Tracking & Privacy
What is a VPN? (and what a browser VPN can’t do)
Tunnels, DNS, logging, and threat models—plus what an extension-only VPN can and cannot hide compared to a full-device client.
eSafe TeamPublished Oct 22, 2025Last reviewed Jan 12, 20268 min read
Tunnels, DNS, logging, and threat models—plus what an extension-only VPN can and cannot hide compared to a full-device client.
Practical next step
Review installed extensions and what they can access before issues show up. eSafe can help you see permissions and risk signals in one place.
Go deeper
Our full on-site guide → expands on this topic with more technical detail and links to related reads.
FAQ
- Does a VPN extension protect all apps on my computer?
- Usually no—browser VPN extensions route browser traffic (and sometimes DNS) through the provider, while other apps keep using the normal network path unless you use a system-wide VPN client.
- Can the VPN provider see my traffic?
- The VPN server terminates your tunnel; providers can see metadata and, unless you use additional protections like HTTPS, may observe unencrypted content. Read privacy policies and independent audits where available.
- What should I still do besides using a VPN?
- Keep browsers and extensions updated, use MFA on important accounts, prefer HTTPS sites, and review which extensions can read page content—VPNs do not replace those controls.
Related browser risks
- Privacy settingsChrome extension privacy settings: chrome.privacy can flip WebRTC, DNS & tracking toggles—silent rollback, hardening audits & combo with …
- Network requestsHost permissions, fetch, declarativeNetRequest, redirects, documented abuse at reported scale, and mitigations.
- CookiesCookie APIs, HttpOnly limits, session theft, MFA, cited figures from reporting and research, and practical mitigations.
Scan your extensions to see if this permission is active on your profile—clear labels, no guesswork.
Add eSafe to Chrome