Example blog

How do no-log VPNs destroy their logs?


Bildagentur Zoonar GmbH/Shutterstock.com

When you search for the best VPN, you’ll quickly notice that all VPNs, from best to worst, promise they’re “log-free”, “log-free” or some variation of those words. How do these services get rid of logs, or even avoid creating them?

What are newspapers?

To understand what happens to them, let’s first recap what logs are. When you establish a connection between two devices (it doesn’t have to be over a VPN, or even over the Internet), a record is created to record or save that connection. A collection of these records is called a log file, or journal for short.

The name probably comes from the logbook that a ship’s captain keeps to record events aboard his vessel. Similarly, a device keeps a log file of everything it has come into contact with. Logs are a useful tool: you can see if a problem has happened before or determine if there were any telltale precursors before a problem occurred.

Logs and VPNs

For VPNs, however, logs are a bad thing. A common use of virtual private networks is to hide what you do online, and having a record of all your connections is detrimental for this purpose. After all, if a VPN were to keep logs, anyone authorized to do so could request them and see what a VPN’s customers did.

As a result, all VPNs claim to be no-log VPNs, meaning they don’t keep logs, but still delivering on that promise is another story. There are several examples of VPN services that may have produced some sort of logs when they received a warrant from law enforcement. However, even if we only take bona fide VPNs as an example, how do they get rid of logs?

How VPNs Destroy Logs

Essentially, there seem to be two ways to get rid of logs. The former is less about destroying them than banishing them to a deep, dark hole, while the latter is about not creating them in the first place.

Write to /dev/null

Most VPN servers run on Linux, which is good for a number of reasons, one of the most important of which is a file called /dev/null. This file has been described as a “black hole” by almost everyone we spoke to. This is a file that if you write data to it will be deleted – it will just disappear from the system. There’s no trace of it, and you can’t find it; it just went away like it never existed.

This is convenient for a number of reasons, but in the case of VPNs, it’s vital. Rather than writing logs to a part of the system that actually logs information, the VPN is configured to write log information directly to /dev/null, throwing it away. Mullvad explains the technology a bit more in its privacy policy.

Diskless Servers

However, after speaking with several of the top VPNs, we feel the industry is moving away from /dev/null and further away from log creation. Part of the veil has already been lifted by ExpressVPN when it moved above its TrustedServer technology and involves a special kind of server that only runs on random access memory (RAM).

These RAM-only or diskless servers have no long-term storage capacity. The logs there are only saved in the server’s RAM and therefore only exist temporarily. There are some connection traces left in RAM, but these are then erased when the server is restarted. ExpressVPN restarts weekly, for example, while other services may maintain a different schedule.

Not that there’s much to erase: ExpressVPN has designed its VPN protocols so that almost no logs are created. The weekly reset only wipes out a few breadcrumbs. Other VPN providers may do something similar, or somehow combine the two approaches, by writing logs to /dev/null and then using diskless servers to erase the last traces. .

More newspapers?

Confirming all of the above is impossible among a group as diverse and low-key as VPN providers, but it looks like diskless servers are the wave of the future, at least. In an email, NordVPN confirmed that it uses this method, and Mullvad is currently in the process of making the switch. Private Internet Access’s NextGen servers are also RAM only.

It’s not clear if there’s a problem with writing to /dev/null or if this move is done purely for convenience. RAM-only servers are blazing fast and can handle a lot more traffic before losing speed, as well as not writing any logs. This is great news for VPN consumers as well as services, as better speeds should attract more customers.

Of course, there’s also the peace of mind that diskless servers bring. Since this type of server should make it impossible, or at least much more difficult, to keep logs even if the VPN wanted to, there’s extra protection in a system that still relies heavily on users’ trust in their provider.

If you’re considering using a VPN or aren’t happy with your current choice, check out our recommendations for the best VPN services available.

Source link