encryption - How can I tell if a PPTP tunnel is secure ...

Best VPN Reddit 2019

Best VPN Reddit 2019

Invite to the Reddit 2019 Directory of VPN service providers. In this directory site, we're taking a look at a few of the absolute best business VPN provider on the Internet like ExpressVPN, CyberGhost, IPVanish, Hotspot Shield, Private Internet Access and others. Instead of taking a look at the large range of free suppliers, which often have a lot of limits (and dubious loyalties), we are looking at those suppliers who charge a couple of dollars a month, however put your interests first, instead of those of shadowy marketers and sponsors. We've looked at more than 20 elements including variety of server locations, client software, devoted and vibrant IP, bandwidth caps, security, logging, client support and rate.
Let's take a look at each of our suppliers below in a little bit more depth.
ExpressVPN
Number of IP addresses: 30,000
Number of servers: 3,000+.
Number of server locations: 160.
Variety of synchronised connections: 5.
Country/Jurisdiction: British Virgin Islands.
94+ countries.
3 months Free with 1-year strategy.
ExpressVPN likewise uses a 30-day money-back guarantee, and has outstanding procedure assistance. While few will utilize PPTP (unless there specify requirements), the extra support of SSTP and L2TP/IPSec might be welcome to some users.
We like the quality of their setup guides, and the in-depth details in their Frequently Asked Question. The ExpressVPN got points from us for their support of Bitcoin as a payment technique, and their trustworthy and easy-to-use connection kill switch feature.
The company has actually stayed in business because 2009, and has a significant network of fast VPN servers spread throughout 94 nations. Their finest plan is priced at simply $6.67 monthly for an annual plan that includes 3 months complimentary. ExpressVPN's dedication to privacy is a standout feature.
SEE ALL EXPRESSVPN PLANS.
NordVPN.
Number of IP addresses: 5,000.
Variety of servers: 5000+ servers.
Variety of server locations: 61.
Country/Jurisdiction: Panama.
60+ nations.
$ 2.99/ month (75% discount rate) for a 3-year plan.
NordVPN in-depth review and hands-on screening.
NordVPN is among our top-performing VPN companies. They even use a generous simultaneous connection count, with six synchronised connections through their network, where almost everyone else deals five or less.
NordVPN's network isn't as big as some of their competitors, so if you're attempting to obfuscate your tracks, you might want a company with more servers. Otherwise, this business is plainly offering a winning offering.
Their finest plan is 1-year membership strategy: $6.99 ($ 83.88). While their month-to-month price of $11.95 is at the high-end of the spectrum, their annual price of $83.88 is lower than a lot of our competitors. And yes, they also have a full 30-day refund policy. NordVPN likewise provides a dedicated IP choice, for those looking for a different level of VPN connection. They do provide $2.99/ month (75% discount rate) for a 3-year strategy.
SEE ALL NORDVPN PREPARES. cg-22-1.
CyberGhost VPN.
Number of IP addresses: 2,800.
Number of servers: over 3,700 worldwide.
Variety of server locations: 115.
24/7 support action.
$ 2.75/ month (79% discount) for a 3-year plan.
CyberGhost thorough evaluation and hands-on screening.
CyberGhost has actually been around because 2011 and has come out strongly as an advocate of "civil rights, a complimentary society, and an uncensored Internet culture." We truly liked how the company specifically showcases, on their Website, how folks usually prevented from accessing such essential services as Facebook and YouTube can bring those services into their lives by means of a VPN.
The company has strong Linux assistance, supports VPN through routers, and has a solution for the popular Kodi media player. They mark off all the boxes on procedure support and get congratulations for offering a connection kill switch function, in addition to supporting P2P and BitTorrent in most nations.
Still, the few extra dollars deserve it. We liked how the business offers custom-made app security, IPV5 support and DNS, IP, and WebRTC leakage prevention. CyberGhost also picked up points for preserving privacy by not logging connection information.
SEE ALL CYBERGHOST VPN PREPARES.
ipvanish-300x250usjc.
IPVanish VPN.
Variety of IP addresses: 40,000+.
Variety of servers: 900.
Number of server locations: 60.
Country/Jurisdiction: United States.
$ 4.87/ month (60% discount) for a 1-year strategy.
A big win for IPVanish is the reality that the business keeps no logs. Absolutely no. We also like the business's stance towards privacy. They even supply support to EFF, the Electronic Frontier Foundation, a not-for-profit at the front lines of securing online personal privacy.
An unique feature of IPVanish, and one we're extremely interested by, is the VPN's assistance of Kodi, the open-source media streaming app that was as soon as referred to as XBMC. Any severe media fan has used or constructed Kodi or XBMC into a media player, and the integrated IPVanish Kodi plugin provides access to media worldwide.
At $7.50/ month and $58.49 for a year, they're undoubtedly attempting to move you towards their annual program. We awarded the business congratulations for Bitcoin support, and their money-back guarantee. We're a little disappointed that they just allow a 7-day trial, instead of a full 30-days. The company is generous, with five simultaneous connections. We also liked their connection eliminate switch feature, a must for anyone serious about staying confidential while browsing.
SEE ALL IPVANISH VPN PREPARES.
purelogo.
PureVPN.
Variety of IP addresses: 300,000.
Variety of servers: 2000.
Variety of server locations: 180.
Country/Jurisdiction: Hong Kong.
$ 3.33/ month (70% discount rate) for a 1-year plan.
PureVPN does not log connection details. We like that they provide a 30-day refund policy. They got perk points because, essential for a few of our readers, PureVPN supports bitcoin payments and you're going like their fast performance.
Also, you can grow with them. If after a long time, you require to scale up to business-level plans, the business has offerings for development. Prices is middle-of-the-road, at $10.95 each month and $35,88 annually.
Finally, we like that PureVPN has both Kodi and a Chromebook solution called out right on their Web page. In addition, PureVPN earns the distinction of being the very first VPN service we've seen to totally implement the GDPR.
SEE ALL PUREVPN PLANS.
strongvpn-logo-1.
StrongVPN.
Variety of IP addresses: 59,500.
Variety of servers: 689.
Variety of server places: 70.
$ 5.83/ month (42% discount rate) for a 1-year strategy.
StrongVPN blasts onto our favorites list with outstanding facilities and good price efficiency. As with our other favorites, StrongVPN has a strong no-logging policy. Since VPN is all about securing your personal privacy, that's a place the savvy VPN service providers can get points.
Strong likewise picks up congratulations for its large base of IP addresses, which also helps protect your anonymity. They have a strong collection of servers and around the world locations. For those of you who need a devoted IP, you can get one from the company, however you'll require to contact support to get assist setting it up.
Among StrongVPN's greatest strengths is the company's network. They own and operate their entire network infrastructure, which implies they have no externally-dictated limitations on bandwidth or the type of traffic enabled on the network. This gives you the self-confidence that you'll have the ability to power through your work.
StrongVPN's monthly price of $10 is in the middle of the pack, however their yearly cost of $69.99 is amongst the most affordable of our contenders.
SEE ALL STRONGVPN PLANS.
symantec-logo-100268876-large.
Norton Secure VPN.
Number of countries: 29.
Variety of servers: 1500.
Variety of server areas: 200.
Country/Jurisdiction: US.
$ 39.99 for the first 12 months.
Symantec, long understood for quality in security items, has a fairly minimal offering in its VPN item. It does not support P2P or BitTorrent, it does not have a kill switch feature, and it does not support Linux, routers or set leading boxes.
On the other hand, it's a VPN product from Symantec, a publicly-traded business with a clearly recorded management team. In many software application classifications, this might not be a notable advantage, but in the VPN world, where most companies have shadowy management and impossible-to-track-down ownership structures, it's revitalizing to understand exactly who we're handling and understand through independent sources (the company's annual filing, the SEC, and analyst reports) that the company is reliable and liable.
SEE ALL NORTON SECURE VPN PLANS.
hotspot.
Hotspot Guard.
Variety of IP addresses: 50,000.
Number of servers: 2500.
Number of server places: 26.
$ 2.99/ month (77% discount rate) for a 3-year strategy.
HotSpot Shield is an item that has actually had some ups and downs in regards to our editorial protection. Back in 2016, they picked up some really favorable protection based upon founder David Gorodyansky remarks about protecting user personal privacy. Then, in 2017, a personal privacy group implicated the company of spying on user traffic, an accusation the company flatly denies. Lastly, just this year, ZDNet uncovered a flaw in the company's software that exposed users. Thankfully, that was repaired right away.
So what are we to make from HotSpot Guard? Frankly, the debate caused us to drop them from our directory for a while. However they approached us, made a strong case for their ongoing dedication to privacy, and we chose to give them another chance.
Here's the good news. They use one of the very best money-back warranty we have actually seen for VPN services, a complete 45-days. They support Windows, Mac, iOS, and Android, along with plugins for Chrome and Firefox. They also support routers and media players (but not Linux). And, as a reward, they have a connection kill switch feature.
The business does not support P2P or BitTorrent-- and they also don't support the OpenVPN. Every other supplier does, but HotSpot Shield limits its protocol assistance to L2TP/IPSec and something they call Hydra, an enhancement of the transport protocol.
Overall, the company did impress us with their attention to personal privacy. They have actually a released personal privacy canary. They likewise informed us, "We have actually integrated in malware, phishing and spam security. Our dedication to our users is that Hotspot Guard will never ever keep, log, or share your real IP address.".
SEE ALL HOTSPOT GUARD PLANS.
hidemyass300x250usjc.
Conceal My Ass.
Number of IP addresses: 3,106.
Number of servers: 830.
Variety of server locations: 280.
Country/Jurisdiction: UK.
$ 2.99/ month for 3-year strategy.
We have to provide these folks an extra shout-out just for the name of their service. The company has a strong network with an excellent selection of protocols supported. While they have a comprehensive (and really plainly written set of policy documents), the company clearly permits P2P and gushes.
We like how HMA provides assistance on a wide variety of devices consisting of video game consoles. We gave them kudos for bitcoin support, and their outstanding money-back guarantee. They did make us frown a bit since they do log connection data. They also use five synchronised connections.
While their monthly pricing of $11.52 is at the high end of the spectrum, their yearly rates is competitive at $78.66 for a full year.
SEE ALL CONCEAL MY ASS PLANS.
gf-logo-300x250-wht-720.
VyprVPN Solutions.
Variety of IP addresses: 200,000+.
Variety of servers: 700+.
Variety of server locations: 70+.
Country/Jurisdiction: Switzerland.
30-Day Cash Back Guarantee.
$ 2.99/ month for 3-year strategy.
VyprVPN has the largest bank of IP addresses of any of the services we have actually taken a look at. The business provides a wide range of procedures, including its own high-performance Chameleon connection procedure.
We like that the company provides a connection kill switch feature and, for those who require it, there's a choice to get a dedicated IP address. VyprVPN is a standout in their effort to offer privacy, and ward off censorship. When China began its program of deep package VPN assessment, Golden Frog's VyperVPN service added scrambled OpenVPN packets to keep the traffic streaming.
At $9.95 for a month's service, and $80.04 for a year, the service is a good deal.
SEE ALL VYPRVPN PREPARES.
private-internet-access-ad-300x250.
Personal Web Access.
Variety of IP addresses: N/A.
Variety of servers: 3,252.
Number of server places: 37.
Country/Jurisdiction: United States.
Mentioning rate, if you desire a strong VPN service provider and you want the lowest yearly rate anywhere, Private Web Access is the location to go. At $6.95 a month, their regular monthly charge is the second least expensive of our choices, however at $39.95 per year, Private Internet Access beats even the second most affordable annual price by a complete Jackson (a $20 expense).
The company does not launch details on the variety of IP addresses offered, but at 3,252, their server count is more than any of our other choices.
These folks have been around given that 2010, and do not log anything. They supply a generous five connections, a connection kill switch feature, and some excellent online documentation and security assistance. Our one dissatisfaction is that their refund policy is 7-days rather of 30, however you can definitely get a feel for their exceptional efficiency in the area of a week.
SEE ALL PERSONAL INTERNET ACCESS PREPARES.
torguard-300x250.
TorGuard.
Variety of IP addresses: N/A.
Number of servers: 1,600.
Variety of server places: 50.
Country/Jurisdiction: United States.
Despite the fact that the business doesn't launch the number of IP addresses it supports, TorGuard didn't disappoint. In addition to standard VPN services, TorGuard uses a wide array of additional services, depending upon your personal privacy requires.
Just like our other favorites, TorGuard keeps no logs whatsoever. They have a full suite of protocol support, so no matter how you want to connect, you can have your choice. We likewise like the active blog site the company keeps. It's relevant and intriguing to anybody with Web security concerns.
While TorGuard only offers a 7-day return policy, it's enough time for you to be able to decide if you're pleased. The monthly rate of $9.99 is practically at the middle of the range, but the yearly fee of $59.99 is a deal compared to practically all our other competitors.
SEE ALL TORGUARD PLANS.
buffered-logo-300-250-1-1.
Buffered VPN.
Variety of IP addresses: 11,000.
Number of servers: 800.
Variety of server locations: 46.
Country/Jurisdiction: Gibraltar.
Buffered VPN doesn't disclose much about the size of its network, however the 30-day refund ensure suggests that you can take their service for a test drive and really get a feel for how well it carries out for you. The business distressed us due to the fact that they do keep some connection information. They cheered us up, though, due to their client support, limitless bandwidth, and generous number of simultaneous sessions permitted.
The company is reasonably new, established in 2013. It's based in Europe, so those who choose an EU-based business might choose Buffered. We like how Buffered has made a strong dedication to Web liberty, and an equally strong dedication to supplying quality customer support.
At $12.99 monthly and $99.00 for a year of service, they do not provide the least costly plan, but we do suggest providing a shot.
SEE ALL BUFFERED VPN PLANS.
goose.
Goose VPN.
Variety of IP addresses: 8.
Variety of servers: 8.
Number of server locations: 39.
I needed to know why Goose VPN was so named. My very first order of business was to connect to the company's co-founder and ask. Geese, I was told, make exceptional guard animals. There are records of guard geese providing the alarm in ancient Rome when the Gauls assaulted. Geese have been utilized to secure an US Air Defense Command base in Germany and a brewery in Scotland.
It's clear that the goose is an ideal mascot for a service that's suggested to guard your digital communications. And so, we have Goose VPN.
Goose VPN has a number of standout features. Initially, you can have a limitless variety of synchronised connections (or gadgets) using the VPN at once. Second, if your bandwidth requirements are 50 GB or less per month, you can register for $2.99/ month, the most inexpensive monthly rate we have actually seen.
If you desire unlimited bandwidth, the company definitely is pushing you towards purchasing a year at a time. Their regular monthly cost for unrestricted bandwidth is a middle-of-the-road $12.99/ month, but if you invest $59.88 for a year's service, you'll find it's the second least expensive by-the-year price of the services we have actually examined.
Goose supplies all the typical clients, including iOS, Android, Mac, and Windows, and adds assistance for routers, Android TELEVISION, and Linux. They are dealing with a kill switch function, which may even be up and running by the time you read this evaluation. The company also provides 24/7 ticket-based support.
Ducks quack, geese honk, and swans whoop (we know, because we looked it up). Overall, particularly provided the limitless connections and low yearly rate, we believe Goose VPN is something to beep about.
SEE ALL GOOSEVPN PLANS.
surfshark-logo.
Surfshark.
Variety of servers: 800+.
Variety of server locations: 50.
Country/Jurisdiction: British Virgin Islands.
While Surfshark's network is smaller than some, they make it up on functions. Let's start off with the greatest win they provide: endless device assistance. If you want to run your whole home or office on Surfshark's VPN, you don't have to worry about the number of gadgets you have on or linked. They also use anti-malware, advertisement stopping and tracker blocking as part of their software application.
The company has a solid variety of app support, running on Mac, Windows, iOS, Android, FireTV, and through routers. We particularly like the feature that permits you to whitelist certain apps and websites to instantly bypass the VPN. For some service usage, this can be seriously crucial.
Surfshark also offers three special modes developed for those who wish to get around limitations and more thoroughly hide their online footsteps. Camouflage Mode masks your VPN activity so your ISP does not know you're utilizing a VPN. MultiHop dives your connection through multiple nations to hide your trail. Lastly, NoBorders Mode "allows [you] to successfully use Surfshark in restrictive areas." Just be careful. Doing any of these three things might be illegal in your nation and could lead to really extreme penalties.
For a year plan, Surfshark can be found in very close to much of the other full-featured VPN suppliers, at $71.88 for the first year. Take care, because it looks like that will jump to $143.40 after your very first year is up. Month-by-month plans are $11.95. Their finest deal is $1.99 a month, for their 24 month strategy (you pay $47.76 up front). Absolutely benefit from their generous 30-day trial to choose if you like this service (and possibly set a reminder in 23 months to see if you can talk them into a continued discount rate).
SEE ALL SURFSHARK PREPARES.
WEBROOT LOGO.
Webroot WiFi Security.
Country/Jurisdiction: United States.
Beginning rate: $39.99.
As VPN services go, Webroot WiFi Security is relatively bare-bones-- but it's also low-cost. Starting at $39.99 for a year of VPN service, you can get a package with both VPN and Webroot's antivirus software for $69.98 for your very first year. Sadly, both of these costs bump up after the first year. VPN security leaps to $59.99 and the package jumps to $119.98.
While we praise the combination of VPN and anti-viruses in one package, Webroot has had a troubled few years. In 2017, it wrongly flagged Windows' system files as malicious. In 2018, a kernel exploit was found in the business's Mac anti-virus client. In 2019, the company was acquired by backup company Carbonite.
If you're only safeguarding a couple of gadgets and wish to conserve loan, Webroot's VPN might be for you. That $39.99 rate is for as much as three devices. If you wish to protect 5 devices, you'll require to pay $59.99 for a year and $79.99 after that. Honestly, as soon as you get in that price variety, there are products with more abilities readily available.
Webroot's VPN is also light on protocols. While they do link utilizing IKEv2 by default, they likewise provide L2TP and the very old and very insecure PPTP protocol (although they do warn that it's not "as" protect. Another concern for those of you who need deep security is that the business does log both which VPN server location you link to and the nation you connect from.
So who is Webroot's VPN for? If all you wish to do is protect your Wi-Fi connection while browsing in your local cafe or at a hotel, you only require to connect a couple of devices, and you wish to save money, this is a convenient alternative. However if you require a major VPN with deep capabilities, you'll want to look elsewhere in this directory. Likewise, we didn't discover any reference to a money back warranty, so check with their pre-sales and support prior to purchasing.
SEE ALL WEBROOT WIFI SECURITY PLANS.
VPN FAQ
Since we're living in a connected world, security and privacy are critical to ensure our personal safety from nefarious hacks. From online banking to communicating with coworkers on a daily basis, we're now frequently transferring data on our computers and smartphones. It's extremely important to find ways of securing our digital life and for this reason, VPNs have become increasingly common.
What Is a VPN?
A virtual private network (VPN) is a technology that allows you to create a secure connection over a less-secure network between your computer and the internet. It protects your privacy by allowing you to anonymously appear to be anywhere you choose.
A VPN is beneficial because it guarantees an appropriate level of security and privacy to the connected systems. This is extremely useful when the existing network infrastructure alone cannot support it.
For example, when your computer is connected to a VPN, the computer acts as if it's also on the same network as the VPN. All of your online traffic is transferred over a secure connection to the VPN. The computer will then behave as if it's on that network, allowing you to securely gain access to local network resources. Regardless of your location, you'll be given permission to use the internet as if you were present at the VPN's location. This can be extremely beneficial for individuals using a public Wi-Fi.
Therefore, when you browse the internet while on a VPN, your computer will contact the website through an encrypted VPN service connection. The VPN will then forward the request for you and forward the response from the website back through a secure connection.
VPNs are really easy to use, and they're considered to be highly effective tools. They can be used to do a wide range of things. The most popular types of VPNs are remote-access VPNs and site-to-site VPNs.
What is a remote-access VPN?
A remote-access VPN uses public infrastructure like the internet to provide remote users secure access to their network. This is particularly important for organizations and their corporate networks. It's crucial when employees connect to a public hotspot and use the internet for sending work-related emails. A VPN client, on the user's computer or mobile device connects to a VPN gateway on the company's network. This gateway will typically require the device to authenticate its identity. It will then create a network link back to the device that allows it to reach internal network resources such as file servers, printers and intranets, as if it were on the same local network.
It usually relies on either Internet Protocol Security (IPsec) or Secure Sockets Layer (SSL) to secure the connection. However, SSL VPNs can also be used to supply secure access to a single application, rather than an entire internal network. Some VPNs also provide Layer 2 access to the target network; these will require a tunneling protocol like PPTP (Point-to-Point Tunneling Protocol) or L2TP (Layer 2 Tunneling Protocol) running across the base IPsec connection.
What is a site-to-site VPN?
This is when the VPN uses a gateway device to connect to the entire network in one location to a network in another location. The majority of site-to-site VPNs that connect over the internet use IPsec. Rather than using the public internet, it is also normal to use career multiprotocol label switching (MPLS) clouds as the main transport for site-to-site VPNs.
VPNs are often defined between specific computers, and in most cases, they are servers in separate data centers. However, new hybrid-access situations have now transformed the VPN gateway in the cloud, typically with a secure link from the cloud service provider into the internal network.
What is a mobile VPN?
A traditional VPN can affect the user experience when applied to wireless devices. It's best to use a mobile VPN to avoid slower speeds and data loss. A mobile VPN offers you a high level of security for the challenges of wireless communication. It can provide mobile devices with secure access to network resources and software applications on their wireless networks. It's good to use when you're facing coverage gaps, inter-network roaming, bandwidth issues, or limited battery life, memory or processing power.
Mobile VPNs are designed and optimized to ensure a seamless user experience when devices are switching networks or moving out of coverage. It generally has a smaller memory footprint, and because of that, it also requires less processing power than a traditional VPN. Therefore, it enables your applications to run faster while the battery pack is able to last longer.
A Mobile VPN is a worthwhile tool to have since it increases privacy, user satisfaction and productivity, while also reducing unforeseen support issues caused by wireless connectivity problems. The increasing usage of mobile devices and wireless connectivity make it more important to ensure that your data is being transferred through a secure network. It will allow you to access the internet, while staying safe behind a firewall that protects your privileged information.
Who needs a VPN?
Individuals that access the internet from a computer, tablet or smartphone will benefit from using a VPN. A VPN service will always boost your security by encrypting and anonymizing all of your online activity. Therefore, both private and business users can benefit from using a VPN. Communications that happen between the VPN server and your device are encrypted, so a hacker or website spying on you wouldn't know which web pages you access. They also won't be able to see private information like passwords, usernames and bank or shopping details and so on. Anyone that wants to protect their privacy and security online should use a VPN.
How to choose a VPN Service?
There's a vast range of VPN servers on the internet. Some are free, but the best ones require a monthly subscription. Before you decide to download a VPN, make sure you consider these factors for understanding a VPN:
Cost - VPNs aren't too pricey, but they vary from vendor to vendor. If your main concern is price, then go with something inexpensive, or free - like Spotflux Premium VPN or AnchorFree HotSpot Shield Elite. By all means, try a free server but they do have a few drawbacks since they attract a lot of users. Free servers are often slower, and since most are ad-supported, they place adverts on the online pages you access. Others can even limit the speed of your connection, as well as your online time or amount of data transferred.
It's also important to note that leading VPN providers such as NordVPN and Privacy Internet Access offer stronger security features to ensure you're digitally safe. When selecting a paid VPN service, always be sure to check which countries it operates servers in.
Reliability - Select a VPN that is reliable and read the reviews to make sure that it's capable of protecting you by providing you with sufficient online privacy.
High security - An effective VPN will have the following security features: 128-bit encryption, anonymous DNS servers and an absence of connection logs.
Are there any bandwidth limits? This can often be linked to price; paying more will generally provide more bandwidth with faster internet access.
Are apps for Android, iOS phones and tablets available? Apps for Android and iOS devices are also vulnerable, so make sure your VPN server can support them.
To ensure privacy, you want to make sure you have a VPN that doesn't store online logs. Some servers provide virus and spyware protection, and features like that can significantly increase your online safety.
Using a no-logs VPN service will provide you with a higher degree of security. It can protect you from blanket government surveillance and prevent your internet service provider from knowing your online activity.
Using a VPN for Netflix and other forbidden treasures
Online streaming services like Netflix and Hulu have been making it difficult for foreign users to access their content in other countries. Many people can get around region restrictions by using a VPN service to route your traffic through another country.
It can be quite simple to watch Netflix and other restricted goodies. You'll have to use a VPN service that allows you to get a unique IP address. This can often be available for an additional fee. Look for VPN services that offer a "dedicated IP address", "dedicated IP", or "static IP." Additional features like these will always allow you to access content from Netflix through a VPN service.
This is by far the easiest way to access your forbidden apps since there's no specific way to block VPN traffic.
A lot of people started using a VPN to evade geo-restrictions. But despite its forbidden benefits to users outside the US, a VPN is a great tool that can protect you and enhance your online experience over the internet by providing you with sufficient security and privacy. When it comes to selecting the best VPN, you have plenty of choices. There are many cost-effective VPN options, and all of them will vary in monthly offerings. Choosing the best VPN is easier once you narrow down the competition. The best indication of a good VPN service provider is that they have the right security and the right support in place for you.
submitted by babysocola to VPNsReddit [link] [comments]

IPVanish Review - Why its a great VPN

IPVanish is a popular VPN service particularly with Android and Fire TV Stick users, and it makes a very strong claim on its homepage – that it’s the “World’s Best VPN.”
Seen this sort of statement before, right? It’s certainly one of the leading VPN providers out there, but is it really the best VPN overall?
We never take a provider’s word for it, so we decided to put IPVanish to the test – a very extensive one – to see if its claims are to be believed.
We were particularly keen to find out:
How good is IPVanish? Is it safe to use? Is IPVanish very fast? Does it work with Netflix? Is torrenting and P2P allowed? Is it the best VPN app for Firestick? But before we answer each of these (and many more) questions, lets see the pros and cons of IPVanish VPN:
Pros Cons Very impressive speeds Works with Netflix Great for torrenting & Kodi No-logs policy & no IP/DNS/WebRTC leaks User-friendly apps for PC, Mac, iOS, & Android Good server network across 50 countries Won't work with BBC iPlayer, or in China Short refund period Based in privacy-unfriendly US Desktop app could be more user-friendly Works with
Netflix, HBO, Torrenting, Kodi
Available on
Windows Mac Ios Android Linux Price from
$4.87/mo
As you can see IPVanish certainly does have many strengths to shout about.
It’s now time to take a very close look at the attributes and features of each IPVanish app, starting with how fast it is.
Speed & Reliability IPVanish is a consistently fast VPN
IPVanish is a very fast VPN service, with some of the quickest speeds we’ve seen in our tests.
IPVanish didn’t slow down our connection too much, and it is more than fast enough for HD or 4K streaming.
Speed results from our physical location in London (100Mbps fibre optic connection) to a London test server.
Before using IPVanish:
DOWNLOAD Mbps 93.76
UPLOAD Mbps 97.58
PING ms 2
When connected to IPVanish:
DOWNLOAD Mbps 84.13
UPLOAD Mbps 90.33
PING ms 7
Download speed without IPVanish: 93.76Mbps
Download speed with IPVanish: 84.13Mbps
Our download speed loss when IPVanish is running: 10%
Downloads, uploads and latency when using IPVanish are among the best we’ve seen, making this VPN a very smart choice for gamers and torrenters alike.
It’s also one of the most reliable VPN services we’ve seen, providing consistently fast speeds from one test to the next.
Here are the average speeds you can expect when using IPVanish to connect out to various locations around the world (from the UK):
USA: 53Mbps (download) & 37Mbps (upload) Germany: 76Mbps (download) & 81Mbps (upload) Singapore: 25Mbps (download) & 2Mbps (upload) Australia: 24Mbps (download) & 6Mbps (upload) Server Locations Over 40,000 IP addresses across 77 locations
Globe with a blue flag 50 Countries Image of a city landscape 77 Cities Image of a pink marker 40,000+ IP Addresses See all Server Locations IPVanish VPN gives access to more than 1,300 servers worldwide and over 40,000 IP addresses, which is one of the highest numbers of IP addresses we’ve ever seen. This means that you’re unlikely to experience VPN server congestion and slow speeds while connected to IPVanish.
The 50 countries in IPVanish’s VPN server network are well spread-out, including some less common nations like Moldova and the Philippines (in addition to all the typical countries like US, UK, Canada, Australia, and more).
List of IPVanish server locations
IPVanish provides its customers with city-level options in the US (19 cities), UK (4), Canada (3) Australia (2) and Brazil (2).
US-based users can choose from IPVanish servers in:
Central – Chicago, Dallas, Denver, Houston, Jackson, Milwaukee, St. Louis East – Ashburn, Atlanta, Boston, Cleveland, Miami, New York West – Las Vegas, Los Angeles, Phoenix, Salt Lake City, San Jose, Seattle We’d love to see more city-level selections in Australia – mainly Perth which is located on the West coast – and more server options in South America, where only Brazil and Colombia are served.
The high number of VPN servers in IPVanish’s network is enough to offset these minor complaints, though.
IPVanish is one of the few VPN providers to own its entire (or very close to) server infrastructure, meaning they rent very few servers from third-parties.
Streaming & Torrenting Excellent choice for torrenting & Netflix
Despite IPVanish being one of the fastest VPNs we’ve seen, it’s just not a great VPN for streaming.
Most of IPVanish’s US servers work for Netflix, although it can occasionally take a while to load, but all of its UK servers are currently blocked by BBC iPlayer and according to IPVanish they are not looking to work on fixing this.
If streaming BBC iPlayer is important to you, read through our dedicated guide or take a look at our NordVPN or CyberGhost reviews, two VPN services that work well with BBC iPlayer.
IPVanish has also confirmed it isn’t working with Amazon Prime Video or Hulu at the moment.
Torrenting IPVanish is, however, one of the best VPN services for torrenting we’ve tested, with very fast speeds and a watertight logging policy.
Torrenting is permitted on all of its servers and when we checked for IP/DNS leaks, we found none.
Not to mention that it has a VPN kill switch, but more on this below.
Therefore, we recommend IPVanish VPN for all P2P activity including Kodi for which IPVanish is currently the #1 VPN service.
Bypassing Censorship No good for China
IPVanish is very upfront in saying that the VPN service won’t work in China, despite being equipped with an array of obfuscation tools.
We really appreciate IPVanish’s honesty on this topic. IPVanish also provides a useful list of other countries the VPN won’t work in: you can find this on the support section of the IPVanish website.
List of IPVanish banned countries
IPVanish states that it is “forbidden to do business in”:
Myanmar Cuba Iran North Korea Sudan Syria IPVanish states that its domain, ipvanish.com, is blocked in:
Qatar Saudi Arabia United Arab Emirates (UAE) China Kazakhstan It’s not just IPVanish’s domain that is blocked in these countries, and many users have reported that IPVanish’s apps don’t work either.
If you live or are travelling to a high censorship country then we suggest you consider using VPN services like ExpressVPN or VyprVPN to bypass aggressive internet censors.
Platforms & Devices Works with all major platforms & devices
Apps Windows Logo Windows Mac Logo Mac iOS Logo iOS Android Logo Android Linux Logo Linux Router Logo Router IPVanish has custom VPN apps for all popular mobile and desktop operating systems so you can use them on:
PCs Apple Macs iPhones Android devices You can also setup IPVanish on other devices using manual workarounds (see the ‘Games Consoles & Streaming Devices’ section below).
Games Consoles & Streaming Devices AppleTV Logo AppleTV Amazon Fire TV Logo Amazon Fire TV Chromecast Logo Chromecast Nintendo Logo Nintendo PlayStation Logo PlayStation Roku Logo Roku Xbox Logo Xbox IPVanish is a good VPN to use with gaming consoles and streaming devices.
IPVanish is our number 1 VPN pick for the increasingly popular Amazon Firestick, and it’s super easy to install and use.
You can also use IPVanish on 10 devices at once, which is very generous (the average among the top VPN services is about 5 simultaneous connections).
You can also install IPVanish on your home router so that all your internet traffic at home is protected.
Browser Extensions Unfortunately, IPVanish doesn’t have any VPN browser extensions, which is a shame and one of the very few areas where it seriously lags behind its competitors.
If you want to use a VPN extension with your web browser then take a look at our:
Best VPN extensions for Chrome Best VPN addons for Firefox Encryption & Security One of the safest providers we’ve reviewed
Protocol IKEv2/IPSec
L2TP/IPSec
OpenVPN (TCP/UDP)
PPTP
Encryption AES-256
Security DNS Leak Blocking
First-party DNS
IPV6 Leak Blocking
Supports TCP Port 443
VPN Kill Switch
Advanced features SOCKS
Please see our VPN Glossary if these terms confuse you and would like to learn more.
We believe that IPVanish is one of the most secure and private VPN services available.
IPVanish mainly uses the OpenVPN and IKEv2 protocols and encrypts your online traffic with the ‘unbreakable’ AES-256 cipher, meaning you’re protected at all times. You can also connect using L2TP/IPsec, if you’d prefer.
IPVanish has a VPN kill switch to protect your privacy in case of a connection drop, plus a host of other advanced features to secure your web browsing. This includes SOCKS5 web proxy, which masks your IP address during P2P and VoIP connections – although this doesn’t encrypt traffic.
We also found IPVanish to be extremely safe, and free of IP or DNS leaks in our most recent tests:
IPVanish leak test results from browserleaks.com IPVanish’s leak test results when connected to its Chicago server
Logging Policy No-logs policy makes up for US jurisdiction
IPVanish doesn’t collect any user data at all, making it a no-logs VPN service.
Considering most VPN logging policies track at least server load or login information for maintenance purposes, this is what makes IPVanish a standout VPN for privacy.
In 2016, when under previous management, IPVanish was however found to be collecting logs when it handed information over to US authorities to aid in the prosecution of a user.
Since being acquired a number of times since then, IPVanish has turned things around and we have no longer concerns about its approach to user privacy.
Jurisdiction IPVanish VPN was first released in 2012 by its former US-based owner HighWinds Network Group. IPVanish has since been acquired by StackPath and in 2019 by J2 Global which are both US-based companies.
As you can see IPVanish is, and has always been, operated by companies headquartered in the US, which does have very intrusive surveillance laws and is a member of the Five-Eyes data sharing agreement.
IPVanish being based in the US is largely irrelevant though as its no-logs policy means no identifiable information is collected by the VPN provider.
Ease of Use User-friendly install with lots of advanced features
How to Install & Set Up IPVanish Screenshot of the Windows download button on the IPVanish website Beginning the installation process is as simple as clicking the button to download the relevant software from the site.
Screenshot of the progress of our IPVanish Windows download You can check the progress of the installation here, but it usually only takes a couple of minutes from start to finish.
Screenshot of the completed IPVanish download Once the software is downloaded, you'll see this screen which prompts you to run the IPVanish app.
Screenshot of IPVanish's main dashboard on its Windows app IPVanish main dashboard shows key connection info and permits server selection. We like the nice graph too.
Screenshot of IPVanish's server list in the Windows app Power users will select servers from the main dashboard rather than the server list as it's a slicker experience.
Screenshot of the server location filters in the IPVanish desktop app IPVanish server list view with filters - it's mostly pretty good but not as optimal as using the main dashboard.
Screenshot of the advanced settings in IPVanish's desktop app IPVanish is rich with advanced settings for customizing connections and it's well laid out to boot. Nice!
IPVanish’s desktop VPN apps are perfectly simple to use, even if they could do with a bit of a visual overhaul as they are starting to look a little out-dated.
The advanced privacy settings are also easy to navigate, making IPVanish suited to both VPN beginners and more experienced users.
The mobile IPVanish apps lack a few key features, such as the VPN kill switch, but they do still provide a very good, user-friendly experience.
Customer Support Helpful support with 24/7 live chat
24/7 Email support Online Resources We found IPVanish customer support agents to be friendly and helpful no matter what we asked them about the VPN service.
Thanks to a recent update, IPVanish now also has 24-hour live chat support on its website.
IPVanish also has excellent email support, which provided us with impressively well-written responses, as well as an online FAQ for straightforward solutions to the most common issues.
If for any reason IPVanish isn’t working properly, you should be able to fix it quickly by following these guides.
Pricing & Deals Well worth it for the level of service
IPVanish Coupon IPVanish logo IPVanish
Get 60% off IPVanish's 12-month plan
TestedEnds 22 Aug Get CodeED Terms IPVanish Pricing Plan IPVanish is reasonably priced and affordable. It is neither the cheapest VPN service, nor the most expensive. You can pay for IPVanish monthly or on an annual basis.
$4.87 per month on the 12-month plan is a very good price, especially as it’s 60% cheaper than the standard one-month plan, priced at $11.99.
There’s also a 3-month option for $6.75 per month.
Monthly
US$7.50/mo
Billed $7.50 for the first month Save 38% 3 Months
US$6.75/mo
Billed $20.24 for the first 3 months Save 44% 12 Months
US$4.87/mo
Billed $58.49 for the first 12 months Save 60% All plans have 7-day money-back guarantee
Payment & Refund Options The IPVanish seven-day money-back guarantee is 100% no-questions-asked and refunds your money within 10 working days.
Our only issue is with IPVanish’s iOS policy – if you sign up for an IPVanish login via the iOS Store then you don’t qualify for the money back guarantee.
IPVanish only accepts credit cards, debit cards, and PayPal.
Unfortunately neither cryptocurrencies like Bitcoin nor international options like Alipay are currently accepted.
submitted by Zinkzd to VPNsReddit [link] [comments]

CyberGhost Review - Easiest to use VPN

CyberGhost VPN is one of the most established VPN services around. It was founded by Robert Knapp in 2011, and it quickly became one of the most popular free VPNs.
CyberGhost currently has over 30 million users and its popularity keeps growing but the question is, how does it compare to other top VPN providers?
In this review you will learn what is good and what is not so good about CyberGhost, and you will find answers to popular questions like:
Is using CyberGhost safe? Is it legal and does it really work? Does CyberGhost still have a free version? Does it work with Netflix? Is torrenting & P2P allowed? Before we answer all these questions (and many more), lets first examine CyberGhost VPN’s pros and cons:
Pros
Fast speeds: 64Mbps (global average) Unlocks Netflix, BBC iPlayer & other streaming sites Optimized servers for torrenting/P2P traffic Strong logging policy & no IP/DNS/WebRTC leaks User-friendly apps for PC, Mac, iOS, & Android Great server network across 60 countries Cons Torrenting not available on US & Australia servers Doesn't work in high censorship countries Not recommended for Kodi 14-day refund guarantee on 1-month plan Works with
Netflix, Amazon Prime Video, Hulu, BBC iPlayer, Sky, HBO, Torrenting
Available on
Windows Mac Ios Android Linux Price from
$2.75/mo
As you can see CyberGhost is without a doubt an impressive VPN, but there are a few drawbacks that you need to know about in more detail.
Lets start off our in-depth review by looking at how fast CyberGhost really is.
Speed & Reliability Very fast speeds, especially for same-country connections
CyberGhost will match almost any VPN service for fast download and upload speeds, but what it occasionally lacks is consistency.
CyberGhost VPN’s same-country (for example, London to London) download and upload speeds are impressive and reliable, but CyberGhost users connecting to international servers may notice a drop-off in speed, with ping times also increasing.
Speed results from our physical location in London (100Mbps fibre optic connection) to a London test server.
Before using CyberGhost:
DOWNLOAD Mbps 95
UPLOAD Mbps 97
PING ms 2
When connected to CyberGhost:
DOWNLOAD Mbps 54
UPLOAD Mbps 77
PING ms 13
Download speed without CyberGhost: 95 Mbps
Download speed with CyberGhost: 54 Mbps
Our download speed loss when CyberGhost is running: 43%
We put all of the VPNs on the site through a rigorous scientific speed testing process, determining the average speeds from multiple locations across the globe. These are the average speeds you can expect to pick up from these locations:
USA: 51Mpbs (download) & 41Mbps (upload) Germany: 78Mbps (download) & 74Mbps (upload) Singapore: 28Mpbs (download) & 15Mbps (upload) Australia: 32Mbps (download) & 7Mbps (upload)
Server Locations 4,600 servers around the world
Globe with a blue flag 60 Countries Image of a city landscape 84 Cities Image of a pink marker 4,680+ IP Addresses See all Server Locations CyberGhost’s servers cover the whole world, with great server coverage in Europe and North America.
A choice of over 4,680 servers is paired with a similar number of IP addresses.
Screenshot of CyberGhost VPN server locations in Windows app
4,600 servers is a very good number, and one of the highest server counts on the market. While it’s considerably less than NordVPN‘s 5,000 plus servers, it is still a very high number of VPN servers.
Similarly to IPVanish, CyberGhost owns all of its DNS servers meaning that it doesn’t rely on rented servers to provide VPN connections.
The countries with the most CyberGhost servers are the US (1085), Germany (608), France (324), the UK (665) and Canada (223).
At city-level, CyberGhost covers 13 different US locations, and 3 locations in Australia, Canada and the UK.
Streaming & Torrenting Great for Netflix, Torrenting and More
CyberGhost provides many dedicated Netflix servers, which is great. They are very east to find in the app and we’ve never had any issues unblocking Netflix when using CyberGhost VPN.
CyberGhost has also its own dedicated BBC iPlayer server, too, and CyberGhost is currently our highest-recommended VPN for BBC iPlayer.
That’s not all, though. CyberGhost subscribers also report that they can successfully stream:
Amazon Prime Video Hulu HBO Sling TV Sky Now TV PlayStation Vue Torrenting CyberGhost is also a good choice for torrenting, although there are a couple of caveats:
It doesn’t allow torrenting on its US or Australian servers Torrenting on mobile is a hassle compared to Windows and macOS applications You can torrent from mobile while using CyberGhost if you check and select the existing P2P servers on the desktop app or on the website. P2P torrenting is allowed on mobile, but there is no tab to find out which work.
If you’re ok with these P2P limitations, then CyberGhost is a safe, fast and reliable VPN for torrenting. CyberGhost doesn’t log, it has a VPN kill switch and when we checked for IP/DNS leaks, we found none.
If however the torrenting limitations above are putting you off, then take a look at our best VPNs for torrenting.
Bypassing Censorship No good for China and highly censored countries
We can’t recommend CyberGhost as a VPN to use in high censorship countries, as it simply can’t guarantee to bypass aggressive web censors.
Unfortunately CyberGhost doesn’t have the obfuscation tools that make ExpressVPN and VyprVPN better VPN services to beat online censorship in countries like China, the UAE, Saudi Arabia and Iran.
CyberGhost even warns that you use of a VPN in certain countries is forbidden and CyberGhost VPN shouldn’t be used in these nations. CyberGhost does mention that workarounds to make its VPN work in these countries are available, but that you shouldn’t try them.
Basically, CyberGhost doesn’t want people to use its VPN in countries where VPNs are not legal.
Platforms & Devices Compatible with popular devices, including routers
Apps Windows Logo Windows Mac Logo Mac iOS Logo iOS Android Logo Android Linux Logo Linux Router Logo Router Whatever your device or operating system, CyberGhost has you covered with either a custom VPN app, or a manual workaround for you to configure your device and use CyberGhost VPN with it.
CyberGhost VPN is compatible with all Windows, macOS, iOS and Android devices.
You can also use CyberGhost on multiple devices at once, up to 7 in total (depending on the plan chosen).
Games Consoles & Streaming Devices AppleTV Logo AppleTV Amazon Fire TV Logo Amazon Fire TV Chromecast Logo Chromecast Nintendo Logo Nintendo PlayStation Logo PlayStation Roku Logo Roku Xbox Logo Xbox You can also use CyberGhost with a range of gaming consoles and streaming devices, by installing the VPN onto your home router and connecting the devices to it.
You can also piggyback off the CyberGhost VPN connection from another device running the CyberGhost app, such as your laptop.
The recent addition of a native VPN app for the Amazon Fire TV Stick is also a big plus.
Browser Extensions Chrome Logo Chrome Firefox Logo Firefox CyberGhost has VPN browser extensions available for Google Chrome or Mozilla Firefox. These extensions are entirely free but, regardless of whether or not you’re a paying customer, you’ll only get access to eight servers in four locations (2 servers each) through them: United States, Germany, Romania and the Netherlands.
These VPN add-ons are only proxies though, so they will only protect your web traffic. We recommend you use CyberGhost’s VPN extensions with the main VPN application or VPN client at all times.
Encryption & Security One of the best VPNs for security
Protocol IKEv2/IPSec
L2TP/IPSec
OpenVPN (TCP/UDP)
PPTP
Encryption AES-256
Security DNS Leak Blocking
First-party DNS
IPV6 Leak Blocking
VPN Kill Switch
Advanced features Split Tunneling
TOR via VPN Server
Please see our VPN Glossary if these terms confuse you and would like to learn more.
CyberGhost is an excellent choice for privacy, with one of the most advanced security suites of any VPN available today.
The CyberGhost apps default to our favorite protocol, OpenVPN, and it encrypts your web data traffic with the ultra-secure AES-256 encryption and has a kill switch to make sure your identity stays protected in the event of a connection drop.
Rest assured that your true location is safe and hidden with CyberGhost: we ran several IP or DNS leak tests and we found no leaks.
Logging Policy Based in EU but no logs policy assures privacy
This is a list of all the anonymous information that CyberGhost collects (taken from their logging policy):
“CyberGhost VPN records the log-in of an anonymous account for statistical purposes. We do this once a day (all other log-ins will be ignored) and sum up each daily log-in for one month. The daily log-in data will be deleted after 24 hours, the monthly sum at the end of each month.”
CyberGhost claims that this data is the bare minimum required to keep its VPN service running optimally.
CyberGhost’s logging policy makes it clear that no personally identifiable information is collected and therefore there is nothing stored on CyberGhost’s servers that could be used to identify you, should anyone ever seize their servers.
Excerpt from CyberGhost Logging Policy Excerpt from CyberGhost Logging Policy
Jurisdiction CyberGhost VPN is operated by the Romanian company CyberGhost SA, which was acquired by Kape Technologies PLC (previously known as Crossrider) in 2017.
The fact that CyberGhost is headquartered in Romania may seem less than ideal since Romania is part of the EU which has aggressive data-retention and sharing agreements in place with other nations.
However we are not concerned by where CyberGhost is located given that it doesn’t collect any personally identifiable connection data.
CyberGhost is a VPN you can trust with your online privacy.
Ease of Use Extremely easy to use
How to Install & Set Up CyberGhost CyberGhost download in our CyberGhost VPN review Find the relevant software on CyberGhost's website and click 'Download'.
CyberGhost download in our CyberGhost VPN review #2 OPT Follow the simple installation prompts and agree to the Terms and Conditions.
CyberGhost login in our CyberGhost VPN review The app will automatically open once installation is complete. Simply type in your login details.
CyberGhost connected screen in our CyberGhost VPN review After connecting the main screen will show the time you've been connected, your chosen server location, and new IP address.
CyberGhost main screen in our CyberGhost VPN review The main screen is compact and simple, with a connect button in the middle and your chosen server location below.
CyberGhost connected screen in our CyberGhost VPN review After connecting the main screen will show the time you've been connected, your chosen server location, and new IP address.
CyberGhost main screen in our CyberGhost VPN review The main screen is compact and simple, with a connect button in the middle and your chosen server location below.
CyberGhost connected screen in our CyberGhost VPN review After connecting the main screen will show the time you've been connected, your chosen server location, and new IP address.
CyberGhost extended screen and server list in our CyberGhost VPN review Click on the arrows in the bottom left to open up the extended app interface. Here you can see the full server locations list and choose optimized servers.
CyberGhost settings in our CyberGhost VPN review Click the cog symbol to open up the setting menu where you can change the VPN protocol and switch on leak protection.
CyberGhost connection features in our CyberGhost VPN review Under the Connection Features tab you can activate the ad blocker feature and other privacy extras.
CyberGhost split tunneling in our CyberGhost VPN review Click the Smart Rules tab to the left and then Exceptions. Here you can decide which apps you'd like to route outside of the VPN tunnel.
CyberGhost is still one of the easiest VPNs to use, even with all of its bells and whistles.
Menus in the apps are clearly labeled and come with helpful contextual tooltips.
There’s even a set of demonstrative videos on the CyberGhost website that show you just how simple its VPN apps are.
Browser Extensions CyberGhost’s browser extensions couldn’t be simpler. You just have to click the icon and select a location.
Customer Support Live chat and extensive troubleshooting
24/7 Live chat support Online Resources The round-the-clock live chat support agents are always friendly and responsive, usually managing to solve our queries in a matter of minutes.
There’s a good chance you won’t ever need to use live support, though, as the online troubleshooting guides are pretty comprehensive.
Pricing & Deals A great value VPN made very cheap with long-term plan
CyberGhost Coupon CyberGhost logo CyberGhost
Get 79% off CyberGhost's 3-year plan
TestedEnds 31 Aug Get CodeED Terms CyberGhost Pricing Plan CyberGhost used to provide a free VPN service, however that is no longer the case.
At its very cheapest, CyberGhost costs $2.75 per month – a 79% saving – but this requires a 3-year commitment. We think it’s worth the money, but if you don’t want to commit for 3 years then a monthly subscription plan jumps to $12.99 per month while a 6-month plan will cost $7.99 per month (a 39% saving).
CyberGhost has a 45-day money-back guarantee in place, which is one of the longest we’ve come across, but it only applies to subscriptions of six months or longer – one-month subscriptions have a 14-day refund guarantee.
There are no hidden catches or restrictions. If you want your money back then CyberGhost will refund you in 5-10 working days. To get a refund, simply contact CyberGhost support (live chat or email) and request a refund before the 45-days are up. You may be asked to fill in a short survey.
CyberGhost also offers a one-day free trial (or seven days for mobile devices). The free trial grants you the full VPN experience with no personal or payment details asked for. A handy pop-up will remind you of your remaining runtime every time you use the VPN service.
Monthly
US$12.99/mo
Billed $12.99 each month 6 Months
US$7.99/mo
Billed $47.94 every 6 months Save 39% 3 Years
US$2.75/mo
Billed $99.00 every 3 years Save 79% All plans have 45-day money-back guarantee
Payment & Refund Options Credit Card PayPal Bitcoin CyberGhost accepts a range of payment options including most major credit cards, PayPal and Bitcoin.
Unfortunately, it doesn’t currently accept any other international options like Alipay or UnionPay.
submitted by Zinkzd to VPNsReddit [link] [comments]

Express VPN Review - Why I use it daily

ExpressVPN: Ranked #1 out of 100 VPNs that we tested ExpressVPN is one of the most popular VPN services on the market, but is it really the “#1 trusted leader in VPN” as it claims to be?
We put ExpressVPN through rigorous testing and in this review we’ll tell you if it’s honestly the top VPN of 2019, and we’ll answer common questions like:
Is ExpressVPN really that fast? Is it legit and safe to use? Does ExpressVPN unblock Netflix? Does ExpressVPN allow torrenting? How much does ExpressVPN cost? But before we jump in, here’s a quick overview of ExpressVPN’s pros and cons:
Pros Cons Exceptionally fast same-country speeds Works with Netflix, BBC iPlayer & more Safe, fast & unrestricted torrenting/P2P Strong logging policy & no IP, DNS, WebRTC leaks User-friendly apps for PC, Mac, iOS, & Android Great server network across 94 countries More expensive than some rivals Fire Stick TV app needs updating Works with
Netflix, BBC iPlayer, HBO, Hulu, Amazon Prime Video, Sky, SlingTV, Torrenting, Kodi
Available on
Windows Mac Ios Android Linux Price from
$6.67/mo
That’s just a few highlights of what’s to come.
Keep reading to see if ExpressVPN is the right VPN for you, starting with how fast it is.
Speed & Reliability One of the fastest VPNs we've tested
ExpressVPN is one of the fastest VPN services we’ve tested – it’s extremely quick and responsive.
ExpressVPN is also remarkably reliable and consistent, whether you’re connecting to a local server, or one on the other side of the world. It’s speed is also very impressive in high censorship countries like China, where most other VPN services struggle to even connect.
Use the table below to see how ExpressVPN speeds fare against its top-scoring rivals in 11 locations around the world.
Select server location ExpressVPN NordVPN IPVanish DOWNLOAD AVERAGE 52.10 Mbps 69.67 Mbps 44.83 Mbps UPLOAD AVERAGE 23.84 Mbps 27.86 Mbps 27.70 Mbps PING AVERAGE 141 ms 135 ms 131 ms Here are the average speeds you can expect from ExpressVPN from a handful popular regions.
Europe Asia USA Australia DOWNLOAD AVERAGE 125 Mbps 47 Mbps 151 Mbps 129 Mbps UPLOAD AVERAGE 101 Mbps 34 Mbps 135 Mbps 113 Mbps PING AVERAGE 73 ms 3 ms 4 ms 2 ms Averages are calculated from our test results over the last 4 weeks. To read about our speed testing methodologies, please read How We Test VPN Speed.
Speed results from our physical location in London (100Mbps fibre optic connection) to a London test server.
Before using ExpressVPN:
DOWNLOAD Mbps 95.71
UPLOAD Mbps 98.71
PING ms 3
When connected to ExpressVPN:
DOWNLOAD Mbps 85
UPLOAD Mbps 91.22
PING ms 8
Download speed without ExpressVPN: 95.71Mbps
Download speed with ExpressVPN: 85.00Mbps
Our download speed loss when ExpressVPN is running: 11%
On top of fast download and upload speeds, ExpressVPN’s low latency and low ping times make it a good VPN for gaming, not as good as other VPN services but a strong gaming contender nonetheless.
From our location in the UK, we tested average speeds connecting out to various locations worldwide while connected to ExpressVPN:
USA: 77Mbps (download) & 40Mbps (upload) Germany: 79Mbps (download) & 66Mbps (upload) Singapore: 73Mbps (download) & 22Mbps (upload) Australia: 59Mbps (download) & 1Mbps (upload) Server Locations 3,000+ servers across 160 locations
Globe with a blue flag 94 Countries Image of a city landscape 160 Cities Image of a pink marker 3,000+ IP Addresses See all Server Locations ExpressVPN operates more than 3,000 VPN servers across the world, spread evenly over every continent (excluding Antarctica).
No matter where you’re located you should have no trouble finding an ExpressVPN server near you.
3,000 servers is one of the widest ranges of servers we’ve seen from any VPN service, and the ExpressVPN website even lists which VPN security protocols are available in each location (either country or city).
ExpressVPN provides city-level servers in a number of locations, too:
US UK Australia Brazil India Singapore Netherlands Germany France Italy Spain ExpressVPN’s 27 different city-level locations in the US and in four in Australia are some of the highest totals we’ve seen.
Streaming & Torrenting Instantly unlocks Netflix, BBC iPlayer and torrenting
ExpressVPN easily unlocks Netflix through almost all of its US-based VPN servers (apart from New York), even if it doesn’t offer servers dedicated to streaming like some of the other top-tier VPN services like CyberGhost.
ExpressVPN’s Isle of Man and Jersey servers work well with UK Netflix, while most UK servers will unlock BBC iPlayer (although customer support informed us it will only work if you’re located outside of the UK).
ExpressVPN is also a popular choice with viewers of a whole range of other big streaming services. Plenty of subscribers enjoy using ExpressVPN with:
Amazon Prime Video Hulu HBO Sling TV Sky Now TV PlayStation Vue The following ExpressVPN servers worked for unlocking Netflix:
USA (New Jersey, Washington DC, San Francisco) Canada (Montreal, Toronto, Vancouver) UK (Isle of Man, Jersey) Torrenting Torrenting and any type of P2P traffic is allowed on all ExpressVPN servers, resulting in less congestion and faster speeds as a bonus.
ExpressVPN registered fast speeds both downloading and uploading, which is fundamental for a good torrenting and P2P experience. ExpressVPN also works for those looking to stream via Kodi or similar media player apps.
Privacy and security-wise, ExpressVPN’s kill switch works extremely well (should your VPN connection drop at any point) and when we tested ExpressVPN for IP or DNS leaks, we found zero. What’s more, ExpressVPN doesn’t keep any activity logs. You can read more about all of this below.
Bypassing Censorship Works in China, UAE and more
ExpressVPN works in China, bypassing Chinese censorship with ease, largely thanks to the company devoting significant resources into outsmarting the censors. That is why ExpressVPN is our best VPN for China.
If you have protocol selection switched to Automatic, ExpressVPN’s proprietary obfuscation security protocols are activated, which are very effective in beating aggressive state-level censors.
These obfuscation protocols ensure that its VPN apps easily beat even the most aggressive of blocks in countries like Turkey, Saudi Arabia and Iran.
Platforms & Devices Works with all popular devices
Apps Windows Logo Windows Mac Logo Mac iOS Logo iOS Android Logo Android Linux Logo Linux Router Logo Router ExpressVPN supports just about any operating system or device out there – Microsoft Windows, MacOS, iOS and Android – with installation instructions given for each one.
Where ExpressVPN doesn’t have a native dedicated VPN app, you have access to a walkthrough on the ExpressVPN website to show you how to set up a workaround.
Games Consoles & Streaming Devices AppleTV Logo AppleTV Amazon Fire TV Logo Amazon Fire TV Chromecast Logo Chromecast Nintendo Logo Nintendo PlayStation Logo PlayStation Roku Logo Roku Xbox Logo Xbox ExpressVPN is one of the best VPN services for Amazon’s Fire TV Stick, although it is not our number one choice.
Why is not our top pick?
Well, ExpressVPN may have been one of the first VPN providers to roll out a Fire TV Stick app, and it works fine, but it’s grown to look out-dated and lacks some of the features that we’ve enjoyed in more recent Fire TV Stick VPN apps.
If you own a Fire TV Stick and want to use a VPN app with it, take a look at our top VPN picks for Amazon Fire TV and Fire TV Stick.
If you want to run ExpressVPN on other streaming devices or games consoles, you’ll need to install ExpressVPN at router level, or you can piggyback off of the VPN connection from another device, like your PC or Mac.
Browser Extensions Chrome Logo Chrome Firefox Logo Firefox Safari Logo Safari ExpressVPN provides full VPN browser extensions for Google Chrome, Mozilla Firefox, and Safari.
Most of the VPN browser add-ons we see from other VPN providers are proxies pretending to be full VPNs, but ExpressVPN’s extensions are the real deal.
You can choose your server location from within the browser extension, which is a really neat solution.
Thanks to a recent update you can now use ExpressVPN on five different devices at once, too.
Encryption & Security Leader in security, with strong extras like a VPN kill switch & obfuscation protocols
Protocol IKEv2/IPSec
L2TP/IPSec
OpenVPN (TCP/UDP)
PPTP
SSTP
Encryption AES-256
Security DNS Leak Blocking
First-party DNS
IPV6 Leak Blocking
VPN Kill Switch
WebRTC Leak Blocking
Advanced features Split Tunneling
Please see our VPN Glossary if these terms confuse you and would like to learn more.
ExpressVPN is a legitimate and extremely secure VPN service, with a multitude of standards and VPN protocols in place to keep your browsing data private and secure.
If you leave the VPN protocol setting on Automatic then the ExpressVPN app will determine what is the best security protocol to use – a handy feature that’s not all that common.
AES-256 encryption is widely regarded as near-unbreakable; OpenVPN, our favorite VPN protocol, is one of many available; and ExpressVPN also has the always-essential VPN kill switch, ensuring you stay protected in the event of your connection dropping.
Split tunneling is yet another powerful feature that’s not all that common among VPN services. It allows you to protect your web traffic while keeping access to connected devices on your network, like your printer or Smart TV.
We found ExpressVPN to be fully protected from any IP or DNS leaks, too. You can count on ExpressVPN to successfully hide your real IP address.
ExpressVPN recently launched its TrustedServer feature, a proprietary technology that removes the need for local storage such as hard disks or solid state drives. Once again, ExpressVPN is leading the pack when it comes to security and privacy.
Logging Policy Close to truly no-logs and away from 14-Eyes
ExpressVPN doesn’t collect any personally identifiable activity logs. Here’s all the information collected by ExpressVPN’s VPN servers:
Dates when connected to the VPN service Choice of VPN server location Total amount of data transferred per day That’s it. ExpressVPN maintains that this is the minimum amount of information required to be collected in order to keep the performance of its servers as strong as possible.
The most important thing of all is that this data cannot be used to identify you, or what you do. All that’s possible to reveal is that you have used ExpressVPN’s service at some point. This is totally anonymous, and about as close to zero-logs as you can get.
A recent report by the Center for Democracy and Technology (CDT) questioned ExpressVPN in greater detail and concluded that its servers were both “extremely difficult to compromise” and “limited in the amount of data that could be revealed” in the event that they were.
ExpressVPN’s logging policy was put to the test in December 2017 when one of ExpressVPN’s Turkish VPN servers was seized and inspected by Turkish authorities investigating the assassination of Russian ambassador to Turkey, Andrei Karlov. The investigators could not find any customer connection logs.
Jurisdiction ExpressVPN was founded in 2009 and is operated by Express VPN International Ltd., which is based in the British Virgin Islands and far outside of the intrusive 14-eyes surveillance alliance.
That’s an excellent choice of location for a privacy-minded VPN company, as the British Virgin Islands has full sovereignty over its own data regulations.
Foreign governments can still make demands for information, but ExpressVPN makes it clear that it will never share data with them and, crucially, that it doesn’t have any personally identifiable information to share in the first place.
In case you’re still wondering, you’re safe with ExpressVPN.
Ease of Use Hassle-free setup and easy to get started
How to Install & Set Up ExpressVPN Screenshot of the ExpressVPN installation wizard This is the screen you'll see after you've downloaded your chosen software from the ExpressVPN website.
Screenshot of the ExpressVPN download success screen When the installation is complete, you'll receive a prompt to start the ExpressVPN app.
Screenshot of the activation code box in the ExpressVPN app Before you can start using the app, you'll need to enter the activation code provided in your welcome email.
Screenshot of the main screen of ExpressVPN's desktop app The main view of the ExpressVPN screen - just click connect to fire up your new VPN.
Screenshot of ExpressVPN while connected The on/off button turns green when you're connected, and clearly displays your chosen server location.
Screenshot of ExpressVPN's list of server locations Your favorite server locations display here in a separate window.
Screenshot of ExpressVPN's protocol choices in the desktop app Choose your protocol here - we really like the helpful contextual information provided
ExpressVPN is so easy to use that it’s hard to go wrong – not just with the main desktop client, but also with its many device-specific apps and browser extensions.
The ExpressVPN home screen is simply a big on/off button and a list of VPN servers, but if you want to customize things you can also find advanced settings behind a separate menu.
Even ExpressVPN’s advanced options are explained in plain and easily-understood language, so you’ll never be making changes without knowing exactly what you’re doing.
Browser Extensions
ExpressVPN’s browser extensions are available for Chrome, Firefox and Safari. They give you full protection that fully masks your web activity without you having to leave your browser window.
Customer Support Responsive and friendly live chat
24/7 Live chat support Email Online Resources ExpressVPN’s helpful 24/7 live chat means if you ever have a problem, you’ll be back up and running as quickly as possible.
ExpressVPN really is one of the most customer-focused VPN services we’ve reviewed, and the ExpressVPN support team makes sure to keep you happy before and well after you’ve become their customer.
You can also reach out to ExpressVPN’s customer support via email, with equally responsive, helpful and enthusiastic responses.
Pricing & Deals A little expensive, but well worth it
ExpressVPN Coupon ExpressVPN logo ExpressVPN
Get 3 months free with ExpressVPN's 12-month plan
TestedEnds in 2 days Get CodeED Terms ExpressVPN Pricing Plan ExpressVPN provides the same features on all its price plans, so the only decision to make is how much you want to pay upfront and how much your subscription costs you per month.
The longer you subscribe to ExpressVPN for, the cheaper the monthly cost: a single month of ExpressVPN costs $12.95 (which is more costly than other 1-month plans offered by its rivals), but there’s a 49% reduction to $6.67 for a 15-month plan, which is great value for the best VPN service around.
Monthly
US$12.95/mo
Billed $12.95 every month 6 Months
US$9.99/mo
Billed $59.95 every 6 months Save 23% 15 Months
US$6.67/mo
Billed $99.95 first 15 months and 12 months thereafter Save 49% All plans have 30-day money-back guarantee
Payment & Refund Options Credit Card PayPal Bitcoin AliPay UnionPay You’re entitled to a 30-day money-back guarantee when you first sign up to ExpressVPN. We found that they grant refunds quickly and with no questions asked, after we made a simple request to customer service.
ExpressVPN doesn’t have a true free trial in place, but take a look at our guide on how you can make the most of the 30-day refund guarantee.
There’s also a ‘Refer a Friend’ program which earns you a 30-day free ExpressVPN subscription for both you and the friend you convince to sign up – plus there’s no limit to the number of friends you can refer.
submitted by Zinkzd to VPNsReddit [link] [comments]

Private Internet Access Review - An in-depth review

Private Internet Access talks a big game on its website. In among all the technical jargon it boasts that it’s “the most trusted name in anonymous VPN service.”
Its name certainly promises as much, but can you trust Private Internet Access to give you the VPN speeds and security you need?
We’ve spent days testing Private Internet Access to answer all your questions, such as:
Is Private Internet Access trustworthy? What does Private Internet Access do? Does Private Internet Access work with Hulu? Does Private Internet Access keep logs? Who owns Private Internet Access? Before we get stuck in, let’s take a look at the basics of Private Internet Access, along with what we found to be its main pros and cons:
Pros
Excellent speeds - 87Mbps global average Easy, high-speed access to Netflix Unlimited P2P & torrenting Keeps no usage logs & no IP/DNS leaks 3,300+ servers across 32 countries User-friendly apps for PC, Mac, iOS, & Android Cons Small server network compared to top-tier providers Based in the privacy-unfriendly US Email support can be slow, limited live chat Patchy access in China Works with
Netflix, Amazon Prime, Hulu, Now TV, HBO, Sling TV, Torrenting, Kodi
Available on
Windows Mac Ios Android Linux Price from
$2.91/mo
Private Internet Access is an incredibly fast VPN, with some excellent features that make it ideal for privacy advocates. It’s not perfect, though – read on to find out more.
Speed & Reliability Very fast and impressive speeds
Private Internet Access is a very fast VPN.
PIA’s best VPN servers are impressive for speed: if you live near London, New York or Toronto and want to connect locally you won’t find a faster provider in the current market.
We were also highly impressed with PIA’s global performance, with very fast average download speed of 87Mbps. This is one the highest we’ve seen from any provider, making it a fantastic choice for P2P users and torrenters.
Speed results from our physical location in London (100Mbps fibre optic connection) to a London test server.
Before using Private Internet Access:
DOWNLOAD Mbps 92
UPLOAD Mbps 99
PING ms 2
When connected to Private Internet Access:
DOWNLOAD Mbps 47
UPLOAD Mbps 74
PING ms 12
Download speed without Private Internet Acess: 92Mbps
Download speed with Private Internet Access: 47Mbps
Our download speed loss when Private Internet Access is running: 50%
Gamers will love PIA’s practically non-existent latency of less than 1ms in some locations.
It also has exceptional upload speeds – you can expect 268Mbps at the best of times.
We put all of the VPNs on the site through a rigorous scientific speed testing process, determining the average speeds from multiple locations across the globe. These are the average speeds you can expect to pick up from these locations:
USA: 31Mbps (download) & 38Mbps (upload) Germany: 85Mbps (download) & 72Mbps (upload) Singapore: 26Mbps (download) & 9Mbps (upload) Australia: 35Mbps (download) & 10Mbps (upload) Server Locations Important locations are covered, the server list is small
Globe with a blue flag 32 Countries Image of a city landscape 52 Cities Image of a pink marker 3,300+ IP Addresses See all Server Locations Private Internet Access’ servers are spread over 33 countries – a smaller selection than many of its big-name rivals, although every PIA location is courtesy of a real physical server.
While 3,300-plus VPN servers is a fantastic amount, it’s likely that there’s only one IP address for each. That’s a good number, but VPN services like IPVanish (40,000) and VyprVPN (200,000) have far more.
PIA VPN covers all the most popular locations in a good global spread, while 14 separate cities (and 1,500 servers) within the US is outstanding. There’s also city-level selection in the UK, Canada, Australia, and Germany.
Private Internet Access Server Locations on the Private Internet Access Website
Streaming & Torrenting Good for Netflix, great for torrenting
Private Internet Access’ huge array of US servers means that unblocking Netflix is never more than one or two clicks away. We found access through its Washington DC, Atlanta, Chicago and Houston servers to be very reliable, and less so with US East, New York City, Florida and California servers.
Access to BBC iPlayer had recently stopped working for us, and Private Internet Access has said that rectifying it is not a priority for the service. Our most recent tests, however, had success accessing the service.
Private Internet Access is also a popular choice with viewers of a whole range of other big streaming services. Plenty of subscribers enjoy using Private Internet Access with:
Amazon Prime Video Hulu HBO Sling TV Sky Now TV PlayStation Vue Torrenting Private Internet Access is a very, very good VPN for torrenting.
P2P traffic is permitted on all servers and the market-leading upload and download speeds ensure rapid file transfers and buffer-free Kodi.
It has a VPN kill switch to keep your identity safe while you download or seed, it’s totally protected from IP and DNS leaks, and its logging policy ensures your traffic will be kept private and anonymous.
Bypassing Censorship No good in China but works well in other countries
Private Internet Access is unusable in large parts of China as the government has successfully managed to block it via the Great Firewall. Reports and anecdotes from users suggest that it still works in Beijing at least, for example.
Unless you want to spend a lot of time tampering with long-winded manual configurations, you’ll be better off finding another VPN service, though – our roundup of the best VPNs for China should help.
PIA will still work to unlock the internet in slightly less dilligent nations though, such as Turkey, Iran or Saudi Arabia.
Platforms & Devices Works across all platforms, and router too
Apps Windows Logo Windows Mac Logo Mac iOS Logo iOS Android Logo Android Linux Logo Linux Router Logo Router There are custom apps to get Private Internet Access running on all the popular operating systems, both desktop and mobile, while a router-level installation will cover everything else.
Private Internet Access works with Microsoft Windows, Apple MacOS, Android, iPhone and more.
You can use Private Internet Access on a number of devices, up to ten in total. Manual setup guides are also available on the Private Internet Access website to help walk you through more obscure platforms or older OS versions.
Games Consoles & Streaming Devices AppleTV Logo AppleTV Amazon Fire TV Logo Amazon Fire TV Chromecast Logo Chromecast Nintendo Logo Nintendo PlayStation Logo PlayStation Roku Logo Roku Xbox Logo Xbox Private Internet Access offers a custom app for Amazon Fire TV and Stick. Installing the app requires a little bit of technical knowhow, but once installed you’ll be able to choose servers all around the world and access your favorite video content.
It’s also possible to use PIA’s software with other streaming devices and games consoles, like the PlayStation 4, Xbox One or Google Chromecast, by connecting them to a configured router.
Browser Extensions Chrome Logo Chrome Firefox Logo Firefox Private Internet Access also has browser extensions for Google Chrome, Mozilla Firefox, and Opera, which protect your browser traffic.
They’re just proxies, but still protect your IP address and prevent WebRTC leaks when surfing the web. You can learn more about the differences between VPNs and proxies with our guide.
Encryption & Security One of the most secure VPNs around
Protocol L2TP/IPSec
OpenVPN (TCP/UDP)
PPTP
Encryption AES-128
AES-256
Security DNS Leak Blocking
First-party DNS
IPV6 Leak Blocking
Supports TCP Port 443
VPN Kill Switch
WebRTC Leak Blocking
Advanced features Ad Blocker
SOCKS
Please see our VPN Glossary if these terms confuse you and would like to learn more.
After all this, you’re still probably wondering one question: is Private Internet Access trustworthy?
We can safely say that the answer is yes. Private Internet Access is one of the most advanced VPNs on the market, sure to satisfy even the most demanding of users.
A screenshot of PIA's recommended security configurations PIA’s recommended security configurations
You get a broad choice of protocols with Private Internet Access (including our favorite, OpenVPN), encryption (including AES-256), an ad and malware blocker (PIA MACE), TCP Port 443, as well as a kill switch.
It also features IPV6 leak protection, although it’s unlikely you’ll need that right now – still, it’s good future-proofing for when IPV6 eventually becomes the new internet standard (you can learn more about IPV6 here).
One small thing we’d change is that PIA VPN offers PPTP as a protocol, but not IKEv2. We prefer OpenVPN to IKEv2, but some users like that it often gives you faster VPN connection speeds. PPTP, on the other hand, is old and insecure and shouldn’t really be used by anyone.
On top of all that, we also found it didn’t leak our IP or DNS – Private Internet Access operates its own DNS servers, which helps.
Logging Policy Absolutely no logging information kept
Private Internet Access keeps absolutely no VPN logs whatsoever – you can use the service with total peace of mind that your data and traffic is not being monitored, nor can it be traced back to you.
Jurisdiction Private Internet Access first launched in 2010 and is owned by London Trust Media, a firm with a diverse portfolio of products and a particular focus on privacy and tech. It’s based in Colorado, Denver, USA.
We would normally criticize a VPN for choosing the US as its base of operations, however, in the case of Private Internet Access we’ll make an exception.
The fact that absolutely no browsing logs are stored or monitored by PIA means that any prying authorities would have nothing to uncover.
Ease of Use Updated app does wonders for usability
How to Install & Set Up Private Internet Access Private Internet Access download options screenshot in our PIA review Go to the downloads section on PIA's website to find the right software for your device.
Private Internet Access installation instructions screenshot in our PIA review We love PIA's step-by-step instructions on how to navigate the installation process.
Private Internet Access setup options screenshot in our PIA review PIA gives you the option to create a handy desktop shortcut for the app.
Private Internet Access setup wizard screenshot in our PIA review Once the installation is complete, you'll be given the option to launch PIA and begin using the software.
PIA Main Screen Screenshot for PIA Review PIA have drastically improved its app so that it is much simpler to navigate and pleasing to look at.
PIA Server List Screenshot for PIA Review When clicking on 'VPN Server' on the main screen you are taken to this list of available server connections. Its a detailed list with a search bar to find your favorite server quicker than having to scroll.
PIA Connected Screenshot for PIA Review When you choose a server, the app automatically takes you back to the home screen where the button animates itself in an attempt to connect. Once connected, it turns green.
PIA Main Screen Expanded Screenshot for PIA ReviewPIA Setting Menu Screenshot for PIA Review The advanced settings open in a new and separate tab to the app. In the Privacy Settings you can find the inclusion of a kill switch with the helpful option to have it on 'Always'. You can also block domains used for ads, trackers, and malware through the PIA MACE option.
PIA DNS Leak Protection Screenshot for PIA Review In the 'Network' screen you can protect yourself against DNS leaks, with the options to 'Set Custom DNS' alongside tick boxes for 'Request Port Forwarding' or 'Allow LAN Traffic'.
PIA Protocol and Encryption Screenshot for PIA Review
In the past, PIA’s one glaring failure was its clunky, unintuitive and grossly outdated desktop app.
PIA has since released a far more modern app which is much easier to navigate and straight-up better looking, clearly taking note from its competitors.
There are plenty of customization options for desktop notifications, launch on start-up, and a kill switch with an ‘always’ option.
PIA has come a long way, but it’s not perfect: the advanced settings still open in a new tab and the tray app remains open on top, blocking the view. Annoyingly, you have to close the whole tray app manually in order to see it.
The PIA mobile app is terrific – with just as much configurability as the desktop app, plus some extra connection details.
Customer Support Lacking 24/7 support but good online knowledge base
Live chat Support Email Online Resources 24/7 live chat is the obvious absence from Private Internet Access’ support repertoire. It’s something almost all of its higher-scoring rivals have, such as StrongVPN and VPNArea, and a feature we’d love to see soon.
With PIA VPN you can only live chat with support between 4pm-1am UTC. You must be logged in to the member area to do so, meaning it’s also only available to paying customers.
The positive flip-side to this, though, is that PIA has one of the best online knowledge bases out there. It’s well organized and should answer almost any query or issue you have.
Pricing & Deals Affordable on two-year plan
Private Internet Access Coupon Private Internet Access logo Private Internet Access
Get 65% off Private Internet Access's 2-year plan
TestedEnds 28 Aug Get CodeED Terms Private Internet Access Pricing Plan A month-long subscription with Private Internet Access costs $9.95. This is around the industry standard and isn’t very competitive.
The cost goes down the longer you subscribe for, though, with a two-year subscription costing $3.49 per month. Private Internet Access isn’t the cheapest VPN, but it is one of the best.
Private Internet Access doesn’t have a free trial and the money-back guarantee is only seven days long. However, cancelling within these seven-days is 100% no-questions-asked, with your refund arriving within seven working days.
Monthly
US$9.95/mo
Billed $9.95 every month 12 Months
US$5.99/mo
Billed $71.88 every 12 months Save 40% 2 Years
US$3.49/mo
Billed $83.87 every 2 years Save 65% All plans have 7-day money-back guarantee
Payment & Refund Options Credit Card PayPal Bitcoin PIA accepts a broad range of payment methods including most major credit and debit cards, PayPal and a few cryptocurrencies including Bitcoin, Ethereum, and Zcash.
Users in certain countries may also have access to additional international payment options like Mint, ecoPayz, and Neosurf, although they can’t be used to set up a rolling subscription.
submitted by Zinkzd to VPNsReddit [link] [comments]

That One Privacy Guy's - Guide to Choosing the Best VPN (for you)

That One Privacy Guy's - Guide to Choosing the Best VPN (for you)
Disclaimer: The below guide is my opinion, which I will try to provide as many examples for and as much evidence as possible to support. I reference my VPN Comparison Chart throughout much of this post, not so much for shameless self promotion, but because I believe it to be a solid resource to determine if a VPN meets your criteria and to assist you in deciding which is best for you. If you just want an ELI5, read the bolded segments throughout the guide for the highlights. If you want to go down the rabbit hole on this topic, read on, and buckle up - this is going to be long.
TABLE OF CONTENTS
I. INTRODUCTION
II. A WORD ABOUT TRUST
III. A WORD ABOUT VPN AFFILIATES
IV. IF YOU'RE CONCERNED WITH PRIVACY
V. IF YOUR CONCERNED WITH SECURITY
VI. IF YOU'RE CONCERNED WITH UN-GEOBLOCKING
VII IF YOU'RE CONCERNED WITH BYPASSING RESTRICTIVE NETWORKS
VIII. CLEARING UP MISCONCEPTIONS
I. INTRODUCTION:
The following is intended to be a detailed guide to answer the question, "How do I choose the best VPN (for me)?" The reason this is a hard thing to help people with, is that their needs and level of technical knowledge vary greatly - there is no one perfect VPN, they all have at least some flaws and some will just flat out be better for different people.
I very well might have forgotten to add a section I intended to, said something that needs clarification, or was just sleepy when I wrote parts of this guide, so I intend to update and expand it as needed.
I'm assuming that if you're reading this far, you have at least SOME knowledge as to the basics of what a VPN is, so I won't cover that here. This will be heavily emphasizing the need of a VPN for privacy, but I will echo and expand on other use cases as well towards the end.
II. A WORD ABOUT TRUST
No matter what reason you want a VPN, you want to know that the service you choose is trustworthy and is not compromising your data. Even if you're only concerned with geo-unblocking or other non-privacy uses, keep reading. I'll get more into this in the "Privacy" section, but it's important for everyone to be exposed to it at least a little.
A preface regarding privacy and trust, from another thread I made a while back. This applies to every company, but I would suggest especially so for VPNs.
We live in a society where privacy is undervalued and under assault daily. Some people eventually notice this and discover that they do value their own. They set out on a pilgrimage of sorts to educate themselves and learn about tools to help them protect it (as I did when I started my project). Because we depend on each other for direction and others to write software and run services to help keep us secure - TRUST AND TRANSPARENCY - are paramount.
However, transparency comes before trust.
III. A WORD ABOUT VPN AFFILIATES
You may have started your search for a VPN by looking for "VPN Reviews" in your search engine of choice. if you had, you would have gotten page upon page of what seem to be harmless review sites, top 10 or blog style reviews of different VPN services. You may even be coming here for confirmation of what you were told on those sites. The sites making these recommendations are, in almost every case, paid by the services they review and recommend. They are beginning their business relationship with you, with what essentially amounts to a lie. The technical term for this kind of marketing is "native advertising" and it's abuse is a huge problem in the VPN industry.
I purposefully made a point to capture this kind of data on my VPN Comparison Chart. There you can find information on services that have affiliate programs, the specific policies they have for them and whether or not the affiliates act ethically, essentially what the services tolerate from those representing them, when it comes to persuading YOU to buy into the information they put out.
Note that not all affiliates have to be bad actors and simply having an affiliate program is not necessarily grounds for mistrust of a VPN, but rather when those services allow their resellers to generate referrals by hook or by crook. If you see a service appear over and over again on the kinds of sites mentioned above, there is a good chance they are making money from, and are perfectly okay with these kinds of deceptive practices as a part of their business model. They often will claim that it's just the affiliate doing this, and that they can't control what others do. This is false. Affiliates, like anyone entering into a business relationship with someone, agree to certain terms put forth by the service hiring them. If a company doesn't expect and enforce certain standards from their affiliates (not spamming, not breaking copyright, disclosing who they are, etc), they are approving these methods, and are not worthy of your trust. If they are willing to lie to you before you even buy into their service, the stage is set for them to be dishonest with you when you interact with them on a normal basis as a customer.
IV. IF YOU'RE CONCERNED WITH PRIVACY
  • a. More on Trust
As a lawyer represents your legal interests, a VPN service (among others) represents your privacy interests. If a lawyer does something to violate your trust or is not honest about some aspect of their representation that could affect you, you would discard them and you'd be right to do so. Likewise with a VPN service. There are many out there that are not worth your time or money. Unlike a lawyer, a VPN can be put together and promoted by anyone with access to a computer, the key difference being that you would never even see their face.
If you are looking for a VPN for privacy purposes, you already believe you cannot trust certain parties. Those parties might be companies whose websites you visit or maybe even an oppressive government whose mass surveillance is encroaching on your rights. You are being put in a position where you must rely on someone other than yourself for protection and the last thing you need is one more party that you can't trust.
This decision is an important one, and not just any VPN service is worthy of that trust. You're trusting them to know what they're doing - to be able to operate a competent service that will protect your privacy. You are trusting them to be responsive to new technical and geopolitical threats to their operation. You're trusting them to be honest with you in the way they do business so that when you are shopping and comparing, you are getting accurate information.
  • b. More on Affiliates
In the main section at the beginning of this guide, I talked about affiliate practices, so I will only briefly mention it here. If you choose a company with an affiliate program, choose one that expects and enforces good behavior from their reselling partners. You can usually read their affiliate terms on their site. If they are not publicly visible, they should respond with this information when asked. If not, or if they play games with you, look elsewhere. More information on affiliate policies and behavior can be found on my VPN Comparison Chart.
  • c. Jurisdiction
In the last few years, certain revelations have been made manifest regarding the mass surveillance programs of various countries around the globe. These countries are known as the five, nine, and fourteen eyes. These countries not only spy on their own citizens where they can get away with it, but they spy on each others, and swap notes to bypass governmental restrictions on power. If a service, or the people who run a service is based in one of these countries, it's not unreasonable to expect that they may be susceptible to unlawful searches and compromises made in the name of national security. That said, if your threat model includes protection from such actions, choosing a company incorporated outside of these jurisdictions probably would not be adequate to protect you - as such actors have vast resources, and if singled out, you would need to worry about more than your VPN (by relying on other tools such as Tor, Tails, paying very close attention to your opsec, etc). Where the servers you're connecting to and the people who operate / have control of them are located are more important than where a company is incorporated, to protect yourself from government overreach
Other countries are not part of the spy collaboration mentioned above, but still have issues with government limitations on internet freedom and free speech. Avoid countries with limited internet freedom. The degree of internet freedom a country has can also be found under "jurisdiction" on my sheet.
  • d. Logging
When you connect to a VPN service, you are essentially just adding one more stop along your route to the open internet. The VPN is a "man in the middle" who you are trusting with the traffic and connection data that is being generated in the background as you use the internet. Some VPN companies choose to log this data. There are many reasons for doing so, some more legitimate than others. Some services record this to protect themselves legally in the case they are approached by authorities. Some companies keep minimal connection logs to aid them in maintaining servers. Some will even sell your data to third parties as part of their business model. If your concern is privacy, you most likely do not want your browsing habits and connection data being recorded. Choose a service that specifically states that they do not keep logs, AND which types they do not keep. Make sure they do not keep ANY kind of activity or connection log Many services claim to not keep logs, but are vague, and upon closer inspection actually do keep certain types, so be wary of such promises until you've confirmed it for yourself in their respective terms and privacy policies.
  • e. Payments and Communication
Assuming privacy is your priority, when you go to pay for your VPN service, there are many methods available, but only a few worth consideration. Services that offer the ability to pay by Bitcoin, cash, or misc gift cards are the best way to ensure that you are kept as anonymous as possible. if these services require more personal information than an email address, look the other direction - this is information they're recording about you that may be used at best to sell to third parties, at worst to later identify you.
Some services offer a PGP key for additional privacy. This is a nice thing to have if you want to be able to communicate with them using encryption.
  • f. Protocols
There are many different kinds of VPN protocols that allow you to establish a tunnel with your service provider - some more secure than others. Certain protocols are documented to have been compromised. Others are free and open source, and as such are freely available for security experts to audit and improve. The free availability of the source code helps to ensure that vulnerabilities are patched quickly and that individuals so inclined can see exactly how their software is working. Choose a VPN that supports OpenVPN and use it to connect to your VPN server. Avoid using other protocols, specifically PPTP as its not suited for privacy.
  • g. DNS and IPv6 Leaks
Throughout the course of using the internet, your computer sends and receives a lot of data that isn't visible to you, the user. When you type in a web address, a request is sent to a server that is usually operated by your ISP. When you connect to the internet using a VPN, this responsibility is now on them. If they don't take certain actions, this request containing info for the site your want to visit is being sent to THEIR ISP instead. This may not be as bad as it going through yours, but as I mentioned logging above - if the company in question even keeps certain logs, there is a chance that the sites you try to visit can be correlated with the timestamps of when such a request is sent. As an alternative, some use public DNS servers, such as google's, which is not ideal for privacy. Choose a VPN service that maintains their own first party DNS server that won't leak - then TEST IT TO MAKE SURE.
When using the internet, you connect to IP addresses. Traditionally, IPv4 is used to accomplish this (you may have seen numbers in the past like 8.8.8.8 or 216.58.217.206, etc). There is another standard that will some day be more prevalent, called IPv6, but that is being used now during the time it transitions into normal configurations (vastly more IPv6 numbers exist than IPv4). When you connect and use the internet (unless you have specifically taken steps to disable it), you are sending and receiving IPv6 data. Again, normally, this data is sent and resolved through your ISP and their DNS servers, but unless properly configured, this information might not be securely passing through the VPN tunnel and could be leaking to the open internet. Given such routed global IPv6 addresses, it's easy for remote sites to identify user ISPs. And with requisite authority, account information could be obtained from those ISPs. Choose a VPN service that either blocks or provides new VPN-specific IPv6 address and provides an IPv6 DNS server that's reachable only through the VPN tunnel - then TEST IT TO MAKE SURE.
  • h. Encryption and other Features
Around 1440 AD, the Printing Press was invented. It created a method for the common person to quickly disperse information, technologically reinforcing the natural right to freely speak and share information. More recently the internet allows billions to freely and openly share ideas and advance humanity. This reaffirmed the common person's rights in such a way that was difficult for governments or organizations to stifle. Similarly, until the invention of firearms, only those physically capable could defend themselves from those that wished to encroach on their rights, thus this technological advancement reinforced the individual's right to self defense. This brings us to Computerized Encryption. As with the other technological advancements mentioned above, Encryption provides a simple-to-use method that the average user can take advantage of to reinforce their right to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures.
Choose a VPN service that has strong data and handshake encryption. Make sure the protocol you choose has the level of advertised encryption available to it, as services typically provide more than one protocol with varying levels of encryption strength. The VPN Comparison Chart can help you determine what is considered strong by the color coding on these fields. Be sure that even if the service has the type of encryption you want available BY DEFAULT - some services will technically offer strong encryption, but it has to be manually configured (not user friendly).
Optionally, depending on your use case and threat model, you may be interested in making sure Authenticated SMTP (to send email) and P2P (to file share, download, use Bitcoin, etc) are not blocked on your VPN's servers
  • i. Websites and your Privacy
When you start to search for services and are browsing on their websites, there are some additional items you may want to consider. Speaking of trust and privacy - some companies will use tracking cookies to determine how to best serve you ads, which other sites you've been to, and some will even phone home with specific personal information. Best case, this is an abuse of power by companies stretching the limits of their ideas on how to gather this info, worst case, it can be used to intentionally violate your privacy and tie your device back to the site and activity performed on it. Choose a company that respects your privacy enough to use few if any persistent or external tracking cookies. If they are already violating your privacy the moment you visit their site, you have no assurance that they will take your privacy seriously after hiring them to represent your interests. Available for years, https allows websites to entirely encrypt all data sent and received with the user, effectively blocking out those that might try spying on such web traffic. Choose a service that encrypts their website with an SSL Certificate. Additionally, CloudFlare, Incapsula, and similar services have recently become popular with websites for their DDoS protection and dynamic bandwidth scaling. However, these services act as an additional man in the middle between your VPN's website and you. In the wrong hands, the information they collect and have access to about your VPN's website, and your interaction with it, could be compromised. Avoid VPNs that use CloudFlare, Incapsula, and other such services.
V. IF YOU'RE CONCERNED WITH SECURITY
Many of the points made above are relevant to security as well as privacy, and I will point some out below.
Jurisdiction, specifically Freedom Status is important to ensure an environment where laws are enforced and physical security that we take for granted in some parts of the world are applicable to the servers we communicate with. This also helps indicate that our service and the servers we connect to are located in places that respect internet freedom. This information can be found on the Comparison Chart and confirmed on Freedom House's website.
IPv6 should be specifically tunnelled or blocked outright the same as with the privacy scenario above.
First party DNS servers, as mentioned above, are ideal for preventing leaks of your data.
Both data and handshake encryption should be strong and available for the protocol you choose (which again, should not be PPTP). Other protocols are probably secure enough for daily use. Note that no protocol is bulletproof and exploits probably exist and are discoverable for each and every one of them. Such exploits are even more discoverable by governments with vast amounts of resources.
VI. IF YOU'RE CONCERNED WITH UN-GEOBLOCKING
If your only concern is escaping geoblocks, your needs are far less numerous. Being able to connect to an exit node in the country of your choice is really the only requirement. This doesn't mean necessarily however that you want to neglect the proper security measures discussed above, only that for things like Netflix, Hulu, certain TV online channels and sporting events, they are less important if un-geoblocking is ALL you're trying to do, almost anything will work, HOWEVER - if Privacy and Security are of any concern whatsoever, heed the advice above and know that un-geoblocking will virtually always come naturally when shopping for those needs (as long as required server availability is a feature of your chosen VPN)
VII. IF YOU'RE CONCERNED WITH BYPASSING RESTRICTIVE NETWORKS
Some parts of the world are resisting the ever-growing ability for their citizens to freely share information and as such have implemented roadblocks in their networking infrastructure to cripple such communication. For example, the "Great Firewall of China" has several layers of VPN detection and blocking built into it. Other networks belonging to large corporations or maybe even your Internet Service Provider may restrict you from using certain ports, limiting what you can use the internet for. However, there are ways to get around these restrictions by using the right VPN.
Features such as multihop, TCP port 443, Obfsproxy, SOCKS, SSL tunnels, SSH tunnels, and some other proprietary solutions (which may be built specifically by a given VPN company) can be useful in avoiding these restrictions. As for which are most effective, it's a matter of which restriction is being inflicted upon the user. Speak with your VPN service's support team to determine which might be effective in your case. The VPN Comparison Chart shows which services support which of these protocols and features in their configuration. Using TCP port 443 is usually a relatively common and user-friendly measure to bypass a restrictive/oppressive network.
VIII. CLEARING UP MISCONCEPTIONS
Kill switches - Many VPN services offer in their client a feature called a "Kill switch". The idea with a Kill Switch is that when the VPN loses its connection, it completely prevents the device from using internet, thus preventing accidental leaks of local connection data. Kill Switches are implemented very differently and will never be secure due to their design. The only 100% effective and secure configuration to accomplish prevention of leaks is a properly configured firewall. There are two main types of kill switches, those that shut down preconfigured apps in response to detecting the VPN connection has dropped and those that disable the network connection (or delete routes etc) if they detect a disconnection. In both of these cases the Kill Switch component is having to react to an event and very often leads to leaks - just a single packet is all it takes to compromise your privacy. The only way to be absolutely certain that packets cannot leak is for there to be an independent component (the Firewall) that blocks all packets unless destined for the VPN interface.
Warrant Canaries - Some VPN services maintain a document called a "Warrant Canary". This is a document put out and updated by them certifying that they have not been contacted by government agencies or coerced to compromise their user's data. In theory, if such an event occurred forcing them to compromise their principles, they would stop updating the canary, which in turn would indicate to users that their data is no longer private. Note that not all companies use effective warrant canaries. There is some debate as to the effectiveness of a warrant canary between experts to begin with - as force can be used by governments to coerce companies into maintaining them, thus nullifying their effectiveness. They are usually nothing more than marketing theater. If a company WAS operating a good canary, it would be almost impossible to tell. A warrant canary is almost a better feature to care about once you've found a trustworthy, capable service, rather than looking for a company that has one when shopping around.
I hope that this guide has been useful. I've been meaning to write one for some time, but as you can tell, it's pretty involved. Feel free to ask me if you have any questions - as usual you can contact me on reddit or using the contact info on my sheet.
Written by That One Privacy Guy
submitted by ThatOnePrivacyGuy to VPN [link] [comments]

That One Privacy Guy's - Guide to Choosing the Best VPN (for you)

Update: This can now be found on my website here.
That One Privacy Guy's - Guide to Choosing the Best VPN (for you)
Disclaimer: The below guide is my opinion, which I will try to provide as many examples for and as much evidence as possible to support. I reference my VPN Comparison Chart throughout much of this post, not so much for shameless self promotion, but because I believe it to be a solid resource to determine if a VPN meets your criteria and to assist you in deciding which is best for you. If you just want an ELI5, read the bolded segments throughout the guide for the highlights. If you want to go down the rabbit hole on this topic, read on, and buckle up - this is going to be long.
TABLE OF CONTENTS
I. INTRODUCTION
II. A WORD ABOUT TRUST
III. A WORD ABOUT VPN AFFILIATES
IV. IF YOU'RE CONCERNED WITH PRIVACY
V. IF YOUR CONCERNED WITH SECURITY
VI. IF YOU'RE CONCERNED WITH UN-GEOBLOCKING
VII IF YOU'RE CONCERNED WITH BYPASSING RESTRICTIVE NETWORKS
VIII. CLEARING UP MISCONCEPTIONS
I. INTRODUCTION:
The following is intended to be a detailed guide to answer the question, "How do I choose the best VPN (for me)?" The reason this is a hard thing to help people with, is that their needs and level of technical knowledge vary greatly - there is no one perfect VPN, they all have at least some flaws and some will just flat out be better for different people.
I very well might have forgotten to add a section I intended to, said something that needs clarification, or was just sleepy when I wrote parts of this guide, so I intend to update and expand it as needed.
I'm assuming that if you're reading this far, you have at least SOME knowledge as to the basics of what a VPN is, so I won't cover that here. This will be heavily emphasizing the need of a VPN for privacy, but I will echo and expand on other use cases as well towards the end.
II. A WORD ABOUT TRUST
No matter what reason you want a VPN, you want to know that the service you choose is trustworthy and is not compromising your data. Even if you're only concerned with geo-unblocking or other non-privacy uses, keep reading. I'll get more into this in the "Privacy" section, but it's important for everyone to be exposed to it at least a little.
A preface regarding privacy and trust, from another thread I made a while back. This applies to every company, but I would suggest especially so for VPNs.
We live in a society where privacy is undervalued and under assault daily. Some people eventually notice this and discover that they do value their own. They set out on a pilgrimage of sorts to educate themselves and learn about tools to help them protect it (as I did when I started my project). Because we depend on each other for direction and others to write software and run services to help keep us secure - TRUST AND TRANSPARENCY - are paramount.
However, transparency comes before trust.
III. A WORD ABOUT VPN AFFILIATES
You may have started your search for a VPN by looking for "VPN Reviews" in your search engine of choice. if you had, you would have gotten page upon page of what seem to be harmless review sites, top 10 or blog style reviews of different VPN services. You may even be coming here for confirmation of what you were told on those sites. The sites making these recommendations are, in almost every case, paid by the services they review and recommend. They are beginning their business relationship with you, with what essentially amounts to a lie. The technical term for this kind of marketing is "native advertising" and it's abuse is a huge problem in the VPN industry.
I purposefully made a point to capture this kind of data on my VPN Comparison Chart. There you can find information on services that have affiliate programs, the specific policies they have for them and whether or not the affiliates act ethically, essentially what the services tolerate from those representing them, when it comes to persuading YOU to buy into the information they put out.
Note that not all affiliates have to be bad actors and simply having an affiliate program is not necessarily grounds for mistrust of a VPN, but rather when those services allow their resellers to generate referrals by hook or by crook. If you see a service appear over and over again on the kinds of sites mentioned above, there is a good chance they are making money from, and are perfectly okay with these kinds of deceptive practices as a part of their business model. They often will claim that it's just the affiliate doing this, and that they can't control what others do. This is false. Affiliates, like anyone entering into a business relationship with someone, agree to certain terms put forth by the service hiring them. If a company doesn't expect and enforce certain standards from their affiliates (not spamming, not breaking copyright, disclosing who they are, etc), they are approving these methods, and are not worthy of your trust. If they are willing to lie to you before you even buy into their service, the stage is set for them to be dishonest with you when you interact with them on a normal basis as a customer.
IV. IF YOU'RE CONCERNED WITH PRIVACY
  • a. More on Trust
As a lawyer represents your legal interests, a VPN service (among others) represents your privacy interests. If a lawyer does something to violate your trust or is not honest about some aspect of their representation that could affect you, you would discard them and you'd be right to do so. Likewise with a VPN service. There are many out there that are not worth your time or money. Unlike a lawyer, a VPN can be put together and promoted by anyone with access to a computer, the key difference being that you would never even see their face.
If you are looking for a VPN for privacy purposes, you already believe you cannot trust certain parties. Those parties might be companies whose websites you visit or maybe even an oppressive government whose mass surveillance is encroaching on your rights. You are being put in a position where you must rely on someone other than yourself for protection and the last thing you need is one more party that you can't trust.
This decision is an important one, and not just any VPN service is worthy of that trust. You're trusting them to know what they're doing - to be able to operate a competent service that will protect your privacy. You are trusting them to be responsive to new technical and geopolitical threats to their operation. You're trusting them to be honest with you in the way they do business so that when you are shopping and comparing, you are getting accurate information.
  • b. More on Affiliates
In the main section at the beginning of this guide, I talked about affiliate practices, so I will only briefly mention it here. If you choose a company with an affiliate program, choose one that expects and enforces good behavior from their reselling partners. You can usually read their affiliate terms on their site. If they are not publicly visible, they should respond with this information when asked. If not, or if they play games with you, look elsewhere. More information on affiliate policies and behavior can be found on my VPN Comparison Chart.
  • c. Jurisdiction
In the last few years, certain revelations have been made manifest regarding the mass surveillance programs of various countries around the globe. These countries are known as the five, nine, and fourteen eyes. These countries not only spy on their own citizens where they can get away with it, but they spy on each others, and swap notes to bypass governmental restrictions on power. If a service, or the people who run a service is based in one of these countries, it's not unreasonable to expect that they may be susceptible to unlawful searches and compromises made in the name of national security. That said, if your threat model includes protection from such actions, choosing a company incorporated outside of these jurisdictions probably would not be adequate to protect you - as such actors have vast resources, and if singled out, you would need to worry about more than your VPN (by relying on other tools such as Tor, Tails, paying very close attention to your opsec, etc). Where the servers you're connecting to and the people who operate / have control of them are located are more important than where a company is incorporated, to protect yourself from government overreach
Other countries are not part of the spy collaboration mentioned above, but still have issues with government limitations on internet freedom and free speech. Avoid countries with limited internet freedom. The degree of internet freedom a country has can also be found under "jurisdiction" on my sheet.
  • d. Logging
When you connect to a VPN service, you are essentially just adding one more stop along your route to the open internet. The VPN is a "man in the middle" who you are trusting with the traffic and connection data that is being generated in the background as you use the internet. Some VPN companies choose to log this data. There are many reasons for doing so, some more legitimate than others. Some services record this to protect themselves legally in the case they are approached by authorities. Some companies keep minimal connection logs to aid them in maintaining servers. Some will even sell your data to third parties as part of their business model. If your concern is privacy, you most likely do not want your browsing habits and connection data being recorded. Choose a service that specifically states that they do not keep logs, AND which types they do not keep. Make sure they do not keep ANY kind of activity or connection log Many services claim to not keep logs, but are vague, and upon closer inspection actually do keep certain types, so be wary of such promises until you've confirmed it for yourself in their respective terms and privacy policies.
  • e. Payments and Communication
Assuming privacy is your priority, when you go to pay for your VPN service, there are many methods available, but only a few worth consideration. Services that offer the ability to pay by Bitcoin, cash, or misc gift cards are the best way to ensure that you are kept as anonymous as possible. if these services require more personal information than an email address, look the other direction - this is information they're recording about you that may be used at best to sell to third parties, at worst to later identify you.
Some services offer a PGP key for additional privacy. This is a nice thing to have if you want to be able to communicate with them using encryption.
  • f. Protocols
There are many different kinds of VPN protocols that allow you to establish a tunnel with your service provider - some more secure than others. Certain protocols are documented to have been compromised. Others are free and open source, and as such are freely available for security experts to audit and improve. The free availability of the source code helps to ensure that vulnerabilities are patched quickly and that individuals so inclined can see exactly how their software is working. Choose a VPN that supports OpenVPN and use it to connect to your VPN server. Avoid using other protocols, specifically PPTP as its not suited for privacy.
  • g. DNS and IPv6 Leaks
Throughout the course of using the internet, your computer sends and receives a lot of data that isn't visible to you, the user. When you type in a web address, a request is sent to a server that is usually operated by your ISP. When you connect to the internet using a VPN, this responsibility is now on them. If they don't take certain actions, this request containing info for the site your want to visit is being sent to THEIR ISP instead. This may not be as bad as it going through yours, but as I mentioned logging above - if the company in question even keeps certain logs, there is a chance that the sites you try to visit can be correlated with the timestamps of when such a request is sent. As an alternative, some use public DNS servers, such as google's, which is not ideal for privacy. Choose a VPN service that maintains their own first party DNS server that won't leak - then TEST IT TO MAKE SURE.
When using the internet, you connect to IP addresses. Traditionally, IPv4 is used to accomplish this (you may have seen numbers in the past like 8.8.8.8 or 216.58.217.206, etc). There is another standard that will some day be more prevalent, called IPv6, but that is being used now during the time it transitions into normal configurations (vastly more IPv6 numbers exist than IPv4). When you connect and use the internet (unless you have specifically taken steps to disable it), you are sending and receiving IPv6 data. Again, normally, this data is sent and resolved through your ISP and their DNS servers, but unless properly configured, this information might not be securely passing through the VPN tunnel and could be leaking to the open internet. Given such routed global IPv6 addresses, it's easy for remote sites to identify user ISPs. And with requisite authority, account information could be obtained from those ISPs. Choose a VPN service that either blocks or provides new VPN-specific IPv6 address and provides an IPv6 DNS server that's reachable only through the VPN tunnel - then TEST IT TO MAKE SURE.
  • h. Encryption and other Features
Around 1440 AD, the Printing Press was invented. It created a method for the common person to quickly disperse information, technologically reinforcing the natural right to freely speak and share information. More recently the internet allows billions to freely and openly share ideas and advance humanity. This reaffirmed the common person's rights in such a way that was difficult for governments or organizations to stifle. Similarly, until the invention of firearms, only those physically capable could defend themselves from those that wished to encroach on their rights, thus this technological advancement reinforced the individual's right to self defense. This brings us to Computerized Encryption. As with the other technological advancements mentioned above, Encryption provides a simple-to-use method that the average user can take advantage of to reinforce their right to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures.
Choose a VPN service that has strong data and handshake encryption. Make sure the protocol you choose has the level of advertised encryption available to it, as services typically provide more than one protocol with varying levels of encryption strength. The VPN Comparison Chart can help you determine what is considered strong by the color coding on these fields. Be sure that even if the service has the type of encryption you want available BY DEFAULT - some services will technically offer strong encryption, but it has to be manually configured (not user friendly).
Optionally, depending on your use case and threat model, you may be interested in making sure Authenticated SMTP (to send email) and P2P (to file share, download, use Bitcoin, etc) are not blocked on your VPN's servers
  • i. Websites and your Privacy
When you start to search for services and are browsing on their websites, there are some additional items you may want to consider. Speaking of trust and privacy - some companies will use tracking cookies to determine how to best serve you ads, which other sites you've been to, and some will even phone home with specific personal information. Best case, this is an abuse of power by companies stretching the limits of their ideas on how to gather this info, worst case, it can be used to intentionally violate your privacy and tie your device back to the site and activity performed on it. Choose a company that respects your privacy enough to use few if any persistent or external tracking cookies. If they are already violating your privacy the moment you visit their site, you have no assurance that they will take your privacy seriously after hiring them to represent your interests. Available for years, https allows websites to entirely encrypt all data sent and received with the user, effectively blocking out those that might try spying on such web traffic. Choose a service that encrypts their website with an SSL Certificate. Additionally, CloudFlare, Incapsula, and similar services have recently become popular with websites for their DDoS protection and dynamic bandwidth scaling. However, these services act as an additional man in the middle between your VPN's website and you. In the wrong hands, the information they collect and have access to about your VPN's website, and your interaction with it, could be compromised. Avoid VPNs that use CloudFlare, Incapsula, and other such services.
V. IF YOU'RE CONCERNED WITH SECURITY
Many of the points made above are relevant to security as well as privacy, and I will point some out below.
Jurisdiction, specifically Freedom Status is important to ensure an environment where laws are enforced and physical security that we take for granted in some parts of the world are applicable to the servers we communicate with. This also helps indicate that our service and the servers we connect to are located in places that respect internet freedom. This information can be found on the Comparison Chart and confirmed on Freedom House's website.
IPv6 should be specifically tunnelled or blocked outright the same as with the privacy scenario above.
First party DNS servers, as mentioned above, are ideal for preventing leaks of your data.
Both data and handshake encryption should be strong and available for the protocol you choose (which again, should not be PPTP). Other protocols are probably secure enough for daily use. Note that no protocol is bulletproof and exploits probably exist and are discoverable for each and every one of them. Such exploits are even more discoverable by governments with vast amounts of resources.
VI. IF YOU'RE CONCERNED WITH UN-GEOBLOCKING
If your only concern is escaping geoblocks, your needs are far less numerous. Being able to connect to an exit node in the country of your choice is really the only requirement. This doesn't mean necessarily however that you want to neglect the proper security measures discussed above, only that for things like Netflix, Hulu, certain TV online channels and sporting events, they are less important if un-geoblocking is ALL you're trying to do, almost anything will work, HOWEVER - if Privacy and Security are of any concern whatsoever, heed the advice above and know that un-geoblocking will virtually always come naturally when shopping for those needs (as long as required server availability is a feature of your chosen VPN)
VII. IF YOU'RE CONCERNED WITH BYPASSING RESTRICTIVE NETWORKS
Some parts of the world are resisting the ever-growing ability for their citizens to freely share information and as such have implemented roadblocks in their networking infrastructure to cripple such communication. For example, the "Great Firewall of China" has several layers of VPN detection and blocking built into it. Other networks belonging to large corporations or maybe even your Internet Service Provider may restrict you from using certain ports, limiting what you can use the internet for. However, there are ways to get around these restrictions by using the right VPN.
Features such as multihop, TCP port 443, Obfsproxy, SOCKS, SSL tunnels, SSH tunnels, and some other proprietary solutions (which may be built specifically by a given VPN company) can be useful in avoiding these restrictions. As for which are most effective, it's a matter of which restriction is being inflicted upon the user. Speak with your VPN service's support team to determine which might be effective in your case. The VPN Comparison Chart shows which services support which of these protocols and features in their configuration. Using TCP port 443 is usually a relatively common and user-friendly measure to bypass a restrictive/oppressive network.
VIII. CLEARING UP MISCONCEPTIONS
Kill switches - Many VPN services offer in their client a feature called a "Kill switch". The idea with a Kill Switch is that when the VPN loses its connection, it completely prevents the device from using internet, thus preventing accidental leaks of local connection data. Kill Switches are implemented very differently and will never be secure due to their design. The only 100% effective and secure configuration to accomplish prevention of leaks is a properly configured firewall. There are two main types of kill switches, those that shut down preconfigured apps in response to detecting the VPN connection has dropped and those that disable the network connection (or delete routes etc) if they detect a disconnection. In both of these cases the Kill Switch component is having to react to an event and very often leads to leaks - just a single packet is all it takes to compromise your privacy. The only way to be absolutely certain that packets cannot leak is for there to be an independent component (the Firewall) that blocks all packets unless destined for the VPN interface.
Warrant Canaries - Some VPN services maintain a document called a "Warrant Canary". This is a document put out and updated by them certifying that they have not been contacted by government agencies or coerced to compromise their user's data. In theory, if such an event occurred forcing them to compromise their principles, they would stop updating the canary, which in turn would indicate to users that their data is no longer private. Note that not all companies use effective warrant canaries. There is some debate as to the effectiveness of a warrant canary between experts to begin with - as force can be used by governments to coerce companies into maintaining them, thus nullifying their effectiveness. They are usually nothing more than marketing theater. If a company WAS operating a good canary, it would be almost impossible to tell. A warrant canary is almost a better feature to care about once you've found a trustworthy, capable service, rather than looking for a company that has one when shopping around.
I hope that this guide has been useful. I've been meaning to write one for some time, but as you can tell, it's pretty involved. Feel free to ask me if you have any questions - as usual you can contact me on reddit or using the contact info on my sheet.
Written by That One Privacy Guy
submitted by ThatOnePrivacyGuy to privacytoolsIO [link] [comments]

That One Privacy Guy's - Guide to Choosing the Best VPN (for you)

That One Privacy Guy's - Guide to Choosing the Best VPN (for you)
Disclaimer: The below guide is my opinion, which I will try to provide as many examples for and as much evidence as possible to support. I reference my VPN Comparison Chart throughout much of this post, not so much for shameless self promotion, but because I believe it to be a solid resource to determine if a VPN meets your criteria and to assist you in deciding which is best for you. If you just want an ELI5, read the bolded segments throughout the guide for the highlights. If you want to go down the rabbit hole on this topic, read on, and buckle up - this is going to be long.
TABLE OF CONTENTS
I. INTRODUCTION
II. A WORD ABOUT TRUST
III. A WORD ABOUT VPN AFFILIATES
IV. IF YOU'RE CONCERNED WITH PRIVACY
V. IF YOUR CONCERNED WITH SECURITY
VI. IF YOU'RE CONCERNED WITH UN-GEOBLOCKING
VII IF YOU'RE CONCERNED WITH BYPASSING RESTRICTIVE NETWORKS
VIII. CLEARING UP MISCONCEPTIONS
I. INTRODUCTION:
The following is intended to be a detailed guide to answer the question, "How do I choose the best VPN (for me)?" The reason this is a hard thing to help people with, is that their needs and level of technical knowledge vary greatly - there is no one perfect VPN, they all have at least some flaws and some will just flat out be better for different people.
I very well might have forgotten to add a section I intended to, said something that needs clarification, or was just sleepy when I wrote parts of this guide, so I intend to update and expand it as needed.
I'm assuming that if you're reading this far, you have at least SOME knowledge as to the basics of what a VPN is, so I won't cover that here. This will be heavily emphasizing the need of a VPN for privacy, but I will echo and expand on other use cases as well towards the end.
II. A WORD ABOUT TRUST
No matter what reason you want a VPN, you want to know that the service you choose is trustworthy and is not compromising your data. Even if you're only concerned with geo-unblocking or other non-privacy uses, keep reading. I'll get more into this in the "Privacy" section, but it's important for everyone to be exposed to it at least a little.
A preface regarding privacy and trust, from another thread I made a while back. This applies to every company, but I would suggest especially so for VPNs.
We live in a society where privacy is undervalued and under assault daily. Some people eventually notice this and discover that they do value their own. They set out on a pilgrimage of sorts to educate themselves and learn about tools to help them protect it (as I did when I started my project). Because we depend on each other for direction and others to write software and run services to help keep us secure - TRUST AND TRANSPARENCY - are paramount.
However, transparency comes before trust.
III. A WORD ABOUT VPN AFFILIATES
You may have started your search for a VPN by looking for "VPN Reviews" in your search engine of choice. if you had, you would have gotten page upon page of what seem to be harmless review sites, top 10 or blog style reviews of different VPN services. You may even be coming here for confirmation of what you were told on those sites. The sites making these recommendations are, in almost every case, paid by the services they review and recommend. They are beginning their business relationship with you, with what essentially amounts to a lie. The technical term for this kind of marketing is "native advertising" and it's abuse is a huge problem in the VPN industry.
I purposefully made a point to capture this kind of data on my VPN Comparison Chart. There you can find information on services that have affiliate programs, the specific policies they have for them and whether or not the affiliates act ethically, essentially what the services tolerate from those representing them, when it comes to persuading YOU to buy into the information they put out.
Note that not all affiliates have to be bad actors and simply having an affiliate program is not necessarily grounds for mistrust of a VPN, but rather when those services allow their resellers to generate referrals by hook or by crook. If you see a service appear over and over again on the kinds of sites mentioned above, there is a good chance they are making money from, and are perfectly okay with these kinds of deceptive practices as a part of their business model. They often will claim that it's just the affiliate doing this, and that they can't control what others do. This is false. Affiliates, like anyone entering into a business relationship with someone, agree to certain terms put forth by the service hiring them. If a company doesn't expect and enforce certain standards from their affiliates (not spamming, not breaking copyright, disclosing who they are, etc), they are approving these methods, and are not worthy of your trust. If they are willing to lie to you before you even buy into their service, the stage is set for them to be dishonest with you when you interact with them on a normal basis as a customer.
IV. IF YOU'RE CONCERNED WITH PRIVACY
  • a. More on Trust
As a lawyer represents your legal interests, a VPN service (among others) represents your privacy interests. If a lawyer does something to violate your trust or is not honest about some aspect of their representation that could affect you, you would discard them and you'd be right to do so. Likewise with a VPN service. There are many out there that are not worth your time or money. Unlike a lawyer, a VPN can be put together and promoted by anyone with access to a computer, the key difference being that you would never even see their face.
If you are looking for a VPN for privacy purposes, you already believe you cannot trust certain parties. Those parties might be companies whose websites you visit or maybe even an oppressive government whose mass surveillance is encroaching on your rights. You are being put in a position where you must rely on someone other than yourself for protection and the last thing you need is one more party that you can't trust.
This decision is an important one, and not just any VPN service is worthy of that trust. You're trusting them to know what they're doing - to be able to operate a competent service that will protect your privacy. You are trusting them to be responsive to new technical and geopolitical threats to their operation. You're trusting them to be honest with you in the way they do business so that when you are shopping and comparing, you are getting accurate information.
  • b. More on Affiliates
In the main section at the beginning of this guide, I talked about affiliate practices, so I will only briefly mention it here. If you choose a company with an affiliate program, choose one that expects and enforces good behavior from their reselling partners. You can usually read their affiliate terms on their site. If they are not publicly visible, they should respond with this information when asked. If not, or if they play games with you, look elsewhere. More information on affiliate policies and behavior can be found on my VPN Comparison Chart.
  • c. Jurisdiction
In the last few years, certain revelations have been made manifest regarding the mass surveillance programs of various countries around the globe. These countries are known as the five, nine, and fourteen eyes. These countries not only spy on their own citizens where they can get away with it, but they spy on each others, and swap notes to bypass governmental restrictions on power. If a service, or the people who run a service is based in one of these countries, it's not unreasonable to expect that they may be susceptible to unlawful searches and compromises made in the name of national security. That said, if your threat model includes protection from such actions, choosing a company incorporated outside of these jurisdictions probably would not be adequate to protect you - as such actors have vast resources, and if singled out, you would need to worry about more than your VPN (by relying on other tools such as Tor, Tails, paying very close attention to your opsec, etc). Where the servers you're connecting to and the people who operate / have control of them are located are more important than where a company is incorporated, to protect yourself from government overreach
Other countries are not part of the spy collaboration mentioned above, but still have issues with government limitations on internet freedom and free speech. Avoid countries with limited internet freedom. The degree of internet freedom a country has can also be found under "jurisdiction" on my sheet.
  • d. Logging
When you connect to a VPN service, you are essentially just adding one more stop along your route to the open internet. The VPN is a "man in the middle" who you are trusting with the traffic and connection data that is being generated in the background as you use the internet. Some VPN companies choose to log this data. There are many reasons for doing so, some more legitimate than others. Some services record this to protect themselves legally in the case they are approached by authorities. Some companies keep minimal connection logs to aid them in maintaining servers. Some will even sell your data to third parties as part of their business model. If your concern is privacy, you most likely do not want your browsing habits and connection data being recorded. Choose a service that specifically states that they do not keep logs, AND which types they do not keep. Make sure they do not keep ANY kind of activity or connection log Many services claim to not keep logs, but are vague, and upon closer inspection actually do keep certain types, so be wary of such promises until you've confirmed it for yourself in their respective terms and privacy policies.
  • e. Payments and Communication
Assuming privacy is your priority, when you go to pay for your VPN service, there are many methods available, but only a few worth consideration. Services that offer the ability to pay by Bitcoin, cash, or misc gift cards are the best way to ensure that you are kept as anonymous as possible. if these services require more personal information than an email address, look the other direction - this is information they're recording about you that may be used at best to sell to third parties, at worst to later identify you.
Some services offer a PGP key for additional privacy. This is a nice thing to have if you want to be able to communicate with them using encryption.
  • f. Protocols
There are many different kinds of VPN protocols that allow you to establish a tunnel with your service provider - some more secure than others. Certain protocols are documented to have been compromised. Others are free and open source, and as such are freely available for security experts to audit and improve. The free availability of the source code helps to ensure that vulnerabilities are patched quickly and that individuals so inclined can see exactly how their software is working. Choose a VPN that supports OpenVPN and use it to connect to your VPN server. Avoid using other protocols, specifically PPTP as its not suited for privacy.
  • g. DNS and IPv6 Leaks
Throughout the course of using the internet, your computer sends and receives a lot of data that isn't visible to you, the user. When you type in a web address, a request is sent to a server that is usually operated by your ISP. When you connect to the internet using a VPN, this responsibility is now on them. If they don't take certain actions, this request containing info for the site your want to visit is being sent to THEIR ISP instead. This may not be as bad as it going through yours, but as I mentioned logging above - if the company in question even keeps certain logs, there is a chance that the sites you try to visit can be correlated with the timestamps of when such a request is sent. As an alternative, some use public DNS servers, such as google's, which is not ideal for privacy. Choose a VPN service that maintains their own first party DNS server that won't leak - then TEST IT TO MAKE SURE.
When using the internet, you connect to IP addresses. Traditionally, IPv4 is used to accomplish this (you may have seen numbers in the past like 8.8.8.8 or 216.58.217.206, etc). There is another standard that will some day be more prevalent, called IPv6, but that is being used now during the time it transitions into normal configurations (vastly more IPv6 numbers exist than IPv4). When you connect and use the internet (unless you have specifically taken steps to disable it), you are sending and receiving IPv6 data. Again, normally, this data is sent and resolved through your ISP and their DNS servers, but unless properly configured, this information might not be securely passing through the VPN tunnel and could be leaking to the open internet. Given such routed global IPv6 addresses, it's easy for remote sites to identify user ISPs. And with requisite authority, account information could be obtained from those ISPs. Choose a VPN service that either blocks or provides new VPN-specific IPv6 address and provides an IPv6 DNS server that's reachable only through the VPN tunnel - then TEST IT TO MAKE SURE.
  • h. Encryption and other Features
Around 1440 AD, the Printing Press was invented. It created a method for the common person to quickly disperse information, technologically reinforcing the natural right to freely speak and share information. More recently the internet allows billions to freely and openly share ideas and advance humanity. This reaffirmed the common person's rights in such a way that was difficult for governments or organizations to stifle. Similarly, until the invention of firearms, only those physically capable could defend themselves from those that wished to encroach on their rights, thus this technological advancement reinforced the individual's right to self defense. This brings us to Computerized Encryption. As with the other technological advancements mentioned above, Encryption provides a simple-to-use method that the average user can take advantage of to reinforce their right to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures.
Choose a VPN service that has strong data and handshake encryption. Make sure the protocol you choose has the level of advertised encryption available to it, as services typically provide more than one protocol with varying levels of encryption strength. The VPN Comparison Chart can help you determine what is considered strong by the color coding on these fields. Be sure that even if the service has the type of encryption you want available BY DEFAULT - some services will technically offer strong encryption, but it has to be manually configured (not user friendly).
Optionally, depending on your use case and threat model, you may be interested in making sure Authenticated SMTP (to send email) and P2P (to file share, download, use Bitcoin, etc) are not blocked on your VPN's servers
  • i. Websites and your Privacy
When you start to search for services and are browsing on their websites, there are some additional items you may want to consider. Speaking of trust and privacy - some companies will use tracking cookies to determine how to best serve you ads, which other sites you've been to, and some will even phone home with specific personal information. Best case, this is an abuse of power by companies stretching the limits of their ideas on how to gather this info, worst case, it can be used to intentionally violate your privacy and tie your device back to the site and activity performed on it. Choose a company that respects your privacy enough to use few if any persistent or external tracking cookies. If they are already violating your privacy the moment you visit their site, you have no assurance that they will take your privacy seriously after hiring them to represent your interests. Available for years, https allows websites to entirely encrypt all data sent and received with the user, effectively blocking out those that might try spying on such web traffic. Choose a service that encrypts their website with an SSL Certificate. Additionally, CloudFlare, Incapsula, and similar services have recently become popular with websites for their DDoS protection and dynamic bandwidth scaling. However, these services act as an additional man in the middle between your VPN's website and you. In the wrong hands, the information they collect and have access to about your VPN's website, and your interaction with it, could be compromised. Avoid VPNs that use CloudFlare, Incapsula, and other such services.
V. IF YOU'RE CONCERNED WITH SECURITY
Many of the points made above are relevant to security as well as privacy, and I will point some out below.
Jurisdiction, specifically Freedom Status is important to ensure an environment where laws are enforced and physical security that we take for granted in some parts of the world are applicable to the servers we communicate with. This also helps indicate that our service and the servers we connect to are located in places that respect internet freedom. This information can be found on the Comparison Chart and confirmed on Freedom House's website.
IPv6 should be specifically tunnelled or blocked outright the same as with the privacy scenario above.
First party DNS servers, as mentioned above, are ideal for preventing leaks of your data.
Both data and handshake encryption should be strong and available for the protocol you choose (which again, should not be PPTP). Other protocols are probably secure enough for daily use. Note that no protocol is bulletproof and exploits probably exist and are discoverable for each and every one of them. Such exploits are even more discoverable by governments with vast amounts of resources.
VI. IF YOU'RE CONCERNED WITH UN-GEOBLOCKING
If your only concern is escaping geoblocks, your needs are far less numerous. Being able to connect to an exit node in the country of your choice is really the only requirement. This doesn't mean necessarily however that you want to neglect the proper security measures discussed above, only that for things like Netflix, Hulu, certain TV online channels and sporting events, they are less important if un-geoblocking is ALL you're trying to do, almost anything will work, HOWEVER - if Privacy and Security are of any concern whatsoever, heed the advice above and know that un-geoblocking will virtually always come naturally when shopping for those needs (as long as required server availability is a feature of your chosen VPN)
VII. IF YOU'RE CONCERNED WITH BYPASSING RESTRICTIVE NETWORKS
Some parts of the world are resisting the ever-growing ability for their citizens to freely share information and as such have implemented roadblocks in their networking infrastructure to cripple such communication. For example, the "Great Firewall of China" has several layers of VPN detection and blocking built into it. Other networks belonging to large corporations or maybe even your Internet Service Provider may restrict you from using certain ports, limiting what you can use the internet for. However, there are ways to get around these restrictions by using the right VPN.
Features such as multihop, TCP port 443, Obfsproxy, SOCKS, SSL tunnels, SSH tunnels, and some other proprietary solutions (which may be built specifically by a given VPN company) can be useful in avoiding these restrictions. As for which are most effective, it's a matter of which restriction is being inflicted upon the user. Speak with your VPN service's support team to determine which might be effective in your case. The VPN Comparison Chart shows which services support which of these protocols and features in their configuration. Using TCP port 443 is usually a relatively common and user-friendly measure to bypass a restrictive/oppressive network.
VIII. CLEARING UP MISCONCEPTIONS
Kill switches - Many VPN services offer in their client a feature called a "Kill switch". The idea with a Kill Switch is that when the VPN loses its connection, it completely prevents the device from using internet, thus preventing accidental leaks of local connection data. Kill Switches are implemented very differently and will never be secure due to their design. The only 100% effective and secure configuration to accomplish prevention of leaks is a properly configured firewall. There are two main types of kill switches, those that shut down preconfigured apps in response to detecting the VPN connection has dropped and those that disable the network connection (or delete routes etc) if they detect a disconnection. In both of these cases the Kill Switch component is having to react to an event and very often leads to leaks - just a single packet is all it takes to compromise your privacy. The only way to be absolutely certain that packets cannot leak is for there to be an independent component (the Firewall) that blocks all packets unless destined for the VPN interface.
Warrant Canaries - Some VPN services maintain a document called a "Warrant Canary". This is a document put out and updated by them certifying that they have not been contacted by government agencies or coerced to compromise their user's data. In theory, if such an event occurred forcing them to compromise their principles, they would stop updating the canary, which in turn would indicate to users that their data is no longer private. Note that not all companies use effective warrant canaries. There is some debate as to the effectiveness of a warrant canary between experts to begin with - as force can be used by governments to coerce companies into maintaining them, thus nullifying their effectiveness. They are usually nothing more than marketing theater. If a company WAS operating a good canary, it would be almost impossible to tell. A warrant canary is almost a better feature to care about once you've found a trustworthy, capable service, rather than looking for a company that has one when shopping around.
I hope that this guide has been useful. I've been meaning to write one for some time, but as you can tell, it's pretty involved. Feel free to ask me if you have any questions - as usual you can contact me on reddit or using the contact info on my sheet.
Written by That One Privacy Guy
submitted by ThatOnePrivacyGuy to vpnreviews [link] [comments]

Security Now 621: Crypto Tension Should You Buy BITCOIN Now? [Or Not?] DEFCON 20: Defeating PPTP VPNs and WPA2 Enterprise with MS-CHAPv2 Security Now 287: BitCoin CryptoCurrency - YouTube Security Now 248: The Portable Dog Killer

Welcome to the Security DB ... PPTP VPN PPTP is the most common VPN protocol. Its supported by allmost all devices L2TP VPN ... The world’s most popular cryptocurrencies, such as Bitcoin, Ripple and Ethereum, can now get leveraged and shortened by traders. With crypto-CFDs, leverage investors can speculate on rising and falling crypto courses. Continue reading → Is HMA secure after the ... Information Security Stack Exchange is a question and answer site for information security professionals. It only takes a minute to sign up. Sign up to join this community. Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top Home ; Questions ; Tags ; Users ; Jobs; Unanswered ; How can I tell if a PPTP tunnel is secure? Ask Question Asked 7 years, 8 ... Join Now. How It Works; Download; Support; My Account; Join Now; Buy a VPN with Bitcoins. Private Internet Access recognizes the many threats faced when using the internet in modern society. Our focus is providing our customers with the highest levels of security and privacy possible, which is why Bitcoin is offered as a private payment solution. Bitcoin is the first decentralized digital form ... Step 2: Select PPTP for the VPN connection. Now tap the Add VPN button. The screen will display a list of various types of VPNs (Figure C). Tap the Add PPTP VPN button to continue. Figure C. Step 3: Configure the VPN connection. In this next window (Figure D), there are four configurations you can set up: Security Now! Weekly Internet Security Podcast: After catching up with a wild week of security events, we revisit a topic from the earliest episodes of the Security Now podcast: Virtual Private Networks. This coincides with the introduction of a new sponsor on the TWIT network, proXPN, a VPN provider that truly looks like the right choice.

[index] [6965] [22819] [44573] [4710] [22368] [8456] [37454] [18856] [7253] [10556]

Security Now 621: Crypto Tension

#Bitcoin bearish fractal. Will it play out? Here’s why smart money is STILL BULLISH!!! 🔶 Join ByBit Exchange http://bybit.kdub.co **($90 BONUS)** 📺 ByBit ... Hosts:Steve Gibson with Tom Merritt Firefox adds "Do Not Track", Verizon alters web content, McAfee on Mobile Malware, BitCoin, and more. Download or subscri... Security Now 287: BitCoin CryptoCurrency - Duration: 1:27:49. TWiT Tech Podcast Network Recommended for you. 1:27:49 "The truth about mobile phone and wireless radiation" ... ⚔️ TAKE YOUR SECURITY SERIOUSLY - GET A HARDWARE WALLET LEDGER NANO https: ... Buy Bitcoin Now? Tomorrow? When is the Best Time? [explained] - Duration: 11:38. Lark Davis 21,566 views. 11:38 ... We start off this week with a fabulous picture of the week and for the first time in this podcast's 12-year history, our first quote of the week. Then we'll be discussing the chilling effects of ...

#