a disruption is established, the kill switch immediately forces an internet disconnect – this can apply to either your whole device, or only the specific application you’re using, depending on the type of kill switch you’re using.
Resuming
Once any technical issues have been overcome, and the VPN connection is restored, the kill switch will automatically allow your internet connection to resume.
This is a brief overview of how a VPN kill switch should work, in optimal conditions.
When does a VPN killswitch activate?
There are a few different things that will cause your kill switch to activate, or disconnect you from the internet.
- A change in the status of your VPN connection – this would indicate issues in the connection between your device and your VPN, meaning there’s no guarantee your activity is private
- A change in the IP address it detects for you – this might indicate you’ve been disconnected from your VPN, or simply that you’ve changed VPN server. Since the kill switch has no way of knowing for sure that you’re still connected to your VPN, it activates.
- An inconsistent network connection – your kill switch will activate if it detects an unreliable internet connection, since this could impact the effectiveness of your VPN.
Types of VPN kill switch
As mentioned above, a kill switch can operate in two ways. It can either cut off your connection at system level, or at application level. Here’s what that means:
System-level kill switch
A system-level kill switch forces your device as a whole to disconnect from the internet if it detects that your VPN is not working.
This type of kill switch detects any lapse in connection with your VPN, and sends a message to your device blocking it from connecting to the internet. This will force all applications on the device to disconnect.
For example, if you were using a VPN with your phone, and the kill switch activated, it would disconnect not just your browser application, but other apps such as messaging services too.
Your device’s internet connection would only resume once the VPN connection was restored.
Application-level kill switch
By contrast, an application-level kill switch affects only selected applications, instead of your whole. You would select those applications in advance, using the settings of your VPN.
An application-level kill switch is commonly used with Torrent clients (P2P networks) to ensure users’ IP address remains protected even if their VPN connection drops during their activities.
Why use a VPN kill switch?
The whole objective of using a VPN is to protect your data, be this your IP address or your browsing activity. But the reality is that even the best VPN service can encounter connection problems. This not only defeats the purpose of using a VPN, it also leaves you vulnerable:
Imagine you’re using a VPN to evade a political censorship, for example. By using a VPN, you’d be able to access material that’s normally off limits. But if your VPN fails, even for a moment, your true IP address would be connected with that website, which could leave you at risk.
There are many situations in which a VPN lapse could cause problems for users. So a your kill switch acts as a final security layer, ensuring that even if your VPN fails, your data and identity remain concealed.
Who should use a VPN killswitch?
In general terms, anyone who cares enough to install a VPN should also be using a kill switch. It simply protects your data in the event of connection issues.
Aside from being a logical move, using a kill switch can be particularly valuable for the following types of user:
Gamers
Gamers often use VPNs to decrease latency in their play, but that’s not the only reason. Increasingly, gamers are falling victim to DDOS attacks from their competitors, deployed via their IP address. A dropped VPN connection could leave a gamer vulnerable to this type of attack, making a kill switch an important tool in the gaming security kit.
P2P network users
Similarly, users in P2P networks face the risk that their IP address will be visible to other network members if their P2P VPN fails. Using a kill switch as a back-up means your IP address will never be exposed.
Torrent users
The crack down on torrenting means “spy nodes” are often lurking in Torrent swarms, trying to detect an IP address. Therefore Torrent users will likely wish to remain anonymous, even if their VPN fails suddenly. This is where a kill switch becomes important.
Journalists, researchers and politicians
And of course, for some individuals, remaining reliably private online is an essential part of life. For professionals like the ones above, a VPN alone is not enough. A kill switch is also essential to ensure anonymity, no matter what.
Risks of using a VPN without a killswitch
Using a VPN without a kill switch is a bit like riding a bike without a spare tire tube – you’re not prepared for the inevitable.
A lapse in your VPN connection leaves you open to the following risks:
IP address exposure
Your IP address is a unique online identifier that can be used to trace your internet activity. Exposing it
Visible browsing activity
If your VPN drops, your activity will no longer be encrypted. This means your internet service provider, and anyone they cooperate with, will be able to see what you’re doing online.
Leaves you vulnerable to public network hacks
If you’re using a public WiFi network and your VPN cuts out, your connection will no longer be encrypted. This means anyone with access to the network – a hacker, for example – could spy on your activity and potentially harvest your data.
You could be physically tracked
Since it contains information about your geographical location, an exposed VPN means your location can be traced, or your movements tracked.
Closing thoughts
The short story is this: if you feel you should be using a VPN, you should definitely be using a kill switch too. You can think of it as a last security measure, ensuring your data remains safe even if your virtual private network lets you down.
Of course, a kill switch is far from the only important security feature you should look for in a VPN. True data security means checking for no-logs audits, AES encryption and a substantial network of servers. But now the concept of a kill switch has been demystified, you’re in a great position to make a more informed choice.
