The SecureMac VPN Guide for macOS Users

Laptop Image

You’ve probably heard of VPNs, but if you’re like most people, you also have lots of unanswered questions about them. In this guide, we’re going to tell you everything you need to know about VPNs — including how to pick the right one for you!

For a comprehensive look at VPNs, you can read the full guide from start to finish. Or if you prefer, you can use the table of contents below to skip ahead to the topic you need.

  1. What is a VPN?
  2. What do VPNs do?
  3. Should I use a VPN?
  4. How do VPNs work?
  5. Is a VPN the same as HTTPS?
  6. Is a VPN the same as a proxy?
  7. Are VPNs anonymous?
  8. Problems with VPNs
  9. Should I use a free VPN?
  10. Which VPN is best for Mac?
  11. Installing a VPN on your router

Let’s start with the basics. What exactly, is a VPN?

VPN stands for “Virtual Private Network”. The function of a VPN is to create a secure connection over a network.

When you use a VPN, the data you send over the network is encrypted, and is first routed through a special server before heading to its true destination. That means that the people who control the network you’re on won’t be able to see what you’re sending — or where you’re sending it. In addition, no one else can see your true IP address, which helps to protect your privacy.

VPN
\ vē- pē-en \
plural VPNs

Definition of VPN
: a secure private computer network that functions over a public network

What do VPNs do

They Keep you safe by encrypting your transmitted data, which stops hackers from stealing sensitive information — even on an insecure or public network.

They protect your privacy by preventing Internet service providers (ISPs) and network administrators from spying on your web internet usage.

They let you work from home by allowing employees to securely connect to their office networks and access sensitive work resources.

They hide your location by routing all network activity through the VPN server; making only the VPNs IP address visible to the destination service.

They help defend human rights by allowing journalists and activists working in repressive regions to protect themselves from government monitoring.

They help fight censorship by allowing you to browse the web using an IP address based in another country, so you can see what “they” don’t want you to see.

Should I use a VPN?

You may be wondering if a VPN is right for you. It’s a personal choice, but before making any decisions you should consider what actually happens when you go online — and what that means in terms of security and privacy.

Whenever you send or receive data over a network, that data comes in chunks called “packets”. Those packets don’t just contain the actual data, they also contain information that tells networks and computers things about the data that they need to know — things like where the packets should go, metadata about what the packets contain, and the order in which the packets should be reassembled on the other end.

And believe it or not, all of that information is potentially visible to your ISP, to network administrators, or even to hackers with the right tools.

Packet Capture Sample
A packet capture reveals the user initiating playback from local machine ‘captainmurphy’ to an Airplay receiver.

Worst case scenario: If you’re sending data over a poorly secured connection, or using an insecure protocol like HTTP, other people may be able to see what you’re sending — the data itself!

But even when you use “secure” networks, other people can still see all of that extra information about the data you’re sending and receiving, even if they can’t see the actual data. For one thing, that means they know what websites you’re visiting — and it also means that they can make educated guesses about what you’re doing.

How does a VPN work? The details are complex, but the basic concept is actually pretty simple.

When you use a VPN, the VPN software installed on your computer encrypts all of the data before it ever leaves your machine. This is already an improvement over sending your data “in the clear” on a public network.

But then — and this is where the real privacy protections of the VPN come from — your data is sent to a server owned by the VPN, instead of directly to the website or service you’re trying to communicate with. The VPN server takes your data and relays it on to its true destination, and repeats the process in reverse when the site you’re visiting sends you data.

Let’s take a moment to consider what that means.

From your perspective, the experience of using the Internet with a VPN feels pretty much exactly the same. Other than firing up your VPN and picking a VPN server location when you go online, you just do what you normally would with Safari, Chrome, or Firefox, or with any other apps that require a network connection.

But from the perspective of anyone observing your network traffic, the VPN changes everything! Now, the only thing that they know is that you’re communicating with a VPN server — but they have no idea of where that server is sending your data. In other words, they can’t see what sites you’re visiting.

Similarly, the websites you visit are also going to be in the dark. They can see that traffic is coming in to their servers, and they can tell that it’s coming from an IP address owned by a VPN company — but they don’t know where the data is actually originating from. That means they can’t use the IP address to determine your true location, or associate the IP address with you personally.

The end result is improved security and privacy. Security, because your data and metadata is encrypted and snoop-proof. And privacy, because no one else knows what you’re doing, or where in the world you really are … just that you’re using a VPN server with a certain IP address.

How VPNs Work Diagram Devices How VPNs Work Diagram Traffic How VPNs Work Diagram Names How VPNs Work Diagram Encrypted
VPN software installed on your computer encrypts all of the data before it ever leaves the computer
How VPNs Work Diagram Encrypted
VPN software installed on your computer encrypts all of the data before it ever leaves the computer

Is a VPN the same as HTTPS?

That’s a good question! While there are similarities between the two technologies, they’re definitely not the same. As we’ll see, a VPN provides a level of privacy and security that HTTPS alone can’t offer.

HTTPS is a communication protocol used to transfer data over the Internet, just like HTTP. But the extra “S” makes all the difference: HTTPS is a secure protocol. HTTPS encrypts the data being sent over the network, and has built-in authentication capabilities that prevent malicious third parties from tampering with the data in transit or impersonating a legitimate website. HTTP doesn’t offer any of those protections, which is why it’s considered insecure, and which is also why big tech companies like Google are taking steps to force website owners to switch to HTTPS.

Security Tip: Always be sure to check for the HTTPS lock icon in your browser on any website before entering sensitive information. It’s usually located next to the URL bar in modern browsers.

But despite the security features of HTTPS, it has some limitations.

The biggest one is that ISPs and network owners can still see a record of your browsing activity, even if they can’t see the data that you’re sending and receiving. For example, they may not be able to see the particulars of your Google searches or your confidential banking details, but they can tell that you performed a Google search, and that you visited the Wells Fargo website. When you consider the sensitive data that could be exposed in this way (for example, time spent on a divorce lawyer’s website, or a series of visits to substance abuse counselling sites), it’s a little scary!

In addition, HTTPS can’t prevent the sites you visit from recording your IP address, which is one way that digital marketers are able to serve you those creepy targeted ads that know a little too much about your location. The ability to infer your physical location from your IP address is also how some websites block content by region.

VPNs, by contrast, prevent ISPs and other potential snoops from seeing where you’re going on the Internet — and can also be used to hide your IP address from the sites and services you use.

Is a VPN the same as a proxy?

VPNs and proxy servers both help to conceal your IP address when you’re online, but they’re definitely not the same.

Proxy servers function as intermediaries between you and the web service you’re using. Traffic from an application on your computer is routed through the proxy server and on to its destination. The same thing happens in reverse when the website or service you’re using needs to send data back to you. In effect, a proxy lets you “borrow” its IP address, allowing you to hide your true IP address — in much the same way that a VPN does.

However, that’s where the similarities end. The most important distinction between VPNs and proxies is that while VPNs encrypt your data, proxies typically do not. In fact, many proxy services send network traffic via HTTP, the same insecure protocol that HTTPS was designed to replace.

In addition, VPNs encrypt and route all network traffic originating from your computer. By contrast, a proxy only routes data from a single application (usually a web browser like Safari or Firefox), leaving all other applications on your computer exposed. If you want to use a proxy with additional apps, you’ll have to configure these one by one.

Proxies can be useful in some circumstances. If all you need is a cheap, easy way to spoof your IP address online, and you aren’t too worried about your privacy, a free proxy service might be adequate. For example, if you’re on vacation in a country that blocks certain news media sites, a proxy can be a “quick and dirty” fix that allows you to keep up with events back home (provided you’re not actually breaking any local laws by using one). But if you need to do anything more sensitive or serious than that, proxies can’t really compete with a good VPN.

Security Tip: Always be sure to check for the HTTPS lock icon in your browser on any website before entering sensitive information. It’s usually located next to the URL bar in modern browsers.

Are VPNs anonymous?

VPNs can do a lot to protect your privacy, but do they completely conceal your identity? Many people assume that when they use a VPN, they’re anonymous online — but this isn’t true.

  1. The VPN service itself knows who you are

    They can see the IP address from which you’re sending data to their servers. Depending on the VPN provider, this can result in logs of your web activity — logs which law enforcement or other government agencies may be able to access.

  2. VPNs can’t protect your privacy if you log in to web services

    If you sign in to website while using a VPN, the site knows that it’s you who just signed in, and whatever you do on their website during that session will be tracked, recorded, and monetized by their advertising algorithms.

  3. VPNs can’t conceal your network traffic patterns

    Although VPNs prevent third parties from seeing where you’re going online, a person with the right skills might still be able to analyze your encrypted network traffic and make some intelligent guesses about what you’re doing. If they see data transfer patterns more characteristic of video chat than of web browsing, they might be able to infer that you’re Skyping with someone.

So by all means, use a VPN for better privacy and security — but don’t think for one second that it makes you a ghost.

VPNs offer great benefits, but they’re not perfect.

VPNs can slow your connection.
While they don’t create noticeable problems for most users, you have to remember that VPNs are essentially adding an extra “stop” in the data transfer process, and that will result in a bit of latency — especially if you’re connecting to a VPN server halfway around the world.

Your ISP will know you’re using a VPN.
Even though they can’t see what you’re doing, an ISP routing data to a VPN’s server will still know that it’s going to a VPN. Most people won’t care about this, but if you live in a place where using a VPN is illegal or highly regulated, you could run into problems.

Not all VPNs are created equal.
Some have a poor selection of server locations to choose from, or suffer from connection speed issues. Others have more serious problems, and some may even compromise your privacy. Finding a good VPN means doing some comparison shopping.

Websites may block or flag VPN activity.
Accessing restricted content may not always work: Some sites are quite good at detecting and blocking VPNs. If you appear to be logging in to your account from a new location, this may be flagged as suspicious, requiring you to provide additional authentication.

Should you use a free VPN?

There are lots of VPNs on the market, with a wide array of features to choose from. Prices vary considerably, from completely free to costly premium subscriptions. So, should you trust a totally free VPN? We hate to say this, but probably not.

  1. Service limitations

    If you go with a free VPN, you’re going to run into the sorts of limitations that you find with most services that don’t charge you directly. That will most likely mean data caps, advertising, or a limited number of servers to choose from.

  2. Free VPNs may suffer security issues

    If a company isn’t making money from the product or service offered, then you need to ask yourself how much they’re able to invest in security — or where they’re cutting corners.

  3. Free VPNs are a potential privacy risk

    Paid VPNs have a clear financial incentive to safeguard their customers’ privacy. Free VPNs, on the other hand, lack that incentive — and may be tempted to share or sell your data with third parties.

Security Tip: For maximum security and privacy, choose a VPN service that has a “no-log” privacy policy. This ensures that no details of your network activity are logged while using the service.

Which VPN is best for Mac?

There are lots of things to consider when choosing a VPN, and different users have different needs — a VPN that would be a great choice for one user might not be right for another. We encourage you to think about what you need, what your priorities are, and to do your own research to find something that’s a good fit for you.

That said, Mac users tend to have certain things in common. They’re willing to pay a premium for quality; they prioritize security; and perhaps above all, they value their privacy.

NordVPN and Mullvad VPN are both great options if you’re looking for a secure, fast VPN service. They also offer excellent privacy protections: Both services have a strict “no-log” privacy policy, meaning that they don’t keep detailed records of your web activity on their servers. This protects your private data from the VPN provider itself, but also from governments and cybercriminals.

NordVPN

NordVPN is one of the big dogs of the VPN world. They offer a fast, easy-to-use VPN service with lots of server locations to choose from. Security is strong, and privacy is solid -- like all reputable VPN providers, NordVPN has a “no-log” policy.

Advanced users might find the interface and configuration options a bit basic, but for most people, NordVPN is an attractive choice precisely because it provides a simple, reliable VPN service.

Pricing starts at $11.95 per month, with discounted rates when buying a one-year or multi-year license, respectively.

Mullvad VPN

Mullvad VPN is a Swedish VPN provider with an unusual focus on privacy. They don’t log your activity, and process as little data about you as possible. In fact, Mullvad VPN doesn’t even require a username or a password to log in to the app (your username is just a large random number that they assign)!

They don’t offer as many server locations as some other VPNs, and some of those servers may be noticeably slower than others. But on the whole, if privacy is your main concern, Mullvad will be hard to beat.

You can pay the flat rate of €5 per month using privacy-protecting methods like Bitcoin or — no joke — cash in an envelope.

Installing a VPN on your router

One VPN client, installed on a single machine, is all that’s necessary in some cases: the person working from home who has to connect to their office network; or the traveller who just wants to use airport WiFi safely.

Home WiFi networks, however, often host multiple devices — especially when families are involved. After all, everything is networked these days, not just computers: phones, tablets, wearables, and “smart” devices that run the gamut from TVs to coffee pots. In such cases, it can make sense to install a VPN directly on the network router itself, rather than on each individual device. By putting a VPN on your home wireless router, you extend the power of VPN protection to everything on your network — and you can configure your VPN at a single point. In a world where bad actors have hacked baby monitors and installed botnet malware on IoT devices, that’s something you might like to have! But how do you actually do this?

How VPNs Work Diagram Devices How VPNs Work Diagram Traffic How VPNs Work Diagram Names How VPNs Work Diagram Encrypted
Installing VPN software on your router ensures outgoing network traffic is encrypted before even leaving your local network
How VPNs Work Diagram Encrypted
Installing VPN software on your router ensures outgoing network traffic is encrypted before even leaving your local network

First, you’ll need a WiFi router that supports VPN installation; not all routers do. If you have to purchase a new router, and you already have a VPN, ask your VPN provider if there are any manufacturers who sell routers with their VPN software pre-installed.

You’ll also need a VPN service that can be installed on your router. Many VPN providers support this, NordVPN and Mullvad VPN included. You can find the supporting installation instructions on their respective sites.

Next, you’ll need to install and configure the VPN on your router. This may first mean flashing your router’s firmware to a different firmware that supports a VPN service, such as DD-WRT, before you can actually tell the router to send all network traffic through the VPN’s servers. You’ll also have to configure your router to work properly with your chosen VPN. Luckily, most VPN providers know how daunting a task this can be, and offer step-by-step walk-through guides to help you through the process. If you’re paying for your VPN, you can ask their support group to help you if you get stuck.

Be aware that installing a VPN on a wireless router can impact performance somewhat, though you shouldn’t see any major slowdowns. If you do seem to be having serious speed issues, make sure that you aren’t “double-covered” — which is what happens when you run a VPN on your router and on your device at the same time. This creates a kind of “double VPN”, which can cause noticeable performance issues. If you have a VPN on your router, and it’s properly configured, you shouldn’t need another VPN on your devices when you’re on that network.

Installing a VPN on a home WiFi router isn’t for everyone, but it’s surprisingly doable — and it can be a cost-effective way to enhance security for every device on your network. If you’re willing to do a little bit of work to get things configured, and then troubleshoot any issues you may encounter, you’ll have a safer home network — and the setup process itself can give you a real sense of accomplishment.