- cross-posted to:
- technology@lemmy.world
- privacidadmx@lemmy.ml
- cross-posted to:
- technology@lemmy.world
- privacidadmx@lemmy.ml
After making a post about comparing VPN providers, I received a lot of requested feedback. I’ve implemented most of the ideas I received.
Providers
- AirVPN
- IVPN
- Mozilla VPN
- Mullvad VPN
- NordVPN
- NymVPN
- Private Internet Access (abbreviated PIA)
- Proton VPN
- Surfshark VPN
- Tor (technically not a VPN)
- Windscribe
Notes
- I’m human. I make mistakes. I made multiple mistakes in my last post, and there may be some here. I’ve tried my best.
- Pricing is sometimes weird. For example, a 1 year plan for Private Internet Access is 37.19€ first year and then auto-renews annually at 46.73€. By the way, they misspelled “annually”. AirVPN has a 3 day pricing plan. For the instances when pricing is weird, I did what I felt was best on a case-by-case basis.
- Tor is not a VPN, but there are multiple apps that allow you to use it like a VPN. They’ve released an official Tor VPN app for Android, and there is a verified Flatpak called Carburetor which you can use to use Tor like a VPN on secureblue (Linux). It’s not unreasonable to add this to the list.
- Some projects use different licenses for different platforms. For example, NordVPN has an open source Linux client. However, to call NordVPN open source would be like calling a meat sandwich vegan because the bread is vegan.
- The age of a VPN isn’t a good indicator of how secure it is. There could be a trustworthy VPN that’s been around for 10 years but uses insecure, outdated code, and a new VPN that’s been around for 10 days but uses up-to-date, modern code.
- Some VPNs, like Surfshark VPN, operate in multiple countries. Legality may vary.
- All of the VPNs claim a “no log” policy, but there’s some I trust more than others to actually uphold that.
- Tor is special in the port forwarding category, because it depends on what you’re using port forwarding for. In some cases, Tor doesn’t need port forwarding.
- Tor technically doesn’t have a WireGuard profile, but you could (probably?) create one.
Takeaways
- If you don’t mind the speed cost, Tor is a really good option to protect your IP address.
- If you’re on a budget, NymVPN, Private Internet Access, and Surfshark VPN are generally the cheapest. If you’re paying month-by-month, Mullvad VPN still can’t be beat.
- If you want VPNs that go out of their way to collect as little information as possible, IVPN, Mullvad VPN, and NymVPN don’t require any personal information to use. And Tor, of course.
ODS file: https://files.catbox.moe/cly0o6.ods
You must log in or # to comment.
PIA isnt independent, its by a Israeli spyware company, that owns multiple VPN Review sites and VPN services . Remove it from the list.
No, don’t rrmove it from the list. Make a note acknowledging the issue so others see it
Whoa for real??
Yes. The owner/developer is Kape technologies, an Israeli spyware/adware company.
For maximum privacy, I recommend VPN providers with a jurisdiction outside of Five Eyes and other international intelligence-sharing agreements – that is, one headquartered outside of the US, UK, Australia, New Zealand and Canada. So it initially seems like a positive sign that, while CyberGhost has offices in Germany, it’s headquartered in Romania. German entrepreneur Robert Knapp says he founded the $114,000 startup on the back of low-wage Bucharest labor before flipping it for $10.5 million in 2017.
The issue is who he sold it to – the notorious creator of some pernicious data-huffing ad-ware, Crossrider. The UK-based company was cofounded by an ex-Israeli surveillance agent and a billionaire previously convicted of insider trading who was later named in the Panama Papers. It produced software which previously allowed third-party developers to hijack users’ browsers via malware injection, redirect traffic to advertisers and slurp up private data.
Crossrider was so successful it ultimately drew the gaze of Google and UC Berkeley, which identified the company in a damning 2015 study. (You can read the Web Archive version of that document.)
This practice, commonly called traffic manipulation, is condemned web-wide. And the only difference between it and one of the oldest forms of cyberattack, called man-in-the-middle (MitM), is that you clicked “agree” on the terms and conditions.
Whether or not PIA or ExpressVPN or the other providers owned by Kape fulfill this data scraping and ad-serving pipeline in my mind is irrelevant. Choosing to do business with them rewards bad actors when there are other VPN sellers who don’t have such a tainted lineage.
I read from somewhere that mullvad is owned by two israeli guys. Dont remember the names, but I was told, that it’s written on a frontpage or smth.
That’s disappointing if true, though not as bad as being owned by Kape Technologies. It’s entirely possible there are two Israeli guys that care about privacy, and on the other hand it’s possible that Mullvad was created specifically for intelligence purposes.
Why isn’t F-Droid included in the Availability section?
Could be wrong but I think it’s due to the security vulnerabilities present, its generally better to just use Google play store with an anonymous account.
PIA does not have WireGuard configs available. To get those, you have to use third-party tools to capture and generate the necessary info. Otherwise, you have to use their client, or else no WireGuard.
Users have been asking for years (since 2018, I think), and they’ve never provided them.
PIA was also purchased by the Israeli company, Kape Technologies, which is tied to Unit 8200. If your concern is privacy, I would recommend do against it.
The very first CEO of Crossrider, Koby Menachemi, happened to be once a part of Unit 8200 which is an Israeli Intelligence Unit in their military and has also been dubbed as “Israel’s NSA “.
Is this really much of an issue? They provide documentation and a repository of scripts for working with WG for instance. And I’ve been using this docker container for many years without issue.
It’s an issue for accuracy in the comparison images that were posted.
I’ve been using one of these since forever and it just works. Should I look at the others?
I don’t want this to be a “I use x and its the best” type comment so I won’t say which one.
I only use wireguard and wouldn’t touch openvpn just because it seems so complex in comparisson.
The price is fine, the speed is fine, wireguard makes it ubiquitous, never had a problem with reliability.
If you feel one of the options offers something better than the one you currently use, you may consider switching. That’s the purpose of comparisons, after all!
that’s kind of my point though. I’ve never considered switching because what I’ve been using is fine.
I just checked how much I was paying for my Nord subscription and now I’m convinced that Proton Unlimited (discounted) is a great value. Gonna switch next year when my subscription ends. Thanks for putting this together!
One thing you may want to update - listing Tor’s logging policy as “No Logs” is a bit misleading, that’s really more of a voluntary recommendation for individual Tor exit relay operators.
Tor exit relay operators absolutely can store logs of outgoing connections if they choose to. And technically they could even snoop on non-secure traffic if they choose, there’s a reason you should be using HTTPS if you’re going to use Tor for clearnet browsing.
Of course most Tor exit relay operators aren’t going to do these things but it’s all voluntary, seems incorrect to claim all exit relay operators follow no log principles.
EDIT: Also AFAIK you can’t forward a port from the clearnet through a Tor exit relay’s public IP address back to your own Tor client, Tor doesn’t do port forwarding like that. It’s definitely not needed to run Tor Browser (and Tor VPN I think) but that isn’t needed for any of the other VPNs either, a bit confusing how you listed that one.
Some people will even tell you that all Tor exit nodes are compromised
deleted by creator
Also of note, some providers have data caps. I haven’t looked at all providers, merely Nymvpn as I was interested. Turns out they have a 2TB/month cap. Might not be an issue for some, but might be for others.
Availability: Direct download via Repo or developer web page is missing. Google shouldn’t be a plus. The provided explanation in the last thread was invalid
Upload to https://catbox.moe/
Thanks! I’ve uploaded it!
Airvpn doesn’t require any personal information. I mean… I guess it asked for a name or whatever, but it doesn’t verify any of it. I certainly didn’t give it anything legitimate, and I paid with mixed crypto so it certainly has as little personal information on me as would be possible with a vpn.
What gives ivpn, mullvad and nym the advantage for the personal info section?
What gives ivpn, mullvad and nym the advantage for the personal info section?
Originally I was referring to the signup process (since they generate a random account for you) but I edited it to try to add some clarity.
I can only speak to Mullvad, but if you want to, you can visit their onion site on tor, and pay using Monero while providing zero information. They give you a 16 digit number. And that’s it. That’s the extent of your interaction with them. No name, no email address, no credit card information, nothing.
Most of that is optional, of course, but the option is always there.
Proton is essentially the best free VPN huh.
If you care about privacy no.
If you just need to unlock regional content then it should be good.
Keyword being “free”.
Could you suggest a better VPN that’s free?
There probably aren’t any, because when a product like that is free, that means you are the product nearly 100% of the time.
I agree.
Though, it’s not that deep. I was saying how it’s the best amongst the free ones. I’m not saying it’s the best in general.
And I’m saying that they’re probably all shit.
This is the Privacy community though and the keyword should be “privacy”
deleted by creator
LMAO
First of all Mullvad isn’t German.
Second, they have already proved they respect customers privacy.
Get your facts straight and don’t cry if someone criticizes your favorite corporation.
If you make 2.1 you could add some info on the port forwarding because there are massive differences on it between providers. Like PIA gives you a single random port that changes each time you reconnect, while AirVPN gives you 5 static ports you can configure yourself.
I can vouch for cryptostorm. Offers port forwarding and good speed. Haven’t been with them long but they seem legit.
I’d love to see them audited.
Back when they were in the US, they closed shop and moved to Iceland to avoid turning over data for a subpoena.
That’s both admirable and an admission that they had longs to turn over.
But that they generate accounts on the fly like the best? Is promising in context.
Very much appreciate this work, but I am again gonna ask if there is some way to include I2P, perhaps in its own thing, perhaps segregated by outproxies.
Yep, its super slow compared to basically all VPNs, and is a bit of struggle to set up compared to most VPNs.
But, it is also entirely free, and you can use I2P with outproxies to access the wider internet outside of I2P’s… I2P-net… allows port forwarding, works very well for a slow but steady churn of uh, filesharing, etc.
I would also argue I2P is a better way that TOR to protect your IP and your actual net traffic, due to TOR nodes being known to be run as honeypots …
Its possible an I2P outproxy could also be operated as a honeypot, but as I understand it, … so long as you are not unlucky enough to just directly route through an outproxy without first bouncing through other I2P users/hosts… you’re basically good.
And even in that scenario, its would be very difficult to reverse engineer all the packets and figure out which parts were going to who, as well as the actual contents of those packets.
Agreed, if OP is going to add Tor in a “VPN” list then may as well add I2P. I2P + outproxies are pretty much the same thing as Tor + Tor Exit Relay. It’s not the best way to utilize I2P but the option does exist.
Then again neither Tor nor I2P should be in a “VPN” list, the whole thing seems more of a VPN provider topic.
