| Best VPN Services | |
| #1 | ExpressVPN.com |
| #2 | Perfect-Privacy.com |
| #3 | NordVPN.com |
| #4 | VPNArea.com |
| #5 | VPN.ac |
| #6 | VyprVPN.com |
| #7 | Trust.Zone |
What if many of the “best VPN” services that promise to give you security and privacy are actually exposing your identity to third parties?
In my search for the best VPN for 2019, I’ve reviewed, researched, and tested all of the popular VPN providers – and the results were alarming. Many VPNs recommended on large, trusted websites suffer from data leaks, broken features, and critical flaws. These problems not only render the VPN useless, but they also expose your identity, location, and data to third parties.
Here’s a recent example of a popular VPN I tested, which was found to have IPv4 leaks:
These data leaks will undermine your privacy and affect many popular VPN services. This is why our rankings are based on test results – not marketing hype.
What is the best VPN for 2019?
While there is no “one-size-fits-all” VPN service that will be perfect for everyone, the VPN that performed the best in all categories of testing is ExpressVPN. Following behind in second place is Perfect Privacy, with NordVPN coming in third place.
That being said, any of the recommended VPNs in this report may be the best for you – it all depends on your own unique needs.
Ranking criteria – The goal of this best VPN report is to filter through the noise and identify the most secure VPNs that passed all tests and meet the following criteria:
- Located in a good privacy jurisdiction (outside of 5/9/14 Eyes countries) to keep your data safe
- Passed all tests with no leaks found whatsoever (no IP address leaks or DNS leaks)
- Good performance throughout the server network (speed and reliability)
- High-quality VPN apps with all features working correctly
- Supports the OpenVPN protocol and strong encryption standards
- Offers a money-back guarantee (between 7 and 30 days)
- Trustworthy and well-established VPN provider with a good track record
Here are the best VPN services for 2019:
1. ExpressVPN – Best all-around VPN service for 2019
| Rank | #1 |
| Based in | British Virgin Islands |
| Logs | No logs (audited) |
| Price | $6.67/mo. |
| Support | 24/7 Live chat |
| Refund | 30 days |
| Website | ExpressVPN.com |
In an overcrowded VPN market, ExpressVPN continues to stand out from the rest and remains the top recommendation on Restore Privacy. While many VPNs suffer from bugs and random issues, ExpressVPN consistently works with excellent performance and the most secure VPN apps.
Based on my own testing and research, here are some highlights from the ExpressVPN review:
- Verified no logs: ExpressVPN is one of the few verified no logs VPNs that has undergone a third-party audit to validate their no-logs policy and privacy protection measures.
- Audited: In January 2019, ExpressVPN passed a third-party audit performed by Cure53, a reputable cybersecurity firm based in Berlin.
- Secure: ExpressVPN uses the highest encryption standards: an AES 256-bit cipher with a 4096-bit RSA key and SHA-512 HMAC authentication. ExpressVPN apps also incorporate a “Network Lock” kill switch feature (no leaks were identified in testing).
- Secure servers: Since April 2019, ExpressVPN runs all servers in RAM-disk mode, rather than on hard drives. This makes it impossible to physically store any logs or data on the servers and also improves security (see the TrustedServer feature).
- Apps for browsers: Browser extensions are available for Chrome, Firefox, and Safari that are open source and incorporate HTTPS Everywhere from EFF.
- Apps for all devices: User-friendly apps are available for all major devices and operating systems, including routers, Linux, Windows, Mac OS, Android, iOS, smart TVs and more.
- Split tunneling: Split tunneling is available with the Windows, Mac OS, and router apps. (This is the ability to route certain apps or website traffic outside of the encrypted VPN tunnel.)
- VPN router: If you want to use a VPN on a router, ExpressVPN offers a dedicated router app. The app makes using a VPN on a router very easy, while also giving you the ability to easily switch between server locations.
- Works with Netflix: ExpressVPN is the best VPN for Netflix, with 24/7 access to many different regions, as well as a high-performance network for HD streaming.
- Torrenting: It is also a great VPN for torrenting, with no restrictions on torrenting traffic or bandwidth.
- Safe jurisdiction: ExpressVPN is based in the British Virgin Islands, an excellent privacy jurisdiction outside of 5/9/14 eyes countries.
- Responsive support: ExpressVPN offers 24/7 live chat support directly through the website, in addition to a huge selection of setup videos and manuals.
- Fastest VPN tested: In terms of speeds, ExpressVPN is the best VPN I’ve used. It consistently gives me around 150 Mbps with nearby servers (on a 160 Mbps connection), as well as great speeds with long-distance connections, such as streaming Netflix from US servers. (All speed tests are posted in the review.)
Main drawbacks:
- More expensive than some competitors (but see the 49% discount coupon)
Refund policy: All subscription plans come with a full 30 day money-back guarantee, no questions asked.
https://www.expressvpn.com/
ExpressVPN 3 months free coupon available here >>
(See the ExpressVPN review for more test results and analysis.)
2. Perfect Privacy – Premium VPN with advanced security features
| Rank | #2 |
| Based in | Switzerland |
| Logs | No logs |
| Price | $8.95/mo. |
| Support | Email & forum |
| Refund | 7 days |
| Website | Perfect-Privacy.com |
If you are looking to attain the highest levels of privacy and security, Perfect Privacy may be a good choice. Although it may be overkill for some users, Perfect Privacy offers a number of advanced features you won’t find elsewhere.
Here are the main highlights from the Perfect Privacy review:
- Multi-hop: Multi-hop VPN cascades are supported on the Windows and Mac OS apps. (See my multi-hop VPN article for details.) The NeuroRouting feature (supported on all devices) dynamically routes traffic across multiple hops in the VPN network (similar to Tor).
- Unlimited: With Perfect Privacy, you get an unlimited number of connections and unlimited bandwidth (no restrictions).
- Ad/tracking blocker: The TrackStop feature blocks thousands of advertisement, malware, tracking, and phishing domains at the VPN server level.
- Safe jurisdiction: Perfect Privacy is based in Switzerland, a good privacy jurisdiction
- Secure servers: The entire server network is composed of dedicated bare-metal servers that are running in RAM-disk mode (no hard drives). (See the real-time server bandwidth.)
- IPv6 support: Perfect Privacy is one of the few VPNs offering full IPv6 support (you get both an IPv4 and IPv6 address)
- Secure apps: Very secure apps with customizable DNS and IP leak protection (no leaks found in testing)
- No logs: Perfect Privacy is also a verified no logs VPN service (servers were seized in Rotterdam, no customer data affected).
Main drawbacks:
- More expensive at $8.95 per month with the two-year plan
- Does not work well with Netflix and other streaming services (blocked)
- Less user-friendly than other options and limited apps for mobile devices
Refund policy: 7 day refund window with all subscriptions.
https://www.perfect-privacy.com/
(See the Perfect Privacy review for more test results and analysis.)
3. NordVPN – Best budget VPN service with great features
| Rank | #3 |
| Based in | Panama |
| Logs | No logs (audited) |
| Price | $3.49/mo. |
| Support | 24/7 Live chat |
| Refund | 30 days |
| Website | NordVPN.com |
NordVPN is another VPN that has climbed in the rankings. In the past few years, I’ve seen NordVPN make major improvements in their service, such as improving the kill switch, adding new features, and greatly expanding their server network to improve performance. NordVPN now holds the #3 spot and it continues to perform well.
Here are some highlights from the NordVPN review:
- Safe jurisdiction: NordVPN is based in Panama, which is an excellent jurisdiction for privacy.
- Huge server network: The server network is very large, with 5,200+ servers in 60 countries
- Apps for all devices: NordVPN offers a large selection of user-friendly apps for all devices and operating systems.
- Specialty servers: There are specialty servers, including double-VPN servers (traffic is encrypted over two locations), Tor-over-VPN servers, obfuscated servers (stealth VPN) and more.
- Ad/tracking blocker: The CyberSec ad blocking feature blocks tracking, malware, and advertising domains at the VPN server level.
- Dedicated IPs: NordVPN offers dedicated IP addresses throughout the world, which can be added on to your subscription.
- No logs: NordVPN is a verified no logs VPN provider, having passed a third-party audit of their logging policies in November 2018, performed by PricewaterhouseCoopers AG, Zurich, Switzerland.
- Works with Netflix: NordVPN provides 24/7 access to Netflix regions all over the world.
- Great value: Competitive price at only $3.49 per month (with the three-year plan)
- Responsive support: You get 24/7 live chat support directly through the website, as well as many support manuals.
- Very secure: Secure VPN apps with no leaks or privacy issues identified; strong encryption standards.
- Reliable: Although NordVPN is not the fastest VPN I’ve tested, the speeds and connections were reliable.
Main drawbacks:
- NordVPN has decent speeds, but there is some variability with performance in the server network (not the fastest VPN, but still above average)
- The 70% discount is only available for three-year plans
Refund policy: All subscription plans come with a full 30 day money-back guarantee.
https://nordvpn.com/
NordVPN 70% off discount coupon available here >>
(See the NordVPN review for more test results and analysis.)
4. VPNArea – Good all-around VPN for privacy, security
| Rank | #4 |
| Based in | Bulgaria |
| Logs | No logs |
| Price | $2.99/mo. |
| Support | 24/7 Live chat |
| Refund | 30 days |
| Website | VPNArea.com |
VPNArea is a low-profile VPN service that doesn’t get too much attention, but it does well in the areas of privacy, security, and streaming. With the new discount pricing, it also offers a good value for your money.
Here are some highlights from the VPNArea review:
- Secure: VPNArea offers strong security features with good leak protection settings (no leaks identified in testing)
- Ad blocking: Ad-blocking DNS servers are available in the VPNArea apps.
- Dedicated IPs: If you need a VPN with a dedicated IP address, VPNArea is a great option with different locations around the world.
- Good support: VPNArea offers 24/7 live chat support, email support, and many installation manuals.
- Account sharing: Although many VPNs prohibit account sharing, VPNArea allows account sharing, with up to six simultaneous connections per subscription.
- No logs: VPNArea is a no logs VPN service (but not yet audited or verified).
- Netflix support: Dedicated server hubs for streaming Netflix, BBC iPlayer, and SkyGo
- Safe jurisdiction: VPNArea is based in Bulgaria, a privacy-friendly jurisdiction not part of 5/9/14 eyes.
- Competitive pricing: VPNArea has lowered prices with a three-year plan for $2.99 per month.
Main drawbacks:
- Limited number of Netflix servers available
- Desktop apps feel a bit clunky, but still work well
Refund policy: There is a 30 day refund policy with one year and three year plans, and a 14 day refund window for one month plans.
https://vpnarea.com/
(See the VPNArea review for more test results and analysis.)
5. VPN.ac – Security-focused VPN service
| Rank | #5 |
| Based in | Romania |
| Logs | Connection logs |
| Price | $3.75/mo. |
| Support | |
| Refund | 7 days |
| Website | VPN.ac |
VPN.ac is a security-focused VPN that offers excellent performance and features, for a competitive price. It is based in Romania and was started by a team of network security professionals. VPN.ac did very well in testing. Here are a few highlights from the VPN.ac review:
- Secure: Very secure applications and infrastructure, with support for numerous VPN protocols and encryption options, including WireGuard.
- Secure servers: VPN.ac’s entire network is composed of dedicated bare-metal servers
- Double-hop VPN: VPN.ac offers 22 different double-VPN server configurations.
- Good apps: You get user-friendly VPN apps with support for all major operating systems
- Browser extensions: Secure proxy browser extensions for Firefox, Chrome, and Opera browsers
- Obfuscation: Great obfuscation features to hide VPN traffic and get around VPN blocking (a good VPN for China)
- Safe jurisdiction: VPN.ac is based in Romania, a good privacy jurisdiction that’s not a member of the 5/9/14 eyes alliances.
- Competitive prices: $3.75 per month with the two-year plan. You can also get a discounted one-week trial (see the FAQ page).
Main drawbacks:
- The main drawback with VPN.ac is the connection logs. Basic connection logs (no activity data) are kept for 24 hours for network security and optimization (erased automatically every day). This is explained more on the VPN.ac website.
Refund policy: All plans come with a 7 day refund window.
https://vpn.ac/
(See the VPN.ac review for more test results and analysis.)
6. VyprVPN – A verified no-logs VPN based in Switzerland
| Rank | #6 |
| Based in | Switzerland |
| Logs | No logs (audited) |
| Price | $3.75/mo. |
| Support | 24/7 live chat |
| Refund | 30 days |
| Website | VyprVPN.com |
VyprVPN is an interesting VPN service that has evolved over the years. Although it previously maintained connection logs, VyprVPN went through a full third-party audit in 2018 to transition to a no logs VPN service. It is also one of the few VPNs that own all the servers in their network.
Although VyprVPN is technically a Switzerland-based VPN service (where the business is incorporated), it also has operations in Austin, Texas. While this may be an issue for some, the no logs policy and third party audit are certainly reassuring. Plus, VyprVPN is one of the oldest VPN providers in the industry with a good track record. Other highlights from the review:
- Decent speeds throughout the server network
- Works with Netflix
- User-friendly applications for all major devices and operating systems
- Live chat support
Main drawbacks:
- The obfuscation feature (Chameleon protocol) is only available with premium accounts
- No cryptocurrency payment options
https://www.vyprvpn.com
(See also my VyprVPN review for more test results.)
7. Trust.Zone – A simple, privacy-focused VPN with great prices
| Rank | #7 |
| Based in | Seychelles |
| Logs | Bandwidth |
| Price | $2.88/mo. |
| Support | |
| Refund | 10 days |
| Website | Trust.Zone |
Get a 3 Day Free Trial
(No payment info required)
Trust.Zone is a smaller, privacy-focused VPN service based in Seychelles (a good offshore jurisdiction for privacy). It offers basic, user-friendly VPN apps for Windows and Android, while also supporting other operating systems with third-party apps (such as Tunnelblick).
Despite being a smaller VPN service, Trust.Zone has a lot to offer:
- Great speeds (around 150 Mbps with nearby servers)
- Good leak protection settings with VPN clients
- Works with Netflix
- Dedicated IP addresses available
- Free trial with no payment info required
Trust.Zone also boasts a good selection of servers around the world, despite being a smaller VPN. Prices are also quite reasonable at only $2.88/month with the two-year plan. When you pay with cryptocurrencies, you’ll get an automatic 10% discount.
There are two main drawbacks I found in my Trust.Zone VPN review:
- Limited on features compared to other leading VPNs
- No custom VPN clients for Mac OS and iOS (but can be used through third-party apps)
If you want to give Trust.Zone a test run, you can do so completely free for 3 GB of bandwidth or 3 days, whichever comes first, with the free trial. And if you want to upgrade to a paid plan, use this coupon code for an additional 10% off: RESTOREPRIVACY10
https://trust.zone/
(See also my Trust.Zone review for more details.)
15 Other VPN services (not necessarily recommended)
I regularly receive emails and comments along the lines of, “What about [fill in the blank] VPN service?”
There are many VPNs on the market, and unfortunately, there’s not enough time in the day to review them all. Below is a brief overview of some of the other VPNs that I am regularly asked about by Restore Privacy readers.
Some of these VPNs may be worth considering, but others should probably be avoided.
1. AirVPN – A VPN based in Italy
AirVPN is a well-regarded VPN provider with a good track record. Although it is based in Italy (14 Eyes), AirVPN is a “no logs” service with a strong commitment to privacy. There are a few drawbacks I found when testing the service:
- Average speeds
- Poor customer support
- VPN apps are not very user-friendly (but still work well)
2. CyberGhost VPN – Owned by a company that makes malware
CyberGhost is a VPN with an interesting history. It started out in Romania with a development team from Germany. However, in 2017, CyberGhost was sold to an Israeli company, Crossrider, for about $10 million. Now here’s where things get interesting:
- Crossrider is a company that is well-known for producing malware (a data collection tool).
- Crossrider is also involved in ad injection. Symantic issued an alert about “high” risk Crossrider files that “collect information about the user, such as IP address, operating system, and Web browser information.”
- Ad injection has also been used for state surveillance data collection efforts.
- Due to the various “past activities” of Crossrider, the management decided to change the business name to “Kape” in 2018.
https://www.cyberghostvpn.com/
3. HideMyAss – A UK VPN with a history of providing logs to authorities
The UK VPN service “HideMyAss” – or HMA – also has a troubling history when it comes to logs. According to Invisibler, HideMyAss appears to have logged user data and provided this to authorities, who used this information to arrest and jail a hacker. This case is sometimes called the “LulzSec Fiasco” when the FBI used logs from HMA to identify someone behind a Sony Pictures hack.
I’ve also found that many HideMyAss servers are not where they claim to be (the use of “virtual server locations”). HideMyAss is now owned by Avast.
https://www.hidemyass.com/
4. Hotspot Shield VPN – A free VPN with a troubling history
Hotspot Shield was named in a research paper for “actively injecting JavaScript codes using iframes for advertising and tracking purposes” with their Android VPN app. Furthermore, analysis of Hotspot Shield VPN’s code revealed that they “actively use more than 5 different third-party tracking libraries.” Hotspot Shield was also found to be redirecting user traffic to e-commerce domains, such as alibaba.com and eBay.com through partner networks.
In 2017, Hotspot Shield was officially named in an FTC complaint for alleged traffic interception. In 2018, Hotspot Shield was again in the news for a security flaw that revealed user locations. The company behind Hotspot Shield is AnchorFree, which runs other free VPN services as well.
https://www.hotspotshield.com/
5. IPVanish – A fast VPN in the US, but with a troubled past
IPVanish is another interesting case of a “no logs” VPN service that provided logs to authorities. As I covered in the IPVanish logs article, IPVanish admitted to providing logs to US authorities who were investigating alleged crimes. IPVanish explained to Restore Privacy, however, that this took place under a previous management structure that is no longer in control of the company.
Speaking of ownership, in April 2019, PCMag claimed that its parent company, Ziff Davis, which is owned by j2 Global, now owns Encrypt.me, IPVanish, and StrongVPN.
6. Ivacy – A white label version of PureVPN?
Ivacy is a VPN service officially based in Singapore. However, as others have noted, there are many connections between Ivacy and PureVPN, which also ties into Gaditek, a company that appears to be running the show out of Pakistan.
For many years there have been rumors (and lots of evidence) connecting Ivacy to PureVPN. Finally, in March 2019, Ivacy admitted that PureVPN has “minor stakes” in Ivacy. (We’ll examine PureVPN more below.) To understand why this is concerning, just look into PureVPN.
[https://www.ivacy.com/]
7. Mullvad – A VPN in Sweden
Mullvad appears to be a decent VPN service out of Sweden, with a good reputation in the industry. It has good privacy and security features and also claims to be a no logs VPN service, with some minor caveats.
There are a few drawbacks with Sweden, however, with the 14 Eyes jurisdiction and troubling data retention policies.
https://mullvad.net/
8. Opera VPN – A proxy browser extension owned by a Chinese Consortium
Although Opera may have started out as a reputable browser from a team in Norway, it was sold to a giant Chinese consortium in 2016 for $600 million. Since then, Opera has been claiming to have a “free VPN” available through the browser. Problem is, this is technically not true: the “free VPN” is actually just a proxy server, which many people consider to be insecure.
As I covered in my discussion of free VPN services, Opera’s privacy policy explicitly states how they are collecting and sharing user data through their various products, including the browser and “free VPN”. As the saying goes, when something is free, you are the product. (Fortunately, there are many other secure browser alternatives to Opera.)
https://www.opera.com/computer/features/free-vpn
9. Private Internet Access – A verified “no logs” VPN based in the US, good performance
Private Internet Access is a decent VPN provider that I’ve found to have good speeds and security in recent testing. The big drawback with PIA, however, is that it’s based in the United States – a bad privacy jurisdiction. That being said, it is also a verified no logs VPN provider, with two separate legal cases confirming that PIA does not keep logs.
https://www.privateinternetaccess.com/
10. ProtonVPN – A VPN from ProtonMail
ProtonVPN is an interesting project from the people behind ProtonMail. Overall, it’s not a bad VPN, although it does have some shortcomings that I found in the ProtonVPN review: slow speeds, higher price, invasive signup process (with phone verification!), and limited support for cryptocurrency payments. While ProtonVPN regularly touts its Swiss credentials, ProtonMail itself has some interesting connections to the United States, as discussed in my review of ProtonVPN.
https://protonvpn.com/
11. PureVPN – A leaky and slow VPN, with a troubling history
In my review of PureVPN, I found lots of troubling issues, including DNS leaks, connection problems, faulty features, and slow speeds. PureVPN is also no stranger to controversy. As I explained in the PureVPN logs article, they were found to be logging customer data and providing it to US authorities, all while claiming to a be “zero log” VPN. There are also reports of PureVPN running various VPN review websites.
https://www.purevpn.com/
12. Surfshark – A newer VPN service based in the British Virgin Islands
Surfshark is a newer VPN service that seems to be getting lots of attention on various sites. It is a very cheap VPN service and is based in the British Virgin Islands, which is a good jurisdiction for privacy.
There have been many VPNs flooding onto the market in the past few years and I’m hesitant to recommend providers without an established track record and good history. Nonetheless, Surfshark does offer some interesting features, which I intend to test out more for an upcoming review.
13. TorGuard – A VPN in the US
TorGuard is a decent VPN service with good speeds and no logs, although it is based in the United States. If you need a VPN for torrenting, it might not be a bad option. TorGuard also offers dedicated IP addresses and is supposed to work with Netflix. The main drawback, of course, is the US jurisdiction.
Interestingly, in 2013, TorGuard underwent a corporate restructuring. They moved the parent company to Nevis, West Indies, effectively getting out of the US jurisdiction. However, today their Terms of Service states they again operate under US jurisdiction in the state of Florida.
14. TunnelBear – A limited free VPN, based in Canada, owned by McAfee
TunnelBear is basically a free trial VPN that gives you a 500 MB trial to test the service for free. Although TunnelBear is based in Canada (Five Eyes), it is now owned by McAfee, a large cybersecurity firm in the United States. This is yet another example of small VPNs getting purchased by large American companies. When I tested out TunnelBear for a review, I found it to have mediocre performance, and it is also pretty limited on features.
https://www.tunnelbear.com/
15. VPN Unlimited – A US-based VPN with some issues
VPN Unlimited is another US-based VPN service with some issues. While it has improved over the past few years, my latest tests identified IPv6 leaks with VPN Unlimited’s Mac OS app. Reading through the privacy policy, I also discovered the VPN Unlimited is collecting quite a bit of data. VPN Unlimited’s apps automatically log IP addresses, browser type, device type, time zone, and more. I also found the speeds to be fairly slow.
https://www.vpnunlimitedapp.com/
The importance of trust when choosing a VPN
When choosing the best VPN for your needs, one of the biggest factors to consider is trust. Trust is difficult to quantify or measure, but it’s very important. After all, a VPN can offer excellent privacy and security, but it could also be a data collection tool for rogue third parties (as is often the case with free VPN services).
Are US VPNs trustworthy?
VPN services based in the United States are generally not recommended for three main reasons:
- The United States has extensive (and powerful) surveillance programs allowing authorities to tap internet infrastructure for bulk data collection. These laws give the NSA tremendous power to snoop and record everything.
- The US government has a long history of working with (and forcing) private tech companies to facilitate mass surveillance and bulk data collection efforts – see the PRISM program.
- US VPN services could be served National Security Letters or other lawful data collection demands, while also being prohibited from disclosing anything to their customers through gag orders.
These laws and capabilities essentially give the US government the authority to compel a legitimate privacy-focused company to become a data collection tool for state agencies. If a VPN were to be compromised, it would likely happen behind closed doors, without a word (or warning) to the users. This was the case with Lavabit, and rather than comply with the data requests, the founder was basically forced to shut down the business.
The same circumstances unfolded with Riseup, a Seattle-based service that offers a VPN and secure email:
After exhausting our legal options, Riseup recently chose to comply with two sealed warrants from the FBI, rather than facing contempt of court (which would have resulted in jail time for Riseup birds and/or termination of the Riseup organization).
There was a “gag order” that prevented us from disclosing even the existence of these warrants until now. This was also the reason why we could not update our “Canary” [warrant canary that warns users about these events].
Ignoring jurisdiction (where the service is based) when selecting privacy tools could put your privacy and security at risk.
These same practices are also unfolding in other countries, particularly the UK and Australia. There are also surveillance alliances between various governments for bulk data collection and sharing (see the 5/9/14 Eyes alliances).
What is the best VPN for privacy and security?
Any of the five VPNs recommended would be good choices for privacy and security because they have all been thoroughly tested and found to be secure (no leaks), while also offering strong encryption. Furthermore, the recommended VPNs in this guide are all located in safe privacy jurisdictions.
With that being said, there is one VPN service that stands out in terms of advanced privacy and security features, and that is Perfect Privacy.
Here are a few ways Perfect Privacy stands out from the crowd:
- Multi-hop cascades + NeuroRouting – Perfect Privacy gives you the ability to create multi-hop VPN cascades across up to four different servers in the network. This protects you against the possibility of a rogue data center logging traffic, targeted monitoring, and other threat scenarios. Additionally, the server-side NeuroRouting feature dynamically routes all traffic through multiple hops in the server network, and can be used with any device.
- TrackStop – TrackStop is another server-side feature that works with any device (no apps needed). It blocks 30,000+ tracking and advertisement domains, 45,000+ malware domains, 20,000+ phishing domains.
- Powerful leak protection – Perfect Privacy’s Windows and Mac OS apps offer three different levels for the kill switch, which I tested for the Perfect Privacy review.
While perfect privacy does very well with security and advanced privacy features, it’s not the best all-around VPN because it is rather expensive, somewhat complex, and does not work well with streaming sites, such as Netflix.
What is the best VPN for streaming?
Many people are turning to VPNs to access streaming content that is blocked or geo-restricted to certain areas. The best VPN for streaming is currently ExpressVPN. (See the ExpressVPN Netflix page for details.)
ExpressVPN works with a wide range of streaming services, including Netflix, BBC iPlayer, Hulu, and more. It has excellent performance and offers the best lineup of apps for all types of devices – from Android TV boxes to tablets, computers, routers, and phones. With ExpressVPN’s 24/7 live chat support, they can help you get everything setup correctly.
Below I’m streaming American Netflix from my location in Europe while connected to an ExpressVPN server in the United States:
In addition to Netflix, ExpressVPN is also an excellent VPN for Kodi streaming, wherever you are located.
Aside from unblocking content around the world, VPNs are also crucial for protecting yourself against ISP snooping and potential copyright issues when streaming from third party sites or when torrenting. (See also the best VPN for torrenting guide.)
How to optimize VPN speed and performance
How can you achieve the best VPN speed and performance?
If you are using a good VPN service, you shouldn’t notice a huge reduction in speed. Of course, the extra work that goes into encrypting your traffic across VPN servers will affect speed, but usually it’s not noticeable for regular browsing, especially if you’re using a nearby server.
Here are some tips for getting the best VPN performance:
- Use the closest server possible to your physical location. This generally reduces latency and improves performance.
- Choose the least crowded server or “recommended” server. Some VPNs help you select the best VPN server by showing server bandwidth loads or having “recommended” servers based on distance and loading, such as with ExpressVPN.
- Experiment with different VPN protocols. OpenVPN UDP offers the best mix of security and speed. Trying different VPN protocols and encryption options may help to find the best fit for your network.
- Consider antivirus and WiFi interference. Sometimes antivirus software or other WiFi networks may interfere with VPN speeds.
- Use a wired (ethernet) connection. Wired connections (with high-quality ethernet cables) generally provide faster and more consistent speeds than WiFi, and are also more secure than WiFi.
- Consider processing power. Processing power on your device may also be limiting speeds, especially if you are using a VPN router.
- Consider your operating system. I’ve found VPN speeds on Linux and Mac OS to generally be better than Windows. When using a VPN on Windows, sometimes the TAP adapter will interfere with speeds, as well as background processes/updates that take up bandwidth and processing power.
- Upgrade your internet connection. Your VPN will not be able to exceed the connection speed of your internet provider.
As you can see, there are many different factors affecting speed. Experimenting with these different variables will help you achieve the best VPN speeds possible.
Are VPNs safe and legal?
First we will address the issue of safety.
If you are using a good, reputable VPN service that effectively secures your traffic (no leaks), then yes, a VPN is safe to use. But therein lies the catch because there are many unsafe VPNs on the market, especially when it comes to free VPN services, which we will explain further below.
The next question: Are VPNs legal?
In general, the answer is yes, it is perfectly legal (and normal!) to use VPNs, even if you are in places like China where VPNs are restricted. VPNs are used every day by businesses and individuals throughout the world for basic privacy and security purposes. Businesses rely on VPN technology and encryption for security reasons and it would not make sense for this to ever become illegal.
That being said, China currently has a “ban” on non-approved VPN services that do not go along with state censorship requirements, as explained in the China VPN guide. The United Arab Emirates also has laws against people using VPNs to evade state censorship, but again, VPNs themselves are not illegal. (But of course, none of this is legal advice!)
What about FREE VPN services?
“When something is free, you are the product.”
This famous quote certainly holds true for “free” VPNs because you are likely paying for the service with your private data, which is sold to third parties.
Free VPN services will offer a free product that collects your data for profit. Here are five well-documented reasons showing why free VPN services are risky:
- Malware – Malware is often hidden in free VPN services to collect your data. One study found malware in 38% of free VPN apps for Android devices.
- Tracking – Tracking libraries hidden in free VPNs are also used for data collection. The popular Betternet free VPN app was found to contain 14 different tracking libraries.
- Third party access to your data – Everything you do through a free VPN could be provided to third parties – and many VPNs explicitly state this in their privacy policies. Hotspot Shield was publicly called out for doing this by the Center for Democracy and Technology.
- Browser hijacking – Some free VPNs have been found to hijack and redirect browsers to e-commerce sites, such as Alibaba and eBay, through partner networks.
- Traffic leaks – This is perhaps the greatest risk for people using a free VPN because it exposes your identity. One study found that 84% of free Android VPN apps leaked user data, thereby rendering the VPN useless.
As a safer alternative to free VPNs, there are also a few free trial VPN services that may be worth considering.
But I have nothing to hide and I don’t trust VPNs…
Some people argue against VPNs by saying “I have nothing to hide” or “I don’t trust VPNs.”
These are very ill-informed arguments for a number of reasons:
- Your internet provider is likely recording everything you do (via DNS requests) and providing this data (or direct access) to various third parties and surveillance agencies – see the Room 641a example. Internet providers in the United Sates, Australia, UK are fully authorized to record everything you do online. Your internet provider also knows everything about you (name, address, billing information, etc.). Why would you give this entity all of your private browsing activity as well, which could be used against you now or in the future?
- With a VPN, you are distributing trust from your internet provider to the VPN service. There are a handful of verified no logs VPN services, which have either been audited by third parties or passed real-life test cases. A VPN in a safe offshore jurisdiction adds additional protection, as it cannot be compelled to hand over data to your government.
- You can also cycle through different VPN services, or utilize two or more VPNs at the same time (via multi-hop VPN chains). This provides an even higher level of privacy and security, especially if the VPNs and the VPN servers are distributed across different jurisdictions.
- If someone wanted to go after you for let’s say torrenting a movie (DMCA complaint), there would be three layers protecting you: 1) the VPN server you used in country A; 2) your VPN provider in country B; 3) your internet provider in Country C.
Can I just use a third-party DNS provider rather than a VPN?
A third-party DNS provider is only handling DNS requests, not providing you with any privacy. Your IP address remains exposed with everything you do online. Additionally, your internet provider can still snoop on your activities and every website you visit can see your real IP address.
In contrast, a good VPN will conceal your IP address and handle all your DNS requests encrypted within the VPN tunnel. This secures your activities (browsing) from third parties, including your ISP, while also protecting your identity.
What about Tor?
Tor is fundamentally compromised as a privacy tool and there are many court cases proving this over the past five years. Tor is not the privacy tool it’s made out to be, despite many Tor promoters in the privacy community. It also suffers from slow speeds, malicious Tor nodes, and flaws that leave Tor users exposed. See the facts about Tor here.
Trends in privacy propel VPN usage worldwide
In just the last few years we’ve seen many unprecedented developments in the areas of corporate and government surveillance, which has fueled the rise of VPNs throughout the world:
- USA – With legislation passed in March 2017, internet service providers in the United States can now legally record online browsing history and sell this data to third parties and advertisers. Government surveillance also continues unabated, regardless of which political party is in office. And with the abolishment of net neutrality, internet providers can now charge premiums based on what you’re up to online (unless a VPN is encrypting and anonymizing all your traffic).
- UK – Residents of the United Kingdom are having their online browsing history, calls, and text messages recorded for up to two years thanks to the Investigatory Powers Act. This private information is freely available to various government agencies and their global surveillance partners without a warrant.
- Australia – Australia has also recently implemented mandatory data retention laws, which require the collection of text messages, calls, and internet connection data. Australia is also working hard to force companies to provide backdoors to encryption, thereby giving government agencies the ability to hack devices and spy on their own residents. Online censorship is also a problem in Australia, just like in the UK.
The good news is that there are very effective solutions to these problems. You can protect yourself right now with a good VPN service and the other privacy tools, which will put you back in control of your data. And if you are new to these privacy issues, better late than never.
VPN Comparison Table
As a brief recap, the table below highlights the best VPN services for 2019 that meet the following criteria:
- Located in a good privacy jurisdiction (outside of 5/9/14 Eyes countries) to keep your data safe
- Passed all tests with no leaks found whatsoever (no IP address leaks or DNS leaks)
- Good performance throughout the server network (speed and reliability)
- High-quality VPN apps with all features working correctly
- Supports the OpenVPN protocol and strong encryption standards
- Offers a money-back guarantee (between 7 and 30 days)
- Trustworthy and well-established VPN provider with a good track record
Stay safe and secure online!
$6.67
(49% discount)
(30 day refund)
Review
(ExpressVPN)
$8.95
(7 day refund)
Review
(Perfect Privacy)
$3.49
(70% discount)
(30 day refund)
Review
(NordVPN)
$2.99
(30 day refund)
Review
(VPNArea)
$3.75
(7 day refund)
Review
(VPN.ac)
$3.75
(30 day refund)
Review
(VyprVPN)
$2.88
(10 day refund)
Review
(Trust.Zone)
Last updated and revised on October 23, 2019.
Comments are open. Please keep comments constructive and on topic to help other readers.
Hey, I liked your article and all your thoughts.
I’m now opening a small company and I will need a VPN which could be used by 20 people. For my personal use, I was using NordVPN, I kinda liked it and now I saw that they launched a new product for b2b which is called NordVPN Teams. So I’m thinking to take a VPN which is designed only for business, so I could take more benefits from it. Maybe you have any thought about business VPN?
Hi, I haven’t looked into this area too much. I think most VPNs could offer a custom plan if you ask them for a small business. I also know VyprVPN has a business product as well.
Hey Sven,
Was wondering if you could recommend a privacy focused Web hosting company?
Thanks
M
Here are a few worth checking out:
Bahnof in Sweden
Njalla also in Sweden
Orange Website in Iceland
Thanks!
Hey Sven, there is currently situation unwrapping regarding a VPN service NordVPN. As far as I understand – one of the NordVPN servers was compromised, where expired (according to NordVPN’s statement) private key was obtained, but they claim that “the only possible way to abuse website traffic was by performing a personalized and complicated MiTM attack to intercept a single connection that tried to access nordvpn.com”.
Source (Official statement by NordVPN) – https://nordvpn.com/blog/official-response-datacenter-breach/
I would really like to see your take on this – as once again I’m not really into jumping to conclusions this fast and the statements “concerned” people give seem way too exaggerated.
I’m researching this now for an article and will adjust recommendations based on my findings.
UPDATE: see this article.
really looking forward to your take on this situation, I agree it seems isolated to one server out of 3k
Regardless, we’ll issue refunds for anyone concerned with this matter. Please contact our Customer Support team to request a refund at support@nordvpn.com
– Via reply to a users comment on their blog announcing the official statement.
Hi M.D,
Doesn’t seem exaggerated, sincere and eye’s wide open I’d say.
Then a little foolish they were caught off guard by not using some outsourced vetting of any server/company used to supply the business they do.
.
Excerpts – NordVPN Official Response
https://nordvpn.com/blog/official-response-datacenter-breach/
We are not trying to undermine the severity of the issue.
We failed by contracting an unreliable server provider and should have done better to ensure the security of our customers.
We are taking all the necessary means to enhance our security.
.
We have undergone an application security audit, are working on a second no-logs audit right now, and are preparing a bug bounty program.
We double-checked that no other server could possibly be exploited this way and started creating a process to move all of our servers to RAM, which is to be completed next year.
We will give our all to maximize the security of every aspect of our service, and next year we will launch an independent external audit all of our infrastructure to make sure we did not miss anything else.
.
We have also raised the bar for all datacenters we work with. Now, before signing up with them, we make sure that they meet even higher standards.
With this incident, we learned important lessons about security, communication, and marketing.
.
I’d say Nord will only become stronger because of it’s weakness realized today, that it’s self-inflected security concerns will ripple for sometime to come.
So it shot itself in the foot, the mistake now would be to self-doctor the wound that requires more than a band-aid.
My 2 watts
Hey HardSell,
>”Doesn’t seem exaggerated, sincere and eye’s wide open I’d say.”
Perhaps I have not expanded on over-exaggeration part well enough, apologies. I meant the statement to only target the *actual* near-baseless exaggerations. For example, I seen a few folks claiming that “entire infrastructure” of NordVPN and fellow VPN services affected were compromised from that 1 breach alone, which, if you will, would be a bit exaggerating, don’t you think? If, let’s say, the server AND the user database were compromised, then that probably would’ve been closer to truth if not completely true. But as far my knowledge goes, nothing was compromised apart from 1 server and their expired TLS keys. That being said, I apologize again for not expanding enough on my point. The concerns that people raise are for the most part, if not completely, understandable and I, for the most part, agree with them. Also,
>”that it’s self-inflected security concerns will ripple for sometime to come”
Mind giving expansion on that bit? I’m not completely understanding what are you trying to say, as the breach was called out publicly by a random person, and wasn’t called by NordVPN themselves first – i.e no self-infliction.
Thanks.
Sure M.D
Let me go down your last comment to answer you.
> Yes giving an expansion to your meanings generally and especially with the prior, “concerned” people give seem way too exaggerated (with your prior point) there is currently situation unwrapping , – – and the link of the official statement had me thinking it all tied together with your comment.
*My mistake was how I interpreted it and I should of inquired of your inclusions here as who specifically are the people mentioned…
–
With that linked source only, I thought your meaning of ‘concerned ‘ people meant the staff/team behind NordVPN and with ‘exaggerated’ being used sarcastically.
Possibly in how there was no foresight (experienced eye’s) to overseeing the servers operations ahead of time with pre and post requisites established already as standards being used in the enlistment of the 3,000 servers it has claimed.
–
[This maybe is a Topic in itself – on inter-structures of large and small security services. Relying on as lax, barebone of a network to get by as by outsourcing their servers goes.
To being established on STRICT business models of in-house owned and maintained servers to the outsourced servers business variety models in the same business niche fields.
Diving into the understanding – if they make their code “Open Source” are both the client and server allowing anyone to review/audit it.
– Does this include the servers as well that serve up users entrance to use the service. Do they serve this users code from that “Open Source” depository ?
– – Are you actually being served code that is being sent from a server that these security-privacy-encryption using companies do not allow to be audited ?]
*- To me that could be a simpler way to snag a good company over a bad one – if their going this far to be open and transparent of their operations.
.
>”that it’s self-inflected security concerns will ripple for sometime to come” – I’m meaning by the self-inflicted and word play part (as read inflected / cause to deviate from a straight or normal line or course = bend), statement given. They did it to themselves as well as their clientele. Any association of/to/in the company is bent needing straightened.
Ripples will come from the clientele that subscribed to the service at this breach time. Sites will move over to the negative side of views, forgetting most part of it’s past achievements.
Their all the ones to keep it going in talks wither they decided to stay or move on, push the service or report and review for a living.
That Nord statement officially in “We are not trying to undermine the severity of the issue. We failed by contracting an unreliable server provider and should have done better to ensure the security of our customers.”
– Their owning up to be the main faultee in the breach statement as the buck stops there of any shared ownership’s in fault, was also meant by my self-inflected meaning as the word playing part (inflicted) to harm self.
As they were smart enough to not side-step owing all the harm caused to their reputation in this event all by themselves. The presented outline or roadmap they’ve given is only after the fact. One should of been in place before hand as insurance…
.
Already seen one reader and user of it here, kind of come back on Sven for recommending it. How small can you really get, as the GO decision was made by them – not Sven.
Sven only recommends something if it offers what it says it will. There’s alot of info before of the pro’s and con’s in a review – so something was appealing for them to buy into it.
All the like security/privacy services-software usually say in their TOS / PP their not 100% secure, or fit for any specific use as a disclaimer – simple meaning humanly you can’t be perfect, nor foresee everything in possible consequences.
Thanks
Hey, HardSell
Ah, thank you for expanding the point, I see what you mean now. Also, the mistake wasn’t on you, I personally failed by not giving out my exact reasoning or giving enough information about the group of people I’m talking about in particular, leading to you misinterpreting it. Again, thank you for expanding.
Dear Sven,
First, I’d just like to thank you for keeping this website up-to-date and continually adding new reviews and articles. The one on Tor was especially informative. As a longtime reader, I genuinely appreciate when someone takes the trouble to advocate for a niche position — and you advocate your positions WELL.
That mandatory appreciation aside, I’m wondering if you’ve heard of Mullvad VPN. I’ll admit that I was skeptical when I first heard of them as well (which was actually yesterday), but a number of reviewers have treated them well, they are mostly open-source [https://mullvad.net/en/help/open-source/] and they have been independently audited by Cure53 (a very popular auditor) as keeping no logs [https://cure53.de/pentest-report_mullvad_v2.pdf]. To say the least, they seem to be legit. Despite this, I’ve heard practically nothing about them anywhere; I’ve not even seen them on this site, which is surprising. Do you have any opinion on them?
Thank you so much!
Anonymous
Hello, Mullvad is actually briefly discussed above, and it looks to be a decent provider, although I haven’t had time for a review because I’ve been so busy with email reviews, updates, and other guides lately. I hope to get to it (and other new VPN reviews) in the coming months.
Hi Sven,
When you do find the time for a review of Mullvad, be sure to give it’s features as I don’t see clue of them on it’s site.
Strange rightly so, to sell something as a VPN service without boasting of and off about it’s talents and abilities.
Appreciated ; )
Hi Sven,
Having followed your guides on use of VPN, browser choice and modification there are a couple of questions based on best practice when using a VPN.
ISPs can see that an individual is connected to a VPN server so
a) Is it best practice to use just one VPN server for everything you do day to day – all traffic.
b) or use different VPN server in a country with strong data protection laws when downloading (raising the question that if your ISP sees high data throughput when connected to a VPN in a given country, is this likely to raise any flags).
Thanks for all you do to help the community.
Hi Jason, to be honest, I don’t think it really matters. VPNs are becoming mainstream with many people using VPNs for torrenting and Netflix streaming, which are both high-bandwidth activities. So I don’t think you have to worry about any “red flags” so to speak. Connecting to a closer server should give you better performance.
I just stopped using Perfect Privacy. Too often recently the connection would cut out or I would not be able to connect to a particular server(s) on the server list (I’m in Germany and could never connect with Frankfurt and only rarely with Erfurt). Also, not being able to access Netflix and other IP dependent streaming services – such as ITV – was a bummer.
Gonna try ExpressVPN for a few months to see what they’re like.
Would like to see this ranking for business VPNs. I myself have tried a few in the office and can say that nord with NordVPN Teams stands as a strong competitor, also with Perimeter 81. It’s an interesting topic so would love you hear what you have to say.
Hi Sven.
First thank you for your website, it has helped me a lot and I have learned many things with it. And I keep learning.
I am currently a VPN.AC user. What it has caught my attention are their policies, they are very clear and technically give concrete explanations. I think they provide solutions that I don’t know if they have any other VPN service.
In general, it is a good VPN service. Good speeds even with the double server jump. I have implemented the VPN on the router and through the computer I use the double jump, which makes it triple and the speeds are still good. The kill switch works perfectly and also allows you to stop the VPN service and not have an Internet connection. The kill switch works both when changing servers and if you stop your VPN service directly. I have not had service interruptions for months.
As for the daily connection log policies, I don’t think it’s a problem.
The company indicates that it is for safety reasons and work procedures and for the own VPN infrastructure. As they own everything (including servers in countries) I understand that they need some control over the system. Besides, I think it’s even good. It is true that there are companies that work with “marketing” to reassure a client by offering many things that personally make me doubt. There are many users who use paid VPN, and they don’t know what is behind them with respect to the loggs, and although they promise that they do not exist, putting reasons of speed, location of servers, I have reason to doubt … I think all VPN companies have some type of log (except Perfect privacy), such as determining the number of simultaneous connections.
Besides, they don’t have a tracking connection to Google or Facebook (indicated in their policies).
I also consider it important to be the owner of the entire infrastructure, including own servers. This makes exclusively they are those who handle the entire system, without third parties.
My attention is largely the work with own DNS servers. As they say, the privacy with a VPN depends of many things, and DNS requests are something that many people forget and it is no less important.
I have used several VPNs for several years: VYPRVPN, EXPRESS VPN, PERFECT PRIVACY and VPN.AC. Everyone has their good and less good things and there is no perfect VPN. There are very good things about some that do not have others, but I prefer to use PERFECT PRIVACY or VPN.AC.
I apologize if there is a mistake in making the comments, I would like to be told it.
Thank you.
Hi Taylor. Thank you very much for excellent job and tremendously useful article!
Eduardas
Hi Sven,
Love your website and your work. I am seriously going to buy some Bitcoin so I can donate to you.
I’d like your comments on the newest VPN and Email service: Unspyable.com
The things that they write about seem great but are they a NSA front? I guess you wouldn’t know. Any comments on have on Unspyable would be greatly appreciated.
Thx
Hi, I have never heard of it before, but I’d generally separate email from VPN for compartmentalization reasons. Under that site’s news/updates section, there hasn’t been anything posted since 2017.
Hi Sven,
Bout a year ago I commented on the Best Secure Email here on
Hard Sell NOVEMBER 21, 2018
Any thoughts on these, Sven ?
– Unspyable VPN combined with the email – https://unspyable.com/offshore-email-service/
[The service is designed to maximize your privacy. We do not back up the email and no record is kept. We strongly suggest you use a program like Outlook, Thunderbird or Mac Mail to download the email to your computer.
The service includes a Personal VPN account which is required to achieve maximum privacy. It also includes two email accounts.]
– This is in a Niche marketed field for offloading your mail from it’s servers via an included VPN plan – so a two-n-1 offering. Relying on small mail space, constantly downloaded and erased, designed to maximize your privacy and email security.
–
Email service includes your choice of open source web browser and POP/IMAP/SMTP service for use with programs such as Outlook, Thunderbird and Mac Mail.
This service is not designed to store large amounts of email on a remote server. The service is designed to maximize your privacy, no back ups of the email and no record is kept. Strongly suggest you use a program like Outlook, Thunderbird or Mac Mail to download the email to your computer, also suggest that you encrypt your computer’s hard drive to protect your downloaded messages.
Once a message is deleted from it’s servers there is no way to recover it. In addition, since there are no back ups of the server data, a hardware or software failure on the server can result in lost emails. This it the price of no backups and maximum privacy. Download your email to your computer often to minimize the risk of loss.
If you want email service, do not purchase VPN service separately as it is included with your email subscription.
Hello Steve, I have been using Surf Shark for several days. Supposedly does a lot for security and privacy and the servers are very fast in my opinion. So far, I am thrilled. Although I’m skeptical about new VPN, but it is recommended everywhere, even by independent, on Reedit there is a discussion and they are also excited. However, the app makes some problems with Windows 10 Spring Update. Sometimes it just hangs, does not react at all, and then it’s back after 2 minutes. Although I had to shoot it completely once, because it completely hung up. In my eyes Promising VPN. Let’s see what else they can think of.
Do you think chaning VPN across different countries is BETTER done in VM or better done on VPN routers made by different companies?
also, with TOR as the endpoint and multi chained VPN behind it, if TOR is compramised, they would just see your last VPN, and then need to go to your next vpn etc this seems like the best approach as far as I can tell.
I would still like to hear your thoughts on Qubes OS with Whoonix and TOR as a less exploitable surface than VPN chain due to virtualization compartmentalization
1. Do you think no log vpn’s are being targeted by the NSA or other groups? is not that a major liablity for a spying agency? aka going after large hardware purchases and inserting code or bad hardware?
2. Can a no log VPN have an upstream provider that has different policies? Can a no log VPN lie about where the server actually is and have your info pass through a 5 eyes country first before routed to your “safe” swiss location ?
3. Does the diversity of TOR nodes and guards dwarf the security of the few no log VPN that accept bitcoin?
I really can’t say for certain with any of these questions.
1. Not sure, we can only guess.
2. I can’t say for certain on this either. Perhaps certain data centers in specific jurisdictions have issues, but if this is really a concern, you could utilize a multi-hop VPN and/or chain different VPN services. But for the vast majority of people, a standard (single hop) VPN will offer more than enough protection (but this depends on your threat model).
3. There have been numerous issues that have come up over the years raising questions about just how much anonymity Tor offers. Read this. For the truly paranoid, I still recommend chaining different VPN services across different jurisdictions using Linux VMs.
I would like to ask a meta-question about VPNs
I like and use a few of your top picks.
I recently argued with a secuirty professional about the security of VPNs, he argued that something like Qubes OS with whoonix/tor, is far more secure way to protect your real ip than a VPN. His claim was that virtualization of Qubes os and the non-business model of TOR is more secure than a VPN business that could give up your information if pressured or hacked. What are your thoughts?
Do we have a lot of cases of the best VPN’s in the best countires giving up customer information by court order, or are there enough cases of VPN companies not having any data to actually give (no log etc) ?
It is hard to argue with the idea that a VPN can see everything you are doing online and you are basically trusting them in a way Qubes/whoonix/tor would not require.
After thoroughly researching Tor, I have my doubts, many red flags:
https://restoreprivacy.com/tor/
Recent news, also illustrating Tor de-anonymization work going all the way back to 2012:
https://www.zdnet.com/article/hackers-breach-fsb-contractor-expose-tor-deanonymization-project/
With VPNs, yes, there are also risks and examples of VPNs giving up logs. But there are also examples of verified no logs VPN providers that have passed real-world tests:
https://restoreprivacy.com/no-logs-vpn/
Add CryptoSTorm!!!
CryptoStorm is run (or was founded?) by Douglas Spink:
1) Spink was accused of running an illegal “farm” where people engaged in “animal cruelty” acts (sources here, here, and here).
2) Spink was busted for smuggling millions of dollars worth of cocaine. While others in the ring received 17-year sentences, Spink got off with a “lenient, three-year sentence because of his extensive cooperation with investigators.” Key words here: extensive cooperation.
For years there have been rumors this “cooperation” entailed giving authorities backdoor access to CryptoStorm, but again, who knows for sure.
hello sven
I never recommend surfshark.
surfshark collects ip addresses from your computer and other devices from websites.
And collect various error reports. (Metadata Risks)
When you use our app, we may collect advertising identifiers – unique, user-resettable IDs for advertising, – surfshark privacy policy
And they also collect cookies.
This policy is dangerous.
Hi,
You can use OpenVpn client in that case
Sven,
I don’t know if you want to hear this, but you should be made aware.
Using the privacy extensions you recommend, I visited the home pages of the VPNs you recommend and found that all except VPN.ac and ZorroVPN have at least one tracking connection to Google. Some have other connections also. ExpressVPN also has a connection to Facebook. If these companies are serious about privacy, they should not have tracking connections. Is there an explanation for why they would do this?
Hi Anonymous, yeah this is a fine line to walk, and I personally understand both sides. There are a few sides to this issue:
VPNs need to acquire customers, sell subscriptions, and pay the bills. To do that effectively with a website, you need to see how people are interacting with the site, how people are getting to the site, etc. While we all dislike Google and it’s anti-privacy practices, 95% of the world still uses Google search, which makes Google Ads very important for acquiring customers (for many VPNs). Without Google Analytics, one cannot see if money spent on Google Ads is working. It’s a complete shot in the dark – hope it works out kind of a situation. Of course, it’d be great for sites companies to quit using Google Ads, and also drop Google Analytics, but we’re not there yet…
On the topic of analytics: a site that has broken pages, errors, or is not written well will have a high bounce rate. If you don’t have analytics, it makes improving a site nearly impossible. You have no idea what articles are getting the most traffic (and are the most important to your readers) and what you should ignore.
On the other hand, you could be like ZorroVPN or VPN.ac and build a simple, basic website that looks the exact same for years and never changes, updates, or improves. This makes it much more challenging to understand how people are interacting with your content and what’s important to them (which should be updated and accurate).
I’m not taking sides here, but it’s a fine line to walk.
Simple solution: Use a script blocker, and/or ad blocker that also blocks trackers, and you won’t have anything to worry about.
just trying Protonvpn trial, and for the record, they got great speeds, same datacenter as airvpn, again around 100Mbps, fast also with double hop. The windows and android clients are very very nice, fast to log in and don’t drop connections, don’t leak that much:
– leaks during user’s configuration change, you need to stop connection to make some changes, weird but it’s one time and can be controlled
– leaks during VPN server change (which is quite fast, but even 100ms is enough for GMS to connect to Google and add your real IP to their unique_ip list)
– no leaks on connection change
– routing messup, packets not coming back will make app stuck & “connected” while there’s no connectivity.. -> restart wifi router to spice it up and it won’t switch to mobile while wifi is already off, -> set wifi back and it will leak via wifi while still stuck
Isn’t it funny that only “Block connections without VPN” works these days…
Still this as a reminder where airvpn needs to improve because it’s even worse on Android: opensource Openvpn client is slow and leaks in every possible situation (at boot, during connection change, during VPN server change or simply by system apps like Download manager), while eddie for android is, while new, a total mess (chaotic UI, long boot leak, boot connect not possible via login, nonstop connection drops, with no other leaks at least). PC and router clients perfect with no leaks there.
I consider using protonmail on mobile device due to 2 less leaks. I’m not having big expectation on android devs grasping the programming logic, but If there’s really leakproof android VPN client/service, i’m interested.
airvpn = many configurations for 8 platforms, port forwarding with custom dns, many target ports, via ssl/tor, privacy focus and fantastic speeds (always maxing out 100Mbps possible by WRT3200ACM router, even more when turn on local PC Eddie and forward traffic via WAN).
but still underrated by all comparisons.
Dear Sir,
How would you rate Mullvad please?
Thanks,
Koen
I added a section on other VPN providers above.
Hi, Sven. I’ve found this VPN service: [https://thesafety.us/vpn]
For some reason, it’s super expensive! Although I couldn’t find where are they from. Also, wheather it’s justifiably expensive from what they offer, I don’t know. What do you think?
What do you think about RiseUp VPN?
It’s based in the US, so it doesn’t meet the criteria. See also here and here.
Hi all, I’m considering to get a VPN to torrent some obscure film that is generally unavailable to the public and/or unavailable to purchase. However my upload and download speed is mediocre, sitting at just 2Mb and 15Mb (may dip to below 10Mb) respectively. I live in SEA, if that helps.
Should get NordVPN, VPNac, or Zorro?
VPN.ac might be a good option: fast speeds, servers in Seattle, torrenting friendly…
Sven, You’re the best. Thanks for all this. I’d welcome your thoughts though on VPN and email. I recently signed up for Nord, using Firefox and that worked fine. On my iPhone as well. BUT… it totally screwed up my email (Thunderbird sending gmail). They kept telling me to change my outgoing smtp port from 25 to 465, except it always was 465. I also tried others. Nothing seemed to work and no one at Nord seemed to care enough to help me find a solution. Any ideas? Or, do you know of a service that doesn’t screw up emails and/or has customer service help that really helps? Many thanks/ LN
Yes this can be an issue sometimes with VPNs putting in measures to prevent bulk spam email campaigns, which blacklists the VPN’s IP addresses. So you might want to research this with the different providers and the email client you’re using. I know this is an issue with many VPNs and some address it differently than others.
I saw a nortonvpn card in some random store, do you think this vpn service is trustable?
Not sure, but in general cybersecurity companies do not have the best track records with privacy, see here.
Hi Sven, I read your thoughts and I am now trying to choose between ExpressVPN and vpn.ac. I had a IVPN account for about one year, they were ok, but I want to move on as they are too expensive and also as you mention just „ok“ – no netflix, no browser add-on and ok speeds for Germany. On the positive side I can say there were flawless with a lot of updates among this year. However, everywhere you look for a vpn review you can find ExpressVPN as the total leader and I am not sure if they pay their way in to be on the top or are they that good. Does it worth the price difference (ExprssVPN vs. vpn.ac)? You tested both, so I would relate my question in terms of speed and „feeling of anonymity“. Because vpn.ac logs, but they say they keep only check in and out times and data volume – and only for one day.
Would you consider moving from IVPN to one of your recomended VPNs an improvement (you mentioned you have also tested IVPN)? Thank you
Yes, ExpressVPN is the best all-around VPN in my opinion: excellent speeds (verified with the recent review update), 24/7 Netflix access, very secure apps, support for all devices and operating systems, verified no logs provider, and quite reliable. VPN.ac is also a great option, and even though they don’t advertise it, they do support American Netflix. VPN.ac is also a good value at only $3.75 with the two-year plan. IVPN is also a good provider from everything I’ve seen, although lacking a bit in some areas as you pointed out.
If you’re on the fence about switching, you can get a cheap one-week trial for $2 on the VPN.ac website (see FAQ page). ExpressVPN also offers a 30-day refund window, no questions asked.
Sebastian,
You should read the VPN.ac legal stuff. I like the site and what they seem to provide, but the TOS is a bit hard to digest.
Policy is very broad and basically renders VPN.ac service useless by prohibiting legit VPN use cases.
EG: (couple tos violations)
–
* Transmit any copyrighted, trademark, or patented content
–
service is unusable as worded, too many legit and legal reasons to mention which would fall under this violation
–
* Use P2P programs on other VPN Nodes than those where we allow it
–
peer-to-peer is attractive for many uses other than BitTorrent and many emerging software and services could be considered P2P
–
Regards,
JN
Johnny, nearly every VPN has a clause in their TOS saying “don’t torrent copyrighted material on our servers.”
Why? Because when they inevitably get DMCA takedown notices and threats from data centers, they can say “Well, we don’t allow copyright infringement, it’s right here in our Terms.” Meanwhile, I know for a fact that VPN.ac does not close accounts for torrenting copyrighted material.
Thank you both for the reply. I think when it comes to sharing copyright material and torrenting illegal stuff nobody will encourage the use of their service :-). I was interested in speeds and non leaking apps on the long run. Sometimes they put you on the right server with very good speeds during the test phase and then, after signing up it all goes down (it happened to me with some providers). I was happy with IVPN, but now I‘m also thinking about trying US-Netflix. And also using just a browser extension which will for sure use less memory on the computer. I’ve asked about vpn.ac because not long ago I saw a strange review about them. Somebody wrote on his site he used some servers in Asia, checked the IP and got IPs from Europe or something like that. I am just speculating, maybe it was just intended to discourage the use of the service. BTW Sven, please take a look at Surfshark if you have the time. It‘s the new kid in town and I think many of us would like to hear some unbiased opinions about it (I am sure your readers have a lot of questions and doubts). Once again thank you very much for your answers and your privacy blog
VPN.ac does not use any virtual locations, so the servers are located where they are advertised, you can test this.
Just an afterthought…. I noticed the “Simple Privacy Setup’ recommendation at the bottom of this site.
Banner in itself, but could you – when time allows – give a stepped up version of this?
Something like a 2nd tier and 3rd tier? What I mean is a bumped up security/privacy version, and then as the 3rd tier (what you would consider) an ultra security/privacy version? Hope that makes sense.
Would come in handy and informative to those folks who are non-Geek like me! 🙂
Cheers again from Canada
Thanks George, I’ll keep that in mind.
Hmmmm…. Days have gone by without anyone having “an opinion” about what you wrote? Hmmmm.
(Sven, I think this a good sign. Looks like you nailed the facts and were right on the money.)
Personally, I’ll be giving VPN.ac a go. Though 5th on your rating, I like the tone & timber on how you have reviewed them. No big marketing splash, dedicated techies, Mac compliant, a solid jurisdiction… how can one resist!!! 🙂 Just my humble feedback.
Cheers, George from Canada
Hey George, two things regarding comments. When I closed comments a month or so ago (due to comment spam) it erased all old comments, but now comments are open again. Second is that Google seems to have updated an algorithm recently (June 2019 core update) and the site traffic has gone down quite a bit, and most visitors arrive here through search traffic. Oh well, I’m sure it will pick back up over time.
LOL There’s true irony in that, IMO! Your site is the BEST I’ve come across re Google alternatives……….. yet……….. you depend on the bulk of your traffic/searches thereon? Ironic in the extreme!!! 😉 Hope the traffic picks up soonest!!! Cheers, eh!