Some VPN services for its users implemented a feature called VPN kill switch. It might not be so clear what exactly it does and what it is for.
To break things down here’s an in-depth explanation of what a VPN kill switch is, and when you would want to use it.
What is VPN kill switch?
A VPN Internet Kill Switch is a feature that protects you from IP leaks. It only allows internet traffic to travel via a VPN. Your internet is immediately cut off on accidental VPN disconnects if the feature is turned on. This will prevent leaking your real IP address without compromising your privacy.
What does a VPN kill switch do?
One type of a VPN Internet Kill Switch cuts off your internet connection, while another quits selected apps. Both Kill Switches start to work on a VPN disconnect. This prevents revealing your real IP address, location, and protects while torrenting.
How does a VPN Internet Kill switch work
A VPN Internet kill switch monitors the status of your VPN connection. It uses firewall-like technologies to detect any VPN disconnects. If a VPN connection is lost then the Kill Switch firewall rules take effect immediately. This blocks all traffic that does not travel to a VPN server. The internet starts working again once the connection to a VPN server is restored.
An Internet kill switch works like a firewall. It uses specific rules to filter or block internet traffic that goes from your device. For example, on Windows, the best kill switches use a WFP – Windows Filtering Platform. This is a Windows native API used in all modern firewalls. The main principle of a Kill Switch is to create a set of rules that take effect immediately when it is turned on.
Types of a VPN kill switch
There are two types of Kill Switch. One affects your internet connection system-wide and the other one affects your apps. When talking about an Internet Kill Switch, it is mainly referred to as the first type. Not all VPNs use the App Kill Switch as it is a secondary feature.
System-wide Internet Kill Switch
This type of Kill Switch terminates the internet connection system-wide. It acts as a firewall when the connection with a VPN server is lost. The effects of this feature take effect immediately once the VPN connection drops. This ensures that none of the unencrypted internet packets are leaked.
App Kill Switch
This is a simpler version of the first feature. With an App Kill Switch, you can choose to close specific applications on a VPN disconnect. This feature is not as effective as the previous one, since it might take some time to close the apps. There is still a chance that your true IP address can leak while closing the app.
Related read: How to use a VPN for specific apps or websites?
Should you always use a VPN Internet Kill Switch?
A VPN Internet Kill Switch is good for privacy and protection from IP leaks. But should you use it all the time? It depends on what you do online and what are your preferences. There are some situations where it is advised to turn it on.
Let’s see when you should use a VPN Kill Switch.
When torrenting and downloading
The Kill Switch feature is extremely important when torrenting or downloading files. Many ISPs track your internet traffic and can detect torrenting. If your ISP gets notified about illegal file-sharing you might get a big fine. A VPN Kill Switch prevents leaking your IP which could expose your torrenting. It often is very handy in cases when you disconnect from a VPN and forget your P2P app running in the background.
When working with sensitive data
Your data is at risk of being snooped on while browsing on public networks in cafes or airports. When working with sensitive data a kill switch could prevent data breaches. It would also allow transferring files only via a secure connection.
When concerned about privacy
If you are generally concerned about privacy you should always turn the feature on. But make sure you are OK being without an internet connection when a VPN is turned off. This can cause some inconvenience, but for privacy reasons, it might be worth it.
When streaming online
If you are streaming on any platform you should always use a VPN Kill Switch. Sometimes your location can be revealed if a VPN connection accidentally drops. Also, if streaming on P2P platforms like Popcorn Time, you should protect your real IP address. Sometimes watching movies on such platforms can be considered as illegal torrenting.
When wanting specific apps to quit
Sometimes you want specific apps to quit on VPN disconnect. You can use an App Kill Switch that can do just that. This might be handy when torrenting or working with sensitive data. But note that App Kill Switch is not as effective as an Internet Kill Switch. It is considered as a secondary feature.
Why There’s No VPN Kill Switch on iOS
iOS is quite a closed platform and comes with a lot of limitations. Apple restricts certain functionalities of the platform due to security reasons. So, VPN app developers must navigate between those restrictions. This means that sometimes not all features can be developed on every OS.
A feature called “Always-on VPN” was available for both iOS and macOS. It was acting somewhat like a VPN kill switch, but not exactly. This feature would automatically reconnect to a VPN when a connection was lost. But it did not block incoming or outgoing traffic outside the VPN tunnel.
How to test VPN kill switch
It is quite difficult to test a kill switch feature since it requires a random VPN disconnect. But, there are some basic and advanced ways to replicate such a scenario:
Here’s how to test a VPN kill switch:
- Enable VPN kill switch
- Manually disconnect from the VPN server
- Check your Internet connection
- You should not be able to access any websites
- Your torrents should stop downloading
- Connect to a VPN server
- Your internet connection should be restored
An advanced way to test a kill switch
An advanced way to test a kill switch feature requires some networking knowledge. You would need to use a free network monitoring app called WireShark. We will not get into detail on how to use this software.
But, here is some guidance on how you could test a kill switch with WireShark:
- Set up your Wireshark and connect to a VPN. You will see your internet traffic going to a VPN server’s IP address
- Start downloading some torrents – all internet traffic should go via the VPN server’s IP address
- Manually disconnect from the VPN server. Now you should immediately see that internet packets are stopped or dropped.
- If Internet Kill Switch works, you should not see any connections made besides to VPN server’s IP.
- After connecting to a VPN, all connections resume. Traffic should be only to the VPN server’s IP.
- For a better visibility, filter out local network traffic
A VPN kill switch is an advanced VPN feature that is used in case of an unexpected disconnect from the VPN server. Without a kill switch, you could expose your location, IP address, or personal data.
You should use this feature when torrenting or working with sensitive data. Some great VPN services have excellent Kill Switches. Here are some of them: