What a VPN Actually Does (And Why Most Devs Use It Wrong)

Every developer I know has a VPN. Most of them have it running while they're logged into Google, sending data through Chrome, and using apps that do their own certificate pinning — which means the VPN is protecting approximately nothing meaningful in that moment.

This isn't a knock on VPNs. It's a scoping problem. Here's what the tool actually covers, what leaks around it, and how to test it properly.

What's Actually Happening at the Network Layer

A VPN operates at Layer 3 (Network) of the OSI model. It creates an encrypted tunnel — typically using WireGuard, OpenVPN, or IKEv2/IPSec — between your device and a VPN server. All IP traffic gets routed through that tunnel.

Protocol comparison:

This isn't a knock on VPNs. It's a scoping problem. Here's what the tool actually covers, what leaks around it, and how to test it properly.

What's Actually Happening at the Network Layer

Protocol comparison:

What a VPN Actually Does (And Why Most Devs Use It Wrong)

What a VPN Actually Does (And Why Most Devs Use It Wrong)

Other newsrooms on this story

Related reading

I built 5 free VPN diagnostic tools — here's what most online testers miss

What is a VPN and do you need one?

Test a DNS Leak in 2 Minutes: Complete Methodology + Per-OS Fixes (2026)

‘Won’t Fix’—All VPN Apps Affected As Google Android 16 Leaks Info

Pros and cons of using a VPN

This serious Android VPN bug can leak your internet traffic – here's what you…

Other newsrooms on this story

Related reading

I built 5 free VPN diagnostic tools — here's what most online testers miss

What is a VPN and do you need one?

Test a DNS Leak in 2 Minutes: Complete Methodology + Per-OS Fixes (2026)

‘Won’t Fix’—All VPN Apps Affected As Google Android 16 Leaks Info

Pros and cons of using a VPN

This serious Android VPN bug can leak your internet traffic – here's what you…