When looking for the best VPN, you will quickly find that all VPNs, from the best to the worst, promise that they are “free”, “no logs” or some variation of those words. How do these services remove records, or even avoid creating them?
What are Logs?
To understand what happens to them, let’s first rethink what records are. When a connection is created between two devices (it will not go through a VPN, or even on the Internet), a record is created that saves or saves the connection. These collections of records are called log files, or journals for short. The name probably comes from the captain’s log book that records the events of his ship. Similarly, the device keeps a log file of everything it accesses. Recording is a useful tool: you can see if a problem occurs first or find out if there is something that is talking before a problem occurs.
Logs on VPNs
For VPNs, however, logging is a bad thing. The most common use of virtual private networks is to hide what you do online, and having a log of all your connections defeats that purpose. After all, if a VPN were to keep records, anyone authorized to do so could request them and see what the VPN client did. As a result, all VPNs claim that they are no log VPN, which means they do not keep logs, but still delivering on that promise is another story. There are many examples of VPN services that may have created some kind of record when they obtained a warrant from law enforcement. However, even if we only take a good VPN as an example, how do they remove logs?
How VPNs destroy records
In fact, there seem to be two ways to get rid of trees. The former is less about destroying them than banishing them into the dark space, while the latter is about not creating them in the first place.
Write to /dev/null
Most VPN servers run on Linux, which is good for many reasons, one of the most important being a file called /dev/null. This file has been described as a “black hole” by almost everyone we spoke to. This is a file and if you write to it the data will be deleted – it will disappear from the system. There is no sign of it, but you will not see it; it went like never before.
This is good for many reasons, but when it comes to VPNs, it’s important. Instead of writing logs to the part of the system that actually logs information, VPNs are configured to write log information directly to /dev/null, and discard it. Mullvad explains the technology a bit more in its privacy policy.
A diskless server
However, after talking to several of the top VPNs, we think the company is moving away from /dev/null and away from log creation. ExpressVPN has upped the ante when it moved on top of TrustedServer technology and included a special server version that runs only on RAM. These RAM-only or diskless servers lack long-term storage capabilities.
The location records are only stored in the server’s RAM, so they are only temporary. There are some links left in RAM, but these are deleted when the server is restarted. ExpressVPN restarts every week, for example, while other services may maintain a different schedule. Not that there’s much to delete: ExpressVPN has designed its VPN system so that no logs are created.
Weekly reset only cleans a few cakes. Other VPN providers can do something similar, or somehow combine the two, by writing a record in /dev/null and use a diskless server to clear the last trace. .
No more Logs?
Confirming all of the above is not possible with groups that are as low-key as VPN providers, but it seems that diskless servers are the wave of the future, at least. In an email, NordVPN confirmed that it is using this method, and that Mullvad is currently making the change. NextGen’s personal Internet access servers are also RAM-only.
It is not clear if there is a problem with writing to /dev/null or if this move is just for convenience. RAM-only servers run faster and can handle a lot of traffic before speed, and write no logs. This is good news for VPN buyers and services, since good speeds should attract more customers. Of course, there is also the peace of mind that diskless servers bring.
Since this type of server should make it impossible – or at least more difficult – to keep records even if VPN is required, there is another security in the system that still depends on the trust of users and who brings them. If you’re considering using a VPN or you’re not happy with your current options, consider our recommendations for the best ones.