You read it again and again, that a VPN provider now also has a software that has a "kill switch". But what is actually this kill switch and what does it and especially how.

First of all, there is the problem with a VPN that it is gone when the connection breaks. Actually logical. Just doof when you are no longer under VPN protection. The second stupid is that when the VPN connection is gone, you are via the normal internet line, the WiFi of the hotel or a acquaintance on the Internet.

Scenario: You use a public WiFi and are in the process of reading your mails or doing online banking. You actually log in to your email account with the VPN, read 1-2 mails and during that time the VPN connection breaks down. You don't notice that and keep clicking through your emails. Only that from the moment all data goes directly over the public WiFi and an attacker could (read) it.

A kill switch works like this when the VPN stops, access to the actual Internet connection is cut off, so that nothing runs over the unencrypted connection. Great thing like that! But how does this work and how does the software notice it?

Technical explanation: It is not a witchcraft if you know what is actually happening in the background of the connection software. I explain it using an access software that connects via OpenVPN.

OpenVPN uses a so-called TAP interface (TAP driver) to establish the connection via port 1194. This TAP interface is a virtual interface, so to speak, like the network connection on the laptop/PC or a W-Lan adapter.

The encrypted connection is established over port 1194, and all this is then used for data exchange or Internet access to this virtual interface. This interface is more prioritized in time – but if the connection is interrupted, the last interface "W-Lan/Network" is active again.

If this does not happen, everything else is blocked with the help of a firewall, all ports and interfaces "except port 1194" to the outside! In this case, the OpenVPN / Access software connects via the only port 1194 through the Internet to the VPN server and from there you can then do what you want. If the VPN connection is gone, only port 1194 remains open – and you can't tear anything with it. Then the software reconnects to the VPN and we go further and nothing happened.

If the connection is terminated manually, i.e. by oneself, then all ports and interfaces are reopened and the original state is restored. This is, of course, only one possibility, but it is relatively easy to explain and understand.