If you use a VPN, you expect it to keep your personal details and internet activity private and secure all the time. But how would you know if it failed? Many VPNs suffer VPN leaks. ExpressVPN leak testing tools are the only way to check the reliability and safety of your VPN.
What is a VPN Leak?
If you’re using a VPN, it’s probably at least partly because you know about the high risks of identity theft, hackers, and fraud and you want to keep your personal details private. But, did you know that your VPN could leak?
Ideally, a VPN protects you the whole time that you’re using the internet, from the moment you switch it on until the moment you turn it off, by keeping all of your data safely encrypted within a private ‘tunnel’ so that no one can access any identifying details. But, sometimes even the best VPN can have a ‘leak’, where the encryption fails even for a millisecond and leaves some part of your data exposed.
Although every VPN will assure that it’s leak proof, research by ExpressVPN shows that almost every VPN has leaks from time to time. “Our internal research suggests that most VPN providers are falling short,” said Harold Li, vice president of ExpressVPN.
How Does a VPN Leak Affect My Privacy and Security?
A VPN works to keep your personal details, internet activity, and financial information hidden from hackers, identity thieves, or government surveillance by transmitting it within an encrypted ‘tunnel’. If the VPN stops working in any way, your personal details, internet activity, or IP address could be left exposed.
Depending on the severity of the leak, how often it occurs, and how long it lasts for, your ISP or a third party might be able to snoop around your internet usage. Without any protection, hackers can seize the opportunity to lift your personal information. Government surveillance could gather enough personal details about you, such as your IP address that gives away your location, to react to internet activity that you thought was private.
What are the different types of VPN leaks?
There are four main types of VPN leaks:
- Plain IP leak. This is when your public IPv4 or IPv6 IP address is visible, leaking through the browser. It’s dangerous because it can give third parties information about your location. If your IP leaks you also won’t succeed in getting around geo-restrictions on entertainment sites like Netflix.
- IP traffic leaks. This is when your data travels outside of the secure VPN tunnel. If this happens it means that all of your personal details, financial details, passwords, and any other information that you send online isn’t encrypted or protected from prying eyes.
- DNS leaks. DNS leaks are when the DNS traffic leaks outside of the VPN. There are two types of DNS leaks. In one case, the DNS traffic travels outside of the VPN tunnel entirely. In another instance, the DNS traffic does stay within the tunnel but is misdirected to a DNS server that’s not run by the VPN.
- WebRTC leaks. These are unfortunately fairly common for users who are connected with IPv6, but they can occur even with other IP versions. A WebRTC leak is when your public IP address is visible via the browser’s WebRTC functionality, which has the same effect as a plain IP leak.
It’s possible to have more than one type of leak going on at once, such as a DNS leak and an IP traffic leak. Many VPNs do have DNS and IP traffic leaks when there’s a disruption like a network transition. If there’s an IP traffic leak then there is probably also a DNS leak.
It’s also worth noting the WebRTC IPv6 leaks are very common and serious, but since few people use IPv6 connectivity, it’s not yet a widespread issue. Because WebRTC IPv6 leaks are so common, there is already a tool to test for this scenario.
What are the Scenarios of VPN Leaks?
VPN leaks can occur in a few different scenarios. What ExpressVPN calls ‘vanilla leaks’ are the most serious, as they occur during regular VPN activity without any triggers. Vanilla leaks are rare among reliable VPN providers.
Disruption leaks are much more common. They take place when a cable is yanked, the user switches from WiFi to ethernet, WiFi to cellular data, or between any networks, when DNS servers are changed, if the WiFi or the router goes down, or if traffic is disrupted by a firewall. A VPN can also leak if the VPN server crashes or if there’s a sudden total power cut. Some types of disruption are more likely to occur than others. For example, ExpressVPN leak testing tools classify a VPN leak when an ethernet cable is removed as being more serious than a leak caused by the VPN server crashing since the removal of a cable happens more often than a server crash.
There are different levels of severity for a VPN leak:
- A persistent vanilla leak is the most serious type of VPN leak. It means that your data is constantly seeping through the VPN and isn’t protected. Fortunately, most VPNs are able to prevent these leaks.
- A persistent triggered leak is the next level. It means that you only have a VPN leak when there’s a trigger, such as changing networks, but that the leak continues undetected even once the trigger has stopped. Depending on the trigger and how often it’s likely to occur, this can be pretty serious as well.
- A Temporary triggered leaks are VPN leaks that are caused by a particular event but only last for a short period of time. Although this might not sound so serious, even a short period of time is long enough for plenty of data to be leaked to hackers. Also, if the trigger occurs frequently, a third party or your ISP could gather enough data to learn about your internet activity.
ExpressVPN Leak Testing Tools
ExpressVPN originally developed a set of leak testing tools in its Privacy Research Lab, in order to test the strength of its own VPN. ExpressVPN wanted to be able to use both manual and automated regression testing on its own VPN services.
As time went on, ExpressVPN came to realize that many popular VPN services suffered from leaks. More seriously, customers don’t know that this is a danger. ExpressVPN decided to release its leak testing tools as open source tools under the MIT License, which can be used by anyone in the VPN industry to increase VPN privacy and security.
ExpressVPN leak testing tools can be used by anyone to test for these different types of leaks:
- IP address leaks
- IP traffic leaks
- DNS leaks
- WebRTC leaks
- BitTorrent leaks
- Unstable network connection leaks
- Unreachable VPN server leaks
At the moment, ExpressVPN leak testing tools suite is only equipped to run on Mac or Windows operating systems, but ExpressVPN plans to extend them to be compatible with all major operating systems.
The ExpressVPN leak testing tools are the first open source leak testing tools to be available publicly. It is hoped that these tools will advance the reliability and protection of all VPNs for all users. You can learn more about the benefits of ExpressVPN for protecting your personal data and hiding your internet activity by consulting our ExpressVPN review.