Whenlooking for the best VPN, you’ll quickly notice that all VPNs, from the very best to the very worst, promise that they are “no-log,” “log-free,” or some variation of these words. How do these services get rid of logs, though, or do they even avoid creating them at all?

What Are Logs?

To figure out what happens to them, let’s first recap what logs are. When you make a connection between two devices—it doesn’t have to be through a VPN, or even via the internet at all—a record is created that records, or logs, that connection. A collection of these records is called alog file, or log for short.

The name probably comes from the logbook a ship’s captain keeps to record the happenings on board their vessel. In much the same way, a device keeps a log file of everything it’s been in touch with. Logs are a useful tool: you can see if a problem has happened before or figure out if there were any tell-tale precursors before an issue struck.

Logs and VPNs

For VPNs, though, logs are a bad thing. A common use ofvirtual private networksis to hide what you’re doing online, and having a record of all your connections is detrimental to that purpose. After all, if a VPN were to keep logs, then anybody with the authority to do so could request them and see what a VPN’s customers have been up to.

Related:What Do VPNs Share with Law Enforcement?

As a result, all VPNs claim to beno-log VPNs, meaning they don’t keep logs, though whether they always keep that promise is a different story. There are several examples of VPN services that were able to produce some kind of logs whenshown a warrant by law enforcement. However, even if we only take bonafide VPNs as an example, how do they get rid of logs?

How VPNs Destroy Logs

Essentially, there seem to be two ways to get rid of logs. The first is less about destroying them and more like banishing them to a deep, dark hole, while the second involves not creating them in the first place.

Writing to /dev/null

MostVPN serversrun onLinux, which is good for a number of reasons, one of the most important of which isa file called /dev/null. This file has been described as a “black hole” by almost everybody we talked to. It’s a file that if you write any data to it, it will be discarded—it just disappears from the system. There’s no record of it, and you can’t find it again; it’s just gone like it never existed.

This is handy for a number of reasons, but in the case of VPNs it’s vital. Rather than write logs to a part of the system that actually records information, the VPN is set to write the log information directly to /dev/null, casting it into the void. Mullvad explains some more of the tech in itsprivacy policy.

Diskless Servers

However, after talking with several of thebest VPNsout there, we get the impression that the industry is moving away from /dev/null and more toward not creating logs at all. Some of the veil was already lifted by ExpressVPN when it went over itsTrustedServer technologyand involves a special kind of server that only runs onrandom-access memory (RAM).

Related:How ExpressVPN’s TrustedServer Technology Keeps You Safe

These RAM-only or diskless servers have no long-term storage capacity at all. What logs are there are saved only in the server’s RAM and thus only exist temporarily. There are some traces of the connection left within the RAM, but these are then wiped away when the server is rebooted. ExpressVPN reboots weekly, for example, while other services may maintain a different schedule.

Not that there is that much to wipe: ExpressVPN has engineered itsVPN protocolsin such a way that almost no logs are created. The weekly reset wipes just a few breadcrumbs. Other VPN providers may do something similar, or somehow combine the two approaches, writing logs to /dev/null and then using diskless servers to wipe away the last traces.

No More Logs?

Confirming all of the above is impossible among a group as diverse and tight-lipped as VPN providers, but it seems diskless servers are the wave of the future, at least. In an email,NordVPNconfirmed it uses this method, and Mullvad iscurrently transitioningto this way of doing things. Private Internet Access’NextGen serversare also RAM-only.

It’s not clear if there’s a problem with writing to /dev/null or if this move is being done purely out of practical considerations. RAM-only servers are fast as lightning and can handle a lot more traffic beforelosing speed, as well as not writing logs. This is great news for VPN consumers as well as the services, as better speeds should attract more customers.

Of course, there’s also the peace of mind diskless servers bring. As this type of server should make it impossible—or at least a lot harder—to keep logs even if the VPN wanted to, there’s an extra safeguard in a system that still relies a lot on users' trust in their provider.

If you’re thinking of using a VPN or are dissatisfied with your current choice, consider our recommendations for the best VPN services available.