| #1 | ExpressVPN with [49% Discount] |
| #2 | NordVPN with [68% Discount] |
| #3 | Surfshark |
| #4 | VPN.ac |
| #5 | Perfect Privacy |
| #6 | OVPN |
| #7 | ProtonVPN |
| #8 | Trust.Zone |
A VPN – Virtual Private Network – is becoming the go-to solution for people all around the world. Whether you want more privacy and security or a safe and effective way to unblock websites and stream media, a good VPN is the solution. But there’s just one problem.
With so many different VPNs on the market, how can you find the best VPN service for your unique needs?
Sorting through the noise is increasingly difficult with all the new VPNs coming online and dozens of overnight experts making dubious recommendations.
In testing and researching hundreds VPN services over the past five years, I’ve found that most VPNs fail when put to the test. Here are three common problems:
- VPNs that leak IP addresses and/or DNS requests. IPv6 leaks and DNS leaks affect many popular VPNs and this can expose your identity, location, and/or browsing history to third parties.
- VPNs with broken features. While most VPNs offer a kill switch or some form of leak protection, I’ve found that often these features fail under certain test cases, such as when switching network interfaces or reconnecting with the VPN server.
- VPNs that share data with third parties. This is mostly a problem with free VPN services that collect and sell user data. However, even some highly-recommended paid VPNs have been busted for logging their users, including IPVanish and also PureVPN.
While this may sound alarming, there are still some excellent VPNs that we have identified in our testing and research.
Best VPN Services for 2020
- ExpressVPN – Best all-around VPN
- NordVPN – Best value VPN with great performance and security
- Surfshark – Top VPN with a low price
- VPN.ac – Secure and user-friendly VPN service
- Perfect Privacy – Best VPN for advanced privacy features
- OVPN – Secure, privacy-focused VPN
- ProtonVPN – Secure VPN in Switzerland
- Trust.Zone – Basic VPN with solid performance
Ranking criteria for the top VPNs
The goal of this report is to filter through all the noise and identify the most reputable and secure VPNs that meet the following criteria:
- Passed all tests with no data leaks found (no IP address leaks or DNS leaks)
- Good performance throughout the server network (speed and reliability)
- High-quality VPN apps with all features working correctly
- Supports the OpenVPN protocol and strong encryption standards
- Offers a money-back guarantee
- Trustworthy and well-established VPN provider with a good track record
- Located in a safe privacy jurisdiction (outside of Five Eyes countries, such as the US and UK) to keep your data safe
If a VPN did not fulfill all the criteria listed above, it was not featured in this report. And when you apply this standard to all the VPNs on the market, there are very few that make the cut. So let’s cut to the chase!
1. ExpressVPN – Best all-around VPN
| VPN | ExpressVPN |
| Based in | British Virgin Islands |
| Logs | No logs (audited) |
| Price | $6.67/mo. |
| Support | 24/7 Live chat |
| Refund | 30 days |
| Website | ExpressVPN.com |
In an overcrowded VPN market, ExpressVPN continues to stand out from the rest and remains the top recommendation on Restore Privacy. While many VPNs suffer from bugs, slow speeds, and data leaks, ExpressVPN consistently provides excellent performance, the highest security, and 24/7 access to all major streaming websites and content. In short, it just works.
For security, ExpressVPN utilizes strong encryption with an AES-256 cipher and a 4096-RSA key. It supports the OpenVPN protocol on all VPN apps and incorporates a Network Lock kill switch to ensure all data remains secured and encrypted (no leaks).
ExpressVPN also maintains the highest network security standards with all servers running in RAM-disk mode. This makes it impossible to store any logs or data on VPN servers and also improves security (see the TrustedServer feature). Additionally, it has passed an independent audit by PWC verifying compliance with its no-logs policy.
Need a VPN for streaming? ExpressVPN is currently the best VPN for Netflix, supporting numerous Netflix regions around the world. It also works with BBC iPlayer, Hulu, Amazon Prime, Disney+ and many other streaming services. Simply connect to one of the 160 server locations (in 94 countries) and you’ll be set to stream.
Here are a few other reasons ExpressVPN stands out from the crowd:
- Top speeds: ExpressVPN consistently outperforms other VPNs. It is well-known for premium performance and it continues to deliver today.
- Browser extensions: Browser extensions are available for Chrome, Firefox, and Safari that are open source and incorporate HTTPS Everywhere.
- Apps for all devices: User-friendly apps are available for all major devices and operating systems, including Windows, Mac OS, Android, iOS, Linux, routers, smart TVs, and more.
- Split tunneling: Split tunneling is available with the Windows, Mac OS, and router apps. (This is the ability to route certain apps or website traffic outside the encrypted VPN tunnel.)
- VPN router app: If you want to use a VPN on a router, ExpressVPN offers a dedicated router app. The app simplifies using a VPN on a router, while also giving you the ability to easily switch server locations.
- Security Audit: ExpressVPN passed a third-party security audit conducted by Cure53, a cybersecurity firm in Germany.
- Responsive support: Live chat support is available 24/7 directly through the website, in addition to a huge selection of setup videos and how-to manuals.
- User-friendly: ExpressVPN is very user-friendly with intuitive and simple VPN apps.
Main drawbacks:
- More expensive than some competitors (but see the coupon below)
Refund policy: All subscription plans come with a full 30 day money-back guarantee, no questions asked.
ExpressVPN Coupon
Sign up for the 12 month plan, and get 3 months FREE (49% Off)
Get Three Months Free + 49% Off ExpressVPN >>
(Discount is applied automatically)
See the ExpressVPN review for more test results and analysis.
2. NordVPN – Best value VPN with great performance and security
| VPN | NordVPN |
| Based in | Panama |
| Logs | No logs (audited) |
| Price | $3.71/mo. |
| Support | 24/7 Live chat |
| Refund | 30 days |
| Website | NordVPN.com |
NordVPN is a popular VPN that continues to improve and upgrade its service. It is one of the few VPNs that offers full support for the WireGuard VPN protocol directly in its VPN apps. WireGuard offers upgraded security and is the fastest VPN protocol we’ve tested, on average 58% faster than OpenVPN in our tests.
In addition to the newly-introduced WireGuard VPN protocol, NordVPN has many other privacy and security features you may want:
- CyberSec feature to block ads, trackers, malware, and phishing domains
- Double VPN servers to encrypt traffic over two locations
- Tor-over-VPN servers that add an extra layer of encryption via the Tor network
- Very secure server network with all servers running in RAM-disk mode (no logs)
- Built-in leak protection for all VPN apps (no leaks with the kill switch)
Like ExpressVPN, NordVPN has also passed independent audits for both security and compliance with no-logs policies. It introduced a public bug bounty program and also has an ongoing partnership with Versprite for security audits and penetration testing. NordVPN uses very strong encryption with an AES-256-GCM cipher and DHE-4096 key exchange in implementing Perfect Forward Secrecy.
With premium speeds and strong security, NordVPN is our top-rated VPN for torrenting. It also works very well for all major streaming services, including Netflix, Hulu, BBC iPlayer, Disney+ and more. You can use the NordVPN app if you need a VPN for Firestick, TV boxes, or Smart TVs, or any other streaming device.
As of right now, NordVPN has about 5,300 servers in 59 countries. It does not use any virtual server locations and all servers run on dedicated hardware. This improves security and also makes storing logs on the VPN server impossible. In addition to the specialty servers we discussed above, NordVPN also offers obfuscated servers, which conceal VPN traffic as regular HTTPS encryption. This is a useful feature to get around VPN blocks, such as when using a VPN for China.
NordVPN continues to evolve and improve while remaining one of the top leaders in the VPN industry. Check out the two-year plan with the coupon below for maximum savings.
Main drawbacks:
- Big discounts are only available with two-year plans.
- No router app (but can still be used with most router firmware)
Refund policy: All NordVPN subscription plans come with a full 30 day money-back guarantee.
NordVPN 68% Off Coupon
Get 68% off NordVPN (drops the price down to $3.71 per month)
68% Off NordVPN Here >>
(Discount is applied automatically)
See our NordVPN review for more test results and analysis.
3. Surfshark – Top VPN with a low price
| VPN | Surfshark |
| Based in | British Virgin Islands |
| Logs | No logs |
| Price | $2.49/mo. |
| Support | 24/7 Live chat |
| Refund | 30 days |
| Website | Surfshark.com |
Officially launching in 2018, Surfshark is one of the newer VPN services we’ve tested. Despite being a relative newcomer, Surfshark comes loaded with features, great leak protection settings, access to numerous streaming services, and excellent support. Additionally, it gives you an unlimited number of connections.
Surfshark maintains strong privacy protection policies and is a no-logs VPN based in the British Virgin Islands. The Surfshark apps incorporate good leak protection settings (kill switch) to ensure data remains encrypted and secure without any leaks. There is also a CleanWeb feature to block ads, trackers, and malware domains.
Surfshark utilizes strong encryption with an AES-256-GCM cipher and supports both the OpenVPN and IKEv2 VPN protocols. Similar to our other top recommendations, Surfshark is now running all servers in RAM-disk mode for added security. It offers 13 double-hop VPN server configurations, allowing you to encrypt traffic over two servers at the same time. While Surfshark offers decent speeds with many servers, it is not quite on par with NordVPN or ExpressVPN in terms of performance.
If you want to stream media and unblock websites, Surfshark does well in this category. It currently supports 10+ different Netflix regions, as well as most other streaming services. It is a great VPN for Android and iOS with dedicated mobile apps.
Surfshark continues to gain traction in the VPN market. It remains a strong contender while also being one of the best cheap VPNs at only $2.49 per month with the two-year plan.
Main drawbacks of Surfshark VPN:
- Variable speeds with some server locations (but nearby servers were fast)
- No VPN router app (but routers still supported)
Refund policy: All Surfshark subscription plans come with a full 30 day money-back guarantee.
Surfshark 81% Off Coupon
Get 81% off Surfshark VPN (drops the price down to $2.49 per month)
81% Off Surfshark VPN Here >>
(Discount is applied automatically)
See the Surfshark review for more test results and analysis.
4. VPN.ac – Secure and user-friendly VPN service
| VPN | VPN.ac |
| Based in | Romania |
| Logs | Connection logs |
| Price | $3.75/mo. |
| Support | |
| Refund | 7 days |
| Website | VPN.ac |
VPN.ac is a security-focused VPN that offers good performance and features at a competitive price. It is based in Romania and was started by a team of network security professionals. VPN.ac did well in testing with fast speeds, strong encryption, and good privacy features.
VPN.ac currently supports the WireGuard VPN protocol. However, unlike with NordVPN, it takes some work to set up and use correctly and is not supported directly in the apps. VPN.ac’s apps incorporate built-in leak protection, port selection, and offer a variety of VPN protocols and ciphers to choose from. They also have specialty servers: double-VPN servers, P2P servers, and Obfuscated servers.
In addition to the desktop VPN app, you can also use VPN.ac’s secure proxy browser extensions, available for Chrome, Firefox, and Opera. You can also use VPN.ac to stream American Netflix, but other Netflix regions are not supported.
Main drawbacks of VPN.ac:
- The main drawback of VPN.ac is the connection logs. Basic connection logs (no activity or usage data) are kept for 24 hours for network security and optimization. These logs are erased automatically every 24 hours. This is explained more on the VPN.ac website.
- Another drawback of VPN.ac is that it does not work well with some streaming services.
Refund policy: All plans come with a 7 day refund window.
https://VPN.ac/
Discounted trial: You can get a discounted one-week trial for $2 (see the FAQ section of the menu).
The VPN.ac review has more test results and analysis.
5. Perfect Privacy – Best VPN for advanced privacy features
| VPN | Perfect Privacy |
| Based in | Switzerland |
| Logs | No logs |
| Price | $8.95/mo. |
| Support | Email & forum |
| Refund | 7 days |
| Website | Perfect-Privacy.com |
If you are looking to attain the highest levels of privacy and security, Perfect Privacy may be a good choice. It is based in Switzerland with a strict no-logs policy and is run by a dedicated team of privacy enthusiasts. Although it might be overkill for some users, Perfect Privacy offers a number of advanced features you won’t find elsewhere. These features include:
- Multi-hop VPN servers: With Perfect Privacy, you can route your traffic across multiple VPN server hops (up to four). This offers a higher level of protection for those who want it. Additionally, the NeuroRouting feature (supported on all devices) dynamically routes traffic across multiple hops in the VPN network.
- Ad/tracking blocker: The TrackStop feature blocks thousands of ads and trackers, as well as malware and phishing domains at the VPN server level. You can also activate a filter to block social media trackers.
- IPv6 support: Perfect Privacy is one of the few VPNs offering full IPv6 support (you get both an IPv4 and IPv6 address).
- Port forwarding: Perfect Privacy allows you to customize your port forwarding settings, which is ideal if you need a good VPN for torrenting.
- Strong encryption: This VPN secures data using an AES-256 cipher with a 4096-bit key exchange. Users can choose between OpenVPN and IPSec/IKEv2 protocols.
Similar to Surfshark, Perfect Privacy gives users an unlimited number of connections, but at a much higher price. You can use Perfect Privacy with custom apps for Windows, Mac OS, Linux, and Android, along with support for other devices (including iOS). While the apps do not feel quite as polished as some other VPNs, it does offer a lot of features if you need a VPN for Windows or other desktop operating systems.
Main drawbacks:
- More expensive at $8.95 per month with the two-year plan
- Limited support for Netflix and other streaming services
- Small server network (but all servers running on dedicated hardware in RAM-disk mode)
Refund policy: 7 day refund window with all subscriptions.
https://www.perfect-privacy.com/
See the Perfect Privacy review for more test results and analysis.
6. OVPN – Secure, privacy-focused VPN
| VPN | OVPN |
| Based in | Sweden |
| Logs | No logs |
| Price | $4.99/mo. |
| Support | Email and chat |
| Refund | 10 days |
| Website | OVPN.com |
Next up on our list is OVPN, one of the best VPNs from Sweden. It was started in 2014 with a simple goal to be the “most reliable and trustworthy VPN provider.” They go to great lengths to safeguard the data of their users with a multi-layered approach to security. OVPN’s entire network runs on self-owned dedicated bare-metal servers with ample bandwidth and strong security. All servers operate in RAM-disk without hard drives, multi-hop configurations are supported, and no logs are stored.
OVPN did surprisingly well in our tests, competing among the top VPN providers. It offers secure apps that include built-in leak protection settings, and even has a full GUI Linux client with all features available. VPN apps for mobile devices (Android and iOS) are currently in development, but you can still use third-party apps with the service. WireGuard is supported, but not directly in the apps, like with NordVPN.
From the very beginning, OVPN has offered a transparent and privacy-focused service. Here are some noteworthy details:
- Transparent and public-facing leadership (can be verified on the website).
- Monthly transparency reports are published going all the way back to 2014.
- OVPN even has insurance that will cover any legal fees necessary to fight against demands for user data by third parties.
- A 2020 court case proved OVPN is true to its no-logs policy.
- Completely anonymous payments and signup methods are supported.
Even though OVPN is a privacy and security-focused service, they still offer some support for streaming services. This includes Netflix and Hulu, although they currently do not support as many streaming channels as NordVPN or Surfshark.
While OVPN does have a lot going for it, there are a few drawbacks to consider:
- Multi-hop servers are not included on monthly plans
- Fewer streaming services supported
- No VPN apps for mobile devices (but can be used with third-party apps)
Refund policy: 7 day refund window with all subscriptions.
https://www.ovpn.com/
See the OVPN review for more info.
7. ProtonVPN – Secure VPN in Switzerland
| VPN | ProtonVPN |
| Based in | Switzerland |
| Logs | No logs |
| Price | $4.00/mo. + |
| Support | |
| Refund | 30 days |
| Website | ProtonVPN.com |
ProtonVPN is a VPN service that was launched by the team behind ProtonMail in 2017. Since its debut, ProtonVPN has made many improvements. Similar to Perfect Privacy, ProtonVPN is a privacy-focused VPN in Switzerland. And like some of our other top VPN recommendation, ProtonVPN also offers double-VPN servers through a “Secure Core” configuration.
While ProtonVPN is largely a privacy-focused service, it also supports some streaming services. It currently supports American Netflix, as well as Hulu, Disney+, and Amazon Prime video. Torrenting is allowed on most servers, although speeds were not quite as good as with our top-recommended VPNs (ExpressVPN and NordVPN).
If you want to combine a VPN service with a secure email, you can pick up the Visionary plan that includes both ProtonVPN and ProtonMail – but it’s not cheap. ProtonVPN also offers cheaper subscriptions, including a “Basic” plan at only $3.29 per month.
Main drawbacks of ProtonVPN:
- Speeds were below average with some servers (not consistently fast)
- Prices are above average for access to all servers and features
https://www.ProtonVPN.com
See the ProtonVPN review for more test results and info.
8. Trust.Zone – A basic VPN with good performance
| VPN | Trust.Zone |
| Based in | Seychelles |
| Logs | Bandwidth |
| Price | $2.33/mo. |
| Support | |
| Refund | 10 days |
| Website | Trust.Zone |
Get a Free Trial Here >>
(No payment info required)
Trust.Zone is a smaller, privacy-focused VPN service based in Seychelles, which is a good offshore privacy jurisdiction. It offers basic, user-friendly VPN apps for Windows, iOS, and Android with built-in leak protection. Additionally, Trust.Zone supports other operating systems through third-party apps, such as Tunnelblick and OpenVPN Connect.
Trust.Zone boasts a good selection of servers around the world, despite being a smaller VPN. Prices are quite reasonable at only $2.88/month with the two-year plan. When you pay with cryptocurrencies, you’ll get an automatic 10% discount. They are also offering a coupon code for Restore Privacy readers (see below).
Speed tests for the Trust.Zone review were good, with most servers around my full baseline speed. Trust.Zone supports streaming US Netflix and Hulu, and also does not restrict torrenting on their network. It is one of the best VPNs with a free trial, allowing you to test the service without entering any payment info.
There are two main drawbacks I found:
- Limited on features compared to other leading VPNs
- No custom VPN clients for Mac OS (see these other VPNs for Mac)
If you want to give Trust.Zone a test run, you can do so completely free for 3 GB of bandwidth or 3 days, whichever comes first.
Exclusive Coupon Code: For an additional 10% off your order, use this coupon code:
RESTOREPRIVACY10
https://trust.zone/
See also the Trust.Zone review for more details.
What is the best VPN for privacy?
Any of the recommended VPNs in this guide would be good choices for privacy and data security. They have all been tested and found to be secure (no leaks), reliable, and operate in safe privacy jurisdictions (outside of Five Eyes countries).
With the exception of VPN.ac, all of the recommended VPNs are no-logs services. Additionally, these two have passed third-party audits verifying their no-logs policies:
- ExpressVPN passed a no-logs audit performed by PWC and a security audit conducted by Cure53. Additionally, ExpressVPN passed a real-world test when the Turkish government demanded logs and then seized an ExpressVPN server, but failed to obtain any data.
- NordVPN has passed two separate no-logs audits performed by PWC in Zurich, Switzerland. It also has an ongoing partnership with Versprite to conduct infrastructure audits and carry out penetration testing to identify and fix any vulnerabilities. NordVPN has successfully converted its server network to only run in RAM-disk mode.
These VPNs offer multi-hop servers (the ability to encrypt your traffic across 2+ VPN servers). This offers a higher level of privacy and security beyond single-hop VPN servers:
- NordVPN: Double-VPN servers and Tor-over-VPN servers
- Surfshark: Double-VPN servers with 13 different configurations around the world.
- VPN.ac: Offers 22 double-VPN servers
- ProtonVPN: The “secure core” feature consists of double-VPN server configurations.
- Perfect Privacy: You can create multi-hop servers with every server in their network, with up to four servers. The NeuroRouting feature also routes traffic across multiple servers in the network.
If you are really concerned about achieving the highest level of online anonymity, you can also chain VPN services (using more than one VPN at the same time). This is discussed further below.
What is the best VPN for streaming?
One of the best VPNs for streaming is ExpressVPN. Here’s why:
- Full access to all streaming services. ExpressVPN provides the best access to all major streaming services: Netflix, Hulu, Amazon Prime, Disney+, BBC iPlayer, ESPN, HBO, SkyGo, and many more.
- Premium speeds to stream media without any pauses, interruptions, or buffering.
- Apps for all streaming devices, including Smart TVs, TV boxes, tablets, computers, phones, gaming systems, and more.
Below I’m using ExpressVPN to stream American Netflix from my location in Europe. ExpressVPN currently supports the following Netflix regions: US, UK, Canada, Australia, France, Italy, Japan, and Germany.
Aside from unblocking content around the world, VPNs are also crucial for protecting yourself against ISP snooping and potential copyright issues when streaming from third party sites or when torrenting. (This is discussed more in my VPN for Kodi guide.)
What is the top VPN for Android and iOS mobile devices?
We recently tested out numerous VPNs for Android and found the best one to be NordVPN.
NordVPN tops the list as the best VPN for Android and iOS mobile devices for three main reasons:
- WireGuard VPN protocol – This protocol performs the best on mobile devices that may go in and out of connectivity. Connections are quick to establish, very stable, and fast.
- Fast speeds – With the WireGuard VPN protocol and an upgraded network of dedicated servers, NordVPN is faster than ever before. It outperforms other VPNs and will give mobile users excellent performance.
- Great mobile apps – I really like NordVPN’s mobile apps (both Android and iOS) for two reasons. First, they are very secure with reliable leak protection features and strong encryption. Second, they include all of the main features of the desktop client, including CyberSec, WireGuard support, and all specialty servers.
ExpressVPN, Surfshark, and VPN.ac also offer great Android VPN clients.
How to get the best speeds and VPN performance
How can you achieve the best speed and performance with your VPN?
If you are using a top-rated VPN service, you shouldn’t notice a huge reduction in speed. Of course, the extra work that goes into encrypting your traffic across VPN servers will affect speed, but usually it’s not noticeable for regular browsing, especially if you’re using a nearby server.
Here are some tips for getting the best VPN speeds and reliability:
- Use the closest server possible to your physical location. This generally reduces latency and improves performance.
- Choose the least crowded server or “recommended” server. Some VPNs help you select the best VPN server by showing server bandwidth loads or having “recommended” servers based on distance and loading.
- Experiment with different VPN protocols. OpenVPN UDP offers the best mix of security and speed. WireGuard is the fastest VPN protocol we’ve tested. Trying different VPN protocols and encryption options may help to find the best fit for your network.
- Consider antivirus and WiFi interference. Sometimes antivirus software or other WiFi networks may interfere with VPN speeds.
- Use a wired (ethernet) connection rather than WiFi. Wired connections (with high-quality ethernet cables) generally provide faster and more consistent speeds than WiFi, and are also more secure than WiFi.
- Consider processing power. Processing power on your device may also be limiting speeds, especially if you are using a VPN router.
- Consider your operating system. I’ve found VPN speeds on Linux and Mac OS to generally be better than Windows. When using a VPN on Windows, sometimes the TAP adapter will interfere with speeds, as well as background processes/updates that take up bandwidth and processing power.
- Upgrade your internet connection. Your VPN will not be able to exceed the baseline connection speed of your internet provider.
As you can see, there are many different factors affecting speed. Experimenting with these different variables will help you achieve the best VPN speeds possible.
Are VPNs safe and legal?
First we will address the issue of safety.
If you are using a good, reputable VPN service that effectively secures your traffic (no leaks), then yes, a VPN is safe to use. But therein lies the catch because there are many unsafe VPNs on the market, especially when it comes to free VPN services, which we will explain further below.
The next question: Are VPNs legal?
In general, the answer is yes, it is perfectly legal (and normal!) to use VPNs, even if you are in places like China where VPNs are restricted. VPNs are used every day by businesses and individuals throughout the world for basic privacy and security purposes. Businesses rely on VPN technology and encryption for security reasons and it would not make sense for this to ever become illegal.
That being said, China currently has a “ban” on non-approved VPN services that do not go along with state censorship requirements, as explained in the China VPN guide. The United Arab Emirates and a few other Gulf State countries have laws against people using VPNs to evade state censorship. Fortunately, this is not an issue in Western countries, where VPNs remain a safe, legal, and popular tool. (But of course, none of this is legal advice!)
VPN jurisdiction and trust
If you are serious about privacy and data security, you need to consider where the VPN is based (jurisdiction). We have seen many examples of privacy-focused services being compromised by governments in the countries where they operate. This is often the case with the United States and United Kingdom, which are both members of the Five Eyes surveillance alliance.
Let’s examine the United States, for example, and how VPNs based in the US could be affected.
- The United States has extensive (and powerful) surveillance programs allowing authorities to tap internet infrastructure for bulk data collection. These laws give the different agencies tremendous power to snoop on and record your digital activities.
- The US government has a long history of working with (and forcing) private tech companies to facilitate mass surveillance and bulk data collection efforts – see the PRISM program.
- US VPN services could be served National Security Letters or other lawful data collection demands, while also being prohibited from disclosing anything to their customers through gag orders.
These laws and capabilities essentially give some governments the authority to compel a legitimate privacy-focused company to become a data collection tool for state agencies. If a VPN were to be compromised, it would likely happen behind closed doors, without a word (or warning) to the users.
Just take a look at the case with Lavabit. Rather than comply with the lawful requests for user data and encryption keys, the founder was basically forced to shut down the business.
The same circumstances unfolded with Riseup, a Seattle-based service that offers a VPN and secure email:
After exhausting our legal options, Riseup recently chose to comply with two sealed warrants from the FBI, rather than facing contempt of court (which would have resulted in jail time for Riseup birds and/or termination of the Riseup organization).
There was a “gag order” that prevented us from disclosing even the existence of these warrants until now. This was also the reason why we could not update our “Canary” [warrant canary that warns users about these events].
Ignoring jurisdiction (where the service is based) when selecting privacy tools could put your privacy and security at risk.
What about FREE VPN services?
“When something is free, you are the product.”
This famous quote certainly holds true for “free” VPNs because you are likely paying for the service with your private data, which is sold to third parties.
Free VPN services will offer a free product that collects your data for profit. Here a few well-documented reasons showing why free VPN services are risky:
- Malware – Malware is often hidden in free VPN services to collect your data. One study found malware in 38% of free VPN apps for Android devices.
- Tracking – Tracking libraries hidden in free VPNs are also used for data collection. The popular Betternet free VPN app was found to contain 14 different tracking libraries.
- Third party access to your data – Everything you do through a free VPN could be provided to third parties – and many VPNs explicitly state this in their privacy policies. Hotspot Shield was publicly called out for doing this by the Center for Democracy and Technology.
- Browser hijacking – Some free VPNs have been found to hijack and redirect browsers to e-commerce sites, such as Alibaba and eBay, through partner networks.
- Traffic leaks – This is perhaps the greatest risk for people using a free VPN because it exposes your identity. One study found that 84% of free Android VPN apps leaked user data, thereby rendering the VPN useless.
Safer alternatives include free trial VPN services. ProtonVPN also has a plan for one device and unlimited bandwidth.
Can I just use a third-party DNS provider rather than a VPN?
A lot of people recommend using a third-party DNS provider rather than a good VPN – but this isn’t a good idea, for a few reasons.
First, a third-party DNS provider is only handling DNS requests, not providing you with any privacy or encrypting traffic. Your real IP address remains exposed with everything you do online, even if your DNS requests are encrypted.
Second, your internet provider (ISP) can still see every website you visit (the IP addresses), while these websites are also able to see your real IP address.
In contrast, a good VPN will not only conceal your IP address and location, it will also encrypt and translate all of your DNS requests, which remain encrypted within the VPN tunnel. This secures your activities (browsing) from third parties, including your ISP, while also protecting your identity.
Lastly, a centralized DNS provider, such as Cloudflare, could be snooping all your traffic and handing this over to third parties. Generally speaking, this is not a good idea for privacy.
Can you use two or more VPNs at the same time?
Some people seek to achieve very high levels of security and online anonymity. In addition to using a secure browser, blocking trackers, and taking proper precautions with your activities, using two or more VPNs is also a good idea. Why would you want to do this?
Here’s why you may want to use two or more VPNs at the same time:
- You are effectively distributing trust between two or more entities, rather than putting all your trust in a single VPN service (all your eggs in one basket).
- Neither VPN will have both your browsing activity and your identity (IP address). One VPN can see your source IP address and the other VPN can see the websites you visit, but neither VPN could have both your IP address and browsing data.
- This will add more encryption to your traffic and also allow you to utilize more data centers at the same time (further distributing trust). Additionally, you can distribute trust by choosing data centers in different jurisdictions around the world.
- To de-anonymize you, your adversary would have to be working together with the two (or more) VPNs — and this is highly unlikely, especially with VPNs located around the world.
- Traffic correlation attacks become extremely difficult for adversaries when you are chaining VPNs.
Here’s an example of a savvy VPN user in Brazil utilizing a VPN server in California, then routing traffic through a second VPN server in Canada, both from different VPN services, to access a website in Europe.
Now let’s examine two easy ways to do this.
One way is to run one VPN service on your computer and a different VPN service on your router. This way, your internet connection passes through two separate VPN services. The connection looks like this:
VPN1 on your computer > VPN2 on your router
The method above is simple and easy to do. A fast and fully-featured VPN router we have reviewed is the Vilfo router.
Another way to do this is with virtual machines, which you can run for free using Virtualbox. To do this, just set up a virtual desktop computer running on your host computer. Then, you run one VPN service on your host computer and a different VPN service on the virtual machine.
When working on the virtual machine, your internet connection passes through both VPN services, like this:
VPN1 on your host computer > VPN2 within your virtual machine
Note: Running Linux virtual machines offers other benefits in terms of security, compartmentalization, and also browser fingerprinting. But it can be tricky and time-consuming.
For the truly paranoid and those seeking the highest levels of anonymity, chaining two or more VPNs is the way to go. You can chain as many VPNs as you like, but be aware that you’ll take a performance hit. Nonetheless, I can routinely get around 70 Mbps chaining two different VPNs on a 100 Mbps connection with different locations around the country.
What devices can you use with a VPN?
- Computers – Whether you’re running Windows, Mac OS, Linux, or even a Chromebook, you will be able to use a VPN on your computer. Installation and setup options will depend on the VPN service you go with.
- Phones and tablets – VPNs are also very popular on phones and tablets. Whether you are running Android or iOS, you will be able to use your VPN on any smart phone or tablet. Ubuntu Touch should also work with a VPN.
- Routers – When you install the VPN on your router, all the devices that connect to your router will be using the encrypted VPN tunnel – without the need to install VPN software on each device. The router will only count as one VPN connection under your subscription, even if there are numerous devices using the router’s encrypted VPN connection. There are some important considerations before you do this – see my VPN router guide for setup tips.
- TV boxes – Most TV boxes are built on the Android operating system. This means that you can install a VPN on your TV box using your VPN service’s Android app. Check with your VPN provider for instructions.
- Smart TVs – Whether or not you can use a VPN on your smart TV will depend on the type of smart TV you have and whether your VPN supports it. Android-based smart TVs can use an Android VPN app. Samsung smart TVs can be used with the ExpressVPN MediaStreamer feature.
- Fire Stick and Fire TV – VPNs can also be used on Fire Stick and Fire TV. For more information, see the best VPN for Firestick and Fire TV guide.
VPN Comparison Table
This concludes the best VPN report with the latest test results.
The table below highlights the top-rated VPNs that met all of our criteria. These services passed all tests with no data leaks, offer good speeds, reliable VPN apps, and strong encryption standards. Additionally, they are located in safe privacy jurisdictions and have an established track record and good reputation.
Stay safe, secure, and private in 2020 and beyond!
$6.67
(49% discount)
(30 day refund)
Review
(ExpressVPN)
$3.71
(68% discount)
(30 day refund)
Review
(NordVPN)
$2.49
(81% discount)
(30 day refund)
Review
(Surfshark)
$3.75
(7 day refund)
Review
(VPN.ac)
$8.95
(7 day refund)
Review
(Perfect Privacy)
$4.99
(10 day refund)
Review
(OVPN)
$4.00
(30 day refund)
Review
(ProtonVPN)
$2.88
(10 day refund)
Review
(Trust.Zone)
Last updated on September 19, 2020.
Nord is way too slow in the game. They’re still not fully RAM disk upgraded and they still don’t have two-factor authentication, both of which have been completed by a noob like Surfshark. It’s absurd that the only thing Nord has been doing the past few months is raising prices (It’s now $6.50/mo for regular customers without any coupons). As a Nord customer, I’m tired of their lack of interest in developing their product to at-least keep up with the competition.
UPDATE: NordVPN has confirmed that 100% of their server network is running in RAM-disk volatile memory (no more hard drives) as of September 2020.
I’m not sure I understand your comment. NordVPN is leading the industry in updates and is one of the few VPN providers that has fully integrated WireGuard into all desktop and mobile applications. This brings NordVPN users the latest in encryption upgrades and extremely fast speeds. They have also completed another no-logs verification audit a few months ago. Many of NordVPN’s servers are already converted to RAM-disk, but I can ask them the status on full completion.
Yes it is true, they are raising the standard price, but all Restore Privacy readers can still take advantage of the discount below, which gives you NordVPN for only $3.71 per month with the two-year plan:
68% Discount Coupon on NordVPN >>
Hi Sven!
I have used SurfShark (it’s very good) and have looked over Nord and Express too. One reviewer on another site raised an interesting issue that I don’t think you cover in your guide: transparency. For example, I can read up on the people behind IVPN but for some of the VPN’s on the market, three top-tier VPN’s who just happen to be the top three on your list, have no information about their leadership except for Express VPN’s V.P. Harold Li.
I find it very odd that they don’t disclose information about their management since doing so, in my view, can help establish trust in their product. Even some small outlets, like AirVPN & VPN.ac, do this as well. Don’t you think it’s odd that many VPN companies do this? Do you happen to have any insight as to why they do? Thank you.
I should really write an article addressing this issue because it comes up a lot. There are many advantages to leadership remaining as anonymous as possible. This is important so that they cannot be pressured individually by governments to give up data on their users. Governments can, will, and have gone after public-facing individuals behind privacy-focused companies, forcing them to compromise the service and give up user data behind closed doors. Just look at Ladar Levison with Lavabit.
Which VPN are running RAM disk servers-
1. Perfect-Privacy
2. ExpressVPN
3. OVPN
4. SurfShark
5. AzireVPN
6. WeVPN
And NordVPN is wannabe here.
On the basis of this Don’t you think Best VPN order should be-
1. ExpressVPN
2. Perfect-Privacy
3. OVPN
4. Surfshark
5. Private Internet Access
6. NordVPN
7. IVPN
8. AirVPN
9. AzireVPN
RAM-disk servers are just one factor for consideration. See the ranking criteria at the top of the page.
Which VPN are running RAM disk servers-
1. Perfect-Privacy
2. ExpressVPN
3. OVPN
4. SurfShark
5……
Please extend this list…
And NordVPN will soon be added to the list, they are partially done with the network update to RAM disk servers.
Got a response from Support today regarding their diskless ram servers and it seems that they don‘t use servers in ramdisk mode like it is mentioned in the review:
„ Hello, Brad,
Thank you for your letter.
Currently we using hard drive storage servers. However, our servers do not contain any information and the disks themselves are fully encrypted as well so that there would be no tampering.
You can be sure that we use the best available encryption methods there which makes our drives virtually secure. Nevertheless, we are exploring the possibility to use RAM disks and it is likely to happen in the future.
Let us apologize if that causes any inconvenience.
If you have any other questions, let us know!
Best Regards
What VPN said this?
Sorry, I forgot to mention. It´s from NordVPN.
Ok, good to know. They announced on their website late last year (2019):
“We are preparing a plan to upgrade our entire infrastructure (currently featuring over 5500 servers) to RAM servers. These will allow us to create a centrally controlled network where nothing is stored locally. In fact, they won’t even have an operating system stored locally. Everything they need to run will be provided by NordVPN’s secure central infrastructure. If you seize one of these servers, you’re seizing an empty piece of hardware with no data or configuration files on it.”
After looking into it, much of the network is complete and running in RAM-disk mode, but there are still servers that have not yet been transitioned. I’ll detail this more with the next update to this guide.
Sven, NordVPN prices jumped up to $5.75 per month. Big increase, should have bought it when it was cheaper.
Yes, they have adjusted prices recently, but you can still get it for $3.71 per month with the coupon on this page. Here you go:
68% Discount on NordVPN Two-Year Plans >>
Hi Sven, that coupon is no longer valid. As BuzzSaw posted, the price now is 51% off their regular price.
NordVPN runs these promos often but and I haven’t 70%+ off in a while though.
No, the coupon is working fine, but you might need to disable any ad-blocker or script-blocker that could be affecting the link. I just tested it in a fresh browser with cleared cookies and cache. It gives you 68% off the two-year plans, dropping prices down to $3.71 per month (vs $5.75 per month without the coupon).
Try using Firefox and restart with all Addons DISABLED. if you have any antispyware, U-block Origin, or Adblocker extension/program running you’ll need to disabe as it will clean the affiliate link.
IMO, there should be a coupon code, not referral or affiliate link especially since most people (at least to this site) use adblockers now.
I kind of like Nord because it has many, many servers. Unfortunately though, even though I am in the Americas their North American servers are quite slow regardless of encryption method used. Just for reference, I have Fiber internet so my speeds sans VPN are damn fast. The European servers are much faster than expected and ironically faster than the North American servers in my experience.
I don’t like the fact Nord won’t work “out of the box” when creating a VPN connection via Windows client. There’s quite a lot of work needed to set this up while with the competition it’s just opening up your VPN Module, entering the server address and your credentials. You’re then good to go. I know, some say to use the Nord client, but that’s not the point. I also prefer IKEv2 as it’s faster than OpenVPN. Anyway, I expect more for a premium VPN provider.
Unfortunately, Nord VPN hasn’t had any great two or three year promos of less than $3 month USD like they used to. At the time of writing, their most affordable plan is $3.71 for 24 months. That’s an increase of just over $17 USD.
I’m skeptical of IP Vanish and Shark doesn’t have the servers I need. Let’s hope Sven can negotiate a 72% off promo or under $3 month with NordVPN. If so, I’ll buy their 2 year sub. Then again, given that many are now working from home more than ever, I’m not sure if people subscribing to a VPN service would be a good or bad thing for consumers especially the more people who use a VPN, the more congested it becomes and speeds will suffer.
I use AirVPN. I have tried to verify them myself, and as far as I can tell they meet your criteria, but I would like to know what you think of them. They seem to pass all data leak tests, the use OpenVPN, the performance feels pretty good to me, and they are in Italy.
Hi, just wondering if there is any reason that Private Internet Access is not on your list? Its been around a long time and has a very good reputation. I chose it for my vpn and have no complaints. Is it one you have tested? Great site by the way!
Hi David. Indeed, PIA is a verified no logs VPN service, having been proven to keep no logs in two separate court cases. One big issue, however, is the jurisdiction in the US, which has proven to be a problem with other privacy-focused businesses, including Lavabit, Riseup, and IPVanish, where the US government forced them to collect data or shut down. Also, PIA was acquired by a company called Kape (formerly Crossrider), which has a history of producing malware. In addition to PIA, Kape also bought up CyberGhost and Zenmate.
So I had pia but they started doing full page advertisements when opening their app. On a paid subscription. Dropped them fast.
Thank you Sven and team for a very valuable site and service to us all. I plan to begin supporting your work regularly. As I have clicked on the links to ExpressVPN.com and NordVPN.com, I get the message for either site that it is not a secure connection, that the certificate is invalid, and that no encryption is enabled for either one. Even in Firefox if I say to continue anyway, it won’t allow me to go there. Is this common for VPN sites to not have valid certificates, not have secure connections, etc? Any idea how I can get there, and why it is saying this?
Hi there, this is strange because I’m not seeing anything on my end. Sometimes if the time/date is incorrect on your operating system, it can result in persistent security certificate errors. Other than that, I’m not sure what could be causing the issue.
I’m having the same issue and the reason is that my google router blocks traffic to that website as a part of its antivirus software.
To fix: whitelist the websites, or remove whatever category it sees it as (ex: dark web, hacking, web proxies, vpn [categories from my antivirus]).
If that doesn’t work, it might be the local antivirus blocking it or out of date browser.
Same issue here on iOS, but not on PC. Could be my adblockers. I’m using Refine and 1Blocker on iOS.
AdGuard now has a VPN. Have you tested it out? If so, what are your thoughts. And Thank You for this site.
We have not tested it.
I just saw that VPNArea is removed from this list. Any particular reason for that?
It just didn’t quite make the cut, but it’s still a good all-around VPN. We’ll be updating this guide soon and perhaps including it again.
very informative
What a great site Sven! Thanks for the illuminating information. I’m trying to educate myself enough to make the right VPN choice.
You mention that “Cloudflare is … popular with many websites, including some VPNs”. Is this something to be concerned about, and if so, which VPNs from your list use Cloudflare? More generally, is there a guide to explain to me (non-network or security savvy) how to determine if Cloudflare is being used?
Cloudflare is just a CDN used for the website itself, not the actual VPN. A CDN (content delivery network) just makes the website load faster for people around the world and has nothing to do with the actual VPN itself.
OUTDATED Pricing information!
Just a heads up to everyone. Nord has just lowered prices on two year subs. See here:
For a limited time, the 2-year NordVPN plan is as cheap as the 3-year plan
Hi Sven! WeVPN is a new provider that looks good. Perhaps give it a review?
[https://wevpn.com/]
Hi Mike, we’ll keep it in mind.
Hi Sven,
Thank you for this amazing resource.
Have you tried VyperVPN? Bit surprised not to see it mentioned here.
Cheers.
VyprVPN review
Reply @Swen : Thanks, so its time for the People to let Mozilla know, they are doing it wrong. Its Time for People to gather and to stand together. Its also urgent, to let VPN Providers know ” cloundflare involved means Audit not Passed “, regardless of the rest (just my view), because if People really want their Privacy, then the Possibilities to break Privacy should get minimized, not allowed.
DNS Crypt is a good start for privacy, i prefer DOT, DOH is only ok if we dont use goog,CF public servers.
Firefox i use is torb with js deactivated at config settings, so even with a corrupt noscript it wont be running js based exploits.
there is for normal firefox versions a addon ” cloud firewall ” it blocks cloudflare , goog, aws, ms =helps a lot
With The Opera wannabe VPN browser i did the following:
-Installing addons ; ublock, user agent switcher
-Firewalling : connections from opera allowed only to the 77.111.247.0/24, no updates, DOH dns with unknown provider. minimizing data.
Hi Sven, what do you thing about dVPN services like Sentinel or Lethean or Mysterium that kind of Blockchain VPN are more secure than normal VPN services like NordVPN? because if you want to use dVPN you must to share your node.
Thank you !!
I haven’t looked at these too much, and I’m not sure adding “Blockchain” to VPNs adds any value.
@Sven , javascript is requiered to be able to reply to a comment, is it possible for you to fix it for privacy enthusiasts ? apart of that, thank you for your good work for Privacy, appreciate.
@VPN Researchers :
Cloudflare is a well known (documented) Enemy of Privacy, known to break SSL, been a MITM, exploit TOR and break Anonymity, while at the same time they hide Email Spammers (domains) and other “unethicals” , so my Questions now are: Why do you think, some of the VPN`s on this List hide their Website behind Cloudflare ? What kind of Data does CF collect about Visitors and their Signups? Are Facts about CF not part of the Audits? Who and how is been looking into this?
Hi Rebel, we can look at JS commenting alternatives.
Yes, there are many issues with Cloudflare. The fact that it is an easy CDN to use to speed up your website across Cloudflare’s network is the reason it is popular with many websites, including some VPNs.
Note that Firefox has also partnered with Cloudflare to implement DNS over HTTPS (DoH), sending all DNS requests through your Firefox browser to Cloudflare, which logs these requests (i.e. all the sites you visit). This is supposedly a “privacy” feature because it prevents your ISP from translating your DNS requests. But it’s pointless because your ISP can still see every website you visit (if you aren’t using a VPN) and then a large US company gets all your browsing history. Insanity. Firefox is implementing this “feature” by default now, effectively giving Cloudflare the browsing history of all Firefox users (unless you disable it).
Hi Sven! What do you think about Tachyon VPN (and tachyon protocol)? It looks very promising.
Ok, I recently took advantage of Covid, and decided to test and upgrade my VPN. I’m in a good urban location for very solid and fast internet service. I’ve used VPN.AC for a while. It’s very solid, but the speeds have been dipping slowly and consistently. They recently upgraded their Smartphone app and the speed has improved. On PC it is lacking still. I tested Nord and VPN Express. Nord is faster than VPN Express btwen 5 to 15 mps better. This confirms Sven’s numbers. I tested some European counties and the same. Nord is faster by 5 to 15mps. One thing that is a peeve of mine is, if any of my VPNs isn’t on, I prefer and like that all internet traffic is off. VPN.AC and Nord perform this function well. If the VPN is off, no internet traffic is allowed to pass, on both phone and PC. VPN Express, however, had different results. On my phone all traffic is blocked. On my PC, it wasn’t. I was allowed to still surf if my VPN was off, and all internet traffic flowed with the VPN off. I contacted Support, and was told this is suppose to happen. That the kill switch is only activated if the VPN is disrupted, or my internet traffic is. To me, this defeats the purpose of a kill switch, if traffic is still flowing with the VPN off. Coincidentally, I was also able to run both Nord and VPN Express VPNs, simultaneously, with a live internet connection, while on my PC. Didn’t test on my phone. That probably should never have occurred; and my VPN Express kill switch was on, too. When using Nord and VPN.AC, one VPN will not work if the other VPN kill switch is still on. I feel this is a good safety net to have, when using a kill switch. A check and balance if you will. I haven’t tested Nord and VPN.AC, with both kill switches off. Another thing I found disturbing is this, when using Nord. I’ve been testing speeds on OKLA nonstop. I connected to the Netherlands, and OKLA detected my VPN server connection as being in Mogadeshu (sp?) Somalia, and then another server in Somalia, when I reset OKLA, while still connected to the Netherlands. There are many times on Nord when I connect to one US state or local, and end up in another one. The VPN server location was shown, as I was testing on OKLA. Maybe this was a glitch or error by OKLA, but if not, it’s not very reassuring, and, this can be dangerous, if I’m connecting to a server in Somolia. This is the only major downside to Nord for me. The speed for NORD is better than VPN Express. I think it needs to be a little more consistent tho. VPN Express is consistent, but the kill switch is a major pitfall for me. To me, if internet activity is still on when a kill switch is activated, and the VPN is off, it kind of defeats the purpose off making sure all internet activity is sent through a VPN tunnel. VPN.AC is superior in these areas, but, it’s becoming too slow, and getting slower IMHO. And, we all need internet speed. The upside to all of my testing is I had found out that my ISP is toggling my speed, when I am using a VPN. Caught them guilty when my VPN speed dropped from 116 mps to 55, from my initial first to second speed test. I’ve never reached 116 again. Same with the other new VPN, but I topped out at 89mps. They denied this of course. My base speed is 750mps on pc, and 450mps on wifi. Time to replace my ISP. Sven, thank you and your team, for your consistent effort and work to educate and inform others, on the many pitfalls and dangers of, VPNs, personal privacy, and big bother tech. Thank you for all the hard work!
All of my testing to date has been done using the UDP protocol. I tried using the NordLynx today, and for my PC, the speed jumped up close to 500%. Prior, I was averaging 50 to 55mps. Using NordLynx on my PC, i reached an average of 255mps. NordLynx had no effect on my phone, same numbers.
Proton VPN is now on F-Droid.
My wikipedia accounts are getting ip blocks for using VPNs. Can you suggest any idea to evade Wikipedia blocks.
Yes, a VPN with a static IP will solve that problem.
Hello Sven,
I have noticed that a well-known VPN provider is missing here which is Mullvad. Have you ever tested Mullvad or if you have not, is this something you could consider to the future?
Yeah there are a lot of VPNs on the market, and things are changing all the time. Mullvad is a Swedish VPN and has a vocal following on Reddit. I think OVPN (OVPN.com) is a better service in Sweden with multi-hop support, anonymous payment options, WireGuard support, no logs, and more. AzireVPN is another good VPN in Sweden. All three look good. We plan to do full reviews for all these VPNs, in addition to updating old reviews and guides, but it all takes time…
Sven, since you must approve posts before you allow them to appear, please add a character or word count limit on comments. Most of us don’t want to read an essay in the form of a comment or reply especially if goes off topic. Thanks
Yes, point taken. I usually clean up the longer comments when I do updates.
Hi Sven,
Maybe you should do the “Read More” on the long comment and shouldn’t completely hide long comments if the content is valuable or knowledgable. I’d read comments for information and knowledge as well.
Thanks,
If you don’t want to read it, skip and don’t read it. It’s not like someone is forcing you at gunpoint.
How did you determine “Most of us”?
Thank you for the quick response and explanation.
That does make a lot of sense, especially knowing that Surfshark is relatively new.
Keep up the great work, it is hugely appreciated!
I’ve been trying out a few VPN’s to see which one I will choose. I have a question regarding Surfshark. When using Surfshark and I go to http://www.ipleak.net, it shows a geolocation of London when I am supposedly connected to Seattle. Is this normal? Is this a problem with Surfshark? What is going on? It has happened to other locations I’ve tried too, but not with ExpressVPN, PIA, etc..
Please enlighten me.
Thanks!
Hello, this is nothing to worry about and it is not an IP or DNS leak. What you are seeing is just an outdated record for IP address location, which is kept up by third-party databases, such as RIPE. This sometimes gets out of data when a VPN purchases new IP addresses and assigns them to different locations than before, and the RIPE databases take a while to update.
https://www.ripe.net
As long as you aren’t seeing your ISP-assigned IP address, there is no leak or issue.
Hi Sven,
That’s enlightening. Just how frequently would you say a bank of IP addresses ranges can be changed? How are they assigned in the first place? Then as the general principles would dictate for a geo-location for a servers IP addresses of a VPN service in that non-hostile location?
I’d of though as VPN companies would be locked in to these IP addresses banks or range from their own – I guess ISP (like us), or a regional servers (lessor contracted with) where they don’t own the facility or equipment. In which the VPN service network works through that location and it’s IP address being assigned through their lessee servers lease agreement.
That’s a path you’ve not explored for us.
As I’d sometimes opened 3 or 4 of “What’s My IP” sites before and at least one of them read different from the rest. Then not really understanding at first, but reading we have an internal and external IP.
https://lifehacker.com/how-to-find-your-local-and-external-ip-address-5833108
The internal IP address, is used on your local internal network (devices connected to your router) and the external IP address is used when (your router) communicates with machines (servers) on the Internet.
Thought maybe one of the 4 sites I’d used to the checking on – Whats My IP, was reading my real or maybe my internal IP address. Glad to see you have shed some light here.
You recall the piece done by Mirimir – ‘Lies vs Statistics: VPN Virtual Server Locations’, threw some gray shadows over the VPN industry.
Least for me it did.
Very few VPN’s seem to actually be set up to where no one in 3rd Parties as an outsider hands have any contact with your data.
How many VPN’s can or do state as they own and operate 100% of their VPN servers infrastructure – not many by my count. That leaves people with very little assurances they will be dealing with only one company’s hand to have any access of their Internets data’s.
That’s a grim privacy landscape when you see – “70 Percent of the World’s Web Traffic Flows Through Loudoun County”
https://www.washingtonian.com/2016/09/14/70-percent-worlds-web-traffic-flows-loudoun-county/
Thanks Sven please do share or make a 101 guide for users to understanding a VPN’s structure in 2020, companies assets and uses of, IP addresses, data centers, server farms. In which the VPN used or established networks to it’s interstructure is solely owned by themselves or being leased from outsiders. Please draw a distinction of the offered VPN services here who own their entire networks. Maybe to tying it into the users subscription price as not just one company that can access the users data’s but may be others just as likely to have that access.
Yes, Mirimir did investigate the issue a bit with the Virtual Server Locations article. He had this to say:
Autonomous systems (mostly ISPs) obtain IP addresses from Regional Internet Registries (RIRs). And the registrations do specify geographical locations. When firms configure their servers, they setup accounts with one or more ISPs, and lease IP addresses from them.
Independently, firms register domain names with various domain name registries. They provide organizational and contact information. And they also specify name servers, which map their domain names to IP addresses that their ISPs have delegated to them. The Domain Name System (DNS) hierarchy collects that information from name servers, and makes it generally available.
If you’re using a VPN to bypass geo-restrictions then yes, you have issues if the country of the outdated IP address is not reflected accurately. For example, I might want to watch to do my banking in Hungary for example but even though I select Hungary as my VPN server, but it shows Argentina we have a problem.
Hi Sven Taylor,
Have you seen AdGuard’s VPN?
In the ad and dns blocking system, they are very good and have a good policy. Can we trust their VPN too?
Excellent website, quality and important content.
Hello friends, I’m here again. Moving on to leave another personal review. A few days ago I started using TorGuard and I’m really enjoying it. Great features and very good speeds, unique torrent, great server too, not used in NX. For users in Brazil I recommend. Is it possible to review TorGuard?
See you
TorGuard does not meet the requirements to be recommended (based in the US), but we’ll get a review of it up sometime soon.
I live in Brazil. I purchased the Surfshark and it works perfectly. I sent an email to the support that answered me in 15 min !!!! Very satisfying experience.
Hi.
Again first I want to thank to Sven and everyone who makes and writes in this website for the great contributions they make. It’s solved a lot of things for me and help me much.
I have used some VPN services: VyprVPN, ExpressVPN, Perfect Privacy and VPN.AC. But my prefers are Perfect Privacy and VPN.AC.
In VPN.AC and Prefect Privacy I like much the work of the killswitch. Also I think it’s important both of them use dedicated servers.
Actually I’m use VPN.AC. The work of the app is good. From Europe I can to connect with all the servers I use without any problem (I use much of the servers of the VPN.AC but not all). Once a server was not working, I sent a ticket to support and in 2-3 days it was fixed. Also I like the explanations of the company regarding your VPN.
I have a question. If most of the VPN don’t keep activity logs in the servers, which is the reason for using in some cases servers running in RAM-disk mode?
Thanks !
Regards.
I think there are many reasons, but one reason is that it protects VPNs (and their customers) if the server were ever to be seized. Since it’s RAM memory, no power = no data, unlike with hard drives. I know this is exactly what happened with Perfect Privacy when Dutch authorities seized a server Rotterdam a few years ago. ExpressVPN also had a server seized by Turkish authorities. ExpressVPN explains other benefits of RAM-disk servers here.
Hi Jack Sea
I like the way you look at VPNs. There not for espionage or hacking into others. As they a VPN will only aid in IP obscurity for cyber citizens or the average web user folks in their online privacy where they’ve discovered that the Internet is a pipeline into our personal data. Enough so an industry had sprang forth to capitalize on it – our data’s.
As all VPNs, they don’t offer users an uniform as in (OS,browser,extension,) of their appearance other than that one fact in changing IP address against today’s data’s collection techniques. VPNs inherent functionality normally doesn’t replace/filter a devices TCP packets in protecting against any TCP timestamp attacks. VPNs can track and save all your connections steps as they control the servers in the VPN you elect to use.
Prefect Privacy and other higher priced VPNs out there don’t register with me, and that’s because for their priced asked, I can get and run two VPNs like the quality of VPN.ac and have pocket change leftover for + VPNs if I wanted.
The quality and service of VPN.ac is my standard to measure another VPN service and it’s client against. Catching the VPN.ac = BF – CM sale here and the multi-years price carries over at all your future Biennially renewals. At $2.06 a month it’s a steal on it’s quality.
Sure I’m in the Midwest of the US so servers to choose from makes a difference and the VPN service covering more servers here is a bonus to me.
Thought, I had found another good VPN as I’ve compared them against VPN.ac but, nope it only seemed to looking good on paper, as I’ve called these pro’s out in that different VPN topic. https://restoreprivacy.com/virtual-server-locations/#comment-62992
It’s name is VyprVPN, don’t ya get me wrong as it works with a fair client but, it can be slow at times and then the virtual servers ‘point’ as made in the other topic may be some to the reason way.
See the image: [https://postimg.cc/WDwtR2tg]
I don’t see this high ‘ms time’ a lot maybe 6 times since BF 2019 with Vypr but it makes you question what’s going on there? Usually the ‘ms time’ is between ’35-90ms’ here for me of it’s close servers on Vypr service.
As Sven mentions in reply in the other topic – “ProtonVPN CEO told me they use only dedicated bare-metal servers in the (true) locations they advertise, similar to Perfect Privacy and VPN.ac which were tested. (Due to time constraints).
Happy to see you find good value as well great service from VPN.ac with it’s excellent client that’s the icing on the cake for about a 5th of the price in what a VPN can actually do.
Indeed, only I want is online privacy. To see my emails, make purchases online and such things.
In addition to price, I consider security and trust to be important when you use a product. Perhaps the fact of using dedicated servers is something that I value very much. the only drawback to this is that it is more expensive and therefore fewer servers are used but I think it is more secure.
Everything will depend on the number of servers a user needs for their activities and if the things they want to do online the server allows them to do.
When the VPN service uses non-dedicated servers, there are a greater number of available servers and that is an advantage, since you can choose from more options.
I think that all VPN services have their advantages and disadvantages. For each person, there is one VPN service better than another. For tastes the colors …
Love this website. Had to search a bit for the Surfshark review though. The link in this article points to the actual Surfshark website, when it probably should point to your excellent review.
Hello friend thanks for your work
Let’s use my experiences
ExpressVpn – Only vpn that works in Brazil correctly (all use)
NordVpn – Works for videos on demand, browsing, does not work in games (ping)
Surfshark – Incredibly it didn’t work on Brazilian servers since the first day, I tried to solve it on the support it didn’t work until today.
All were quick in support and refund
For Brazil I recommend only ExpressVPN
Sven, would you put Surfshark VPN on this ranking list, instead of any of these?
Yep, working on that now. Surfshark did very well in testing.
@Sven,
I ran accross this info and it really spells out a great amount of information.
I don’t know if this should be linked in the main body of the review or not but it did give some insights.
https://protonvpn.com/blog/threat-model/
Sir can you do a review on HideMy Ass VPN.. Kindly notify me when you are done. Thanks!!
It’s here:
HideMyAss (HMA) VPN Review
Hi Sven! Just came across your site tonight… thank you so much for all the work you put into it.
I’m so glad I made the choice to go with ExpressVPN. (Seeing all these Youtubers promoting NordVPN kinda ruined them for me.)
So, as a VPN novice, I have some questions for you!
1. “Use the closest server possible to your physical location”
Does this mean if my city has a server, I should use it? I’ll get quicker speed, but will my location be protected still?
2. Sometimes I like to bypass the “this content is unavailable in your country” by choosing a US server. Since ExpressVPN is situated in the BVI, that means the US can’t get their grabby little hands on my info?
3. DuckDuckGo… I like it, but does the fact that they are U.S. based mean I should be concerned?
4. Gosh, you really have to pay attention and get up to speed with some of this stuff… just went and uninstalled Opera & Epic; they were my 3rd & 4th choice as back-up browsers.
5. Sometimes, I have to use Safari. However, the uBlock Origin app is no longer compatible with it. Do you think Ghostery is an apt substitute? Or is there another extension you’d recommend instead? (I heard that configuring privacy.firstparty.isolate = true breaks Paypal, so that’s why I still keep Safari around as an option.)
** please guide me to the appropriate channels if you’ve already addressed these issues!
1. Choosing a server in your general area will give you better speeds then a server on the other side of the world. There are other factors at play, however, but the general rule holds true. And the encryption (protection) will be the same with all servers.
2. Correct, ExpressVPN will never be under US jurisdiction and is safely incorporated in the BVI.
3. See the Private Search Engines guide.
4. Browser recommendations and tips are in the Secure Browser guide.
5. Not sure on this one, but Ghostery seems to be an OK option. I like AdGuard as well.
at blush,
#5 PayPal will limit your account to being essentially non-usable, if it finds your active behind a VPN connection while making online purchase. It happens as you can pay for a vpn with PP but can’t login to your PP account and then pay an online merchant. As it deems it’s fraud in it’s own messed up and only stupid ideology way. Why is this I haven’t a clue… Cases are on the web shouting about it.
USE a prepaid card like am express serve or bluebird or prepaid debit card if you can’t use paypal.
Very good reviews. Have you or do you plan to review Surfshark? The features they have look very impressive and they seem on park with Nord or Express.
Hi there, great reviews and recommendations. I wonder if you can tell if PureVPN is good, bad or worst too? I know you get this a lot but only if you have the time, I would appreciate this. Thanks
Hi David, PureVPN has some issues. Aside from the data leaks I found when doing the PureVPN review, there was also the case of PureVPN logging user data and handing it over to the FBI, while claiming to be “zero logs”.
Hello, Sven. I just found that Nord have supported Router installation. I would advised you revise this (and related) article.
source:
https://support.nordvpn.com/Connectivity/Router/1087269942/Which-router-should-I-use-with-NordVPN.htm
Yes, NordVPN, and generally all VPNs for that matter, work with specific types of routers.
Been using ProtonVPN for over a month now and I really like it. What it does not do however, at least not in any way that I have discovered, is allow Netflix.
I have the Plus account and I’ve tried multiple US “Plus” servers at varying times, without success.
Ray, you should be able to find the exact servers to use by emailing ProtonVPN support.
Sven, should I have any concerns with the payment method when hiring a VPN service? Which VPN service accepts payment by bank slip?
No, I don’t think there’s any reason for concern. Most accept credit cards, PayPal, and Bitcoin, although I’m not sure if any of these accept bank transfer.
I don’t think I made myself clear. English is not my primary language.
I meant that it would be better if I could pay the bill at the bank in cash. That way, the vpn service would only have one email account to keep. No transfer.
That’s better than believing that the vpn service wouldn’t deliver your payment information to the authorities or leak it.
Is there that risk? Specially with a credit card? Thankx
Sven,
Search the web for complaints of people using PayPal while connected to a VPN service and their PP accounts then limited as a result.
PayPal’s got one stuporous policy regarding your VPN usage.
Sure you can pay for a VPN subscription with paypal but it’s only time till you find out your PP account has been limited by them.
I was told it’s for my VPN usage in my other PP transactions was the reason.
Asked me why I would want to hid that information to a secure payment.
I said because of all the breaches in the last few years why not be as protected as possible.
FlashBack – – I went through this about a year and half ago with PP.
Ended up closing both my eBay and my PP accounts because of it.
Then recently I’d called PP for a payment dispute and forgot about which phone to use. That wrong phone used and in talking with an agent has hooked up both the old and my current PP accounts and now being limited once again.
*You can use PP with a VPN connected but the kicker is you can’t log in to your PP account to pay with it.
Though, if the merchant takes PP as a payment method you can pay with PP by not logging in to your PP acc and by entering your CC information through it’s own sites PayPal payments processor via CC.
Last time – I’d just had changed banks and got another phone and it worked till I called PP with the old accounts linked phone, that I had prior asked them to close out as I was done with them for their policy on VPN use.
They didn’t because my account was in limited status.
***I feel I shouldn’t have to prove my identity by sending a copy of my states ID and whatever else they wanted besides it – after having a 1 1/2 years record of making good cleared purchases that raised no red flags. Then about 3 years prior on the other (old) PP accounts time frame and not one red flag till a VPN’s use is discovered.
Thoughts ??? Stupid policy or any merits in a no VPN connection to paying through your logged on PP account.
Hi Sven,
I do hope you have related my post above to my mentioned Dec 7th *Secure Payment – for an addition of need to your Privacy Tools knowledge page. This I think may help you for some of that.
https://restoreprivacy.com/privacy-tools/#comment-61987
– PayPal Holdings Inc. is an American company operating a worldwide online payments system that supports online money transfers and serves as an electronic alternative to traditional paper methods like checks and money orders.-
https://en.wikipedia.org/wiki/PayPal
I don’t know where PayPal fits in the payments channel as rank of the powerful – liken to (Ex:FB,M$,G).
But Braintree was acquired by PayPal (2013) with the goal of providing world-class payments globally.
https://en.wikipedia.org/wiki/Braintree_%28company%29
PayPal is out there everywhere but such a low talked about company or category for privacy – more for security of payments.
A review can look at peoples privacy aspect from their using online secure payments and payment gateway’s. Might be due or wise to include other means of payments as it expands – see below.
Then I noted 2019, they launched Braintree In-store Payments and began helping bring virtual storefronts to life.
https://www.braintreepayments.com/about-braintree
I was wondering Sven, of our privacy aspects when online purchases are made and then having used most of the other Privacy Tools / advise of the RP site that’s given us knowledge of – and are employed.
Do we fair any better or what’s known in the Pro’s & Con’s of our privacy expenditures that can remain and what can’t – to shop online securely – but not necessarily privately…because of required info you must give – name, contact, payment, address.
Thanks a great deal.
Hi HardSell, yep, that’s a good idea for a guide. Real quick, you may want to check out Privacy.com. It allows you to create virtual credit cards, which you can use with any name and address (real or fake) when purchasing things online. It’s also good in that it allows you to set limits on transactions, cancel cards, block transactions through limits, etc. You may want to check it out.
Hi Marcus Aurelius,
Bank slip ? – a Bank transfer if it’s close, you’d probably have to check with your bank first for international transfers information – then go after a VPN in researching the one you like in offering payments by that method.
I guess your not concerned with any possible linking of payments to a VPN users account. I’d say there’s a trail here in using bank transfers.
Most VPN’s as Sven’s already mentioned take credit cards, PayPal, and Bitcoin. (All still are link-able transactions I’d say in different degrees back to you).
Simplest way I’ve found for myself in the US as to pay outside the US, is with store gift cards bought with cash – leaving no trail back to me in the VPN account.
A lot of VPN’s take payments globally with PAYMENTWALL.
In the US “PAYMENTWALL” if an accepted payment by a global VPN service, PW accepts here of Credit Cards, Mint, and Openbucks.
Openbucks is a prepaid payment card system that enables online merchants to monetize and accept cash payments from consumers who do not have credit cards or prefer not to use them online.
Openbucks has partnered with major retailers in the United States and Canada such as CVS Pharmacy, Dollar General, MoneyGram, Canada Post and more to allow consumers to use their gift cards or POS to convert cash to an online form of payment accepted on thousands of third party online merchants.
For your country use this link below to see what are the payment options that PAYMENTWALL accepts for it, and narrow the VPN field down for yourself as of any payments options to your anonymity – like the gift cards bought with cash are for me in the US.
https://www.paymentwall.com/en/payment-methods
Thanks HardSell . I ll check
@Marcus Aurelius
Your welcome and I hope you find a way.
Hope you enjoy the RP site.
@ Sven,
Have to reply here as the reply button is down.
I agree. Having them on the team is a huge help and what I said was not to diminish their work at all. I was just commenting that even with the three of you, you could almost have four more and have enough work 😃.
True enough. On comment replies, try clearing your browser cache, closing out, then reloading the page. That should hopefully fix it.
@Sven,
That seemed to have fixed it. Thanks.
@ Sven,
Based on your comment below, I imagine you could use about three or four extra helpers.
Hopefully you can get that help as this is a big job for sure.
Indeed, but fortunately, Heinrich has joined the team and Mirimir is working on some advanced online anonymity guides, so I appreciate their help as well.
Hello there, Sven !
I was wondering what you thought about the company Pine64 and their products. What they propose seem like a good way to possibly protect against spying at the hardware level (such as with Intel or AMD processors).
They will lauch the PinePhone soon which is also linux-based.
Happy new year to you !
Yep, very cool. I’d like to get a PinePhone to test out. It has hardware kill switches as well and is very reasonably priced.
I couldn’t see what service they work on. Any idea how to get them on all services or are there limitations?
I haven’t looked into it too much yet, but I’d assume they’d run fine on any cell network.
One thing that does concern me is a number of the providers are still have servers based in Russia, yet Vypr, NordVPN & ExpressVPN all left Russia publicly, after receiving letters from their communications watchdog, demanding encryption keys…or else.
Kaspersky & Hotspot Shield (for what they’re worth…) have both given in to Russian government demands, yet Proton, Perfect Privacy, VPN Area & Trust Zone all maintain a presence there.
Did the Russian government simply miss them? I just can’t believe that, an authoritarian state like Russia just doesn’t make a mistake like that, nor can I believe they’re not enforcing their own rules, after making noise about it before.
Thoughts?
I think some VPNs operate under the radar, and others can’t because they are too large and high-profile. I’ve seen Perfect Privacy comment in their forums on this issue. They haven’t gotten any flak from the Russian government, but will pull out when that day comes. The VPNs you mentioned (Perfect Privacy, ProtonVPN, VPNArea, and Trust.Zone) are pretty small compared to ExpressVPN and NordVPN.
So glad I found your website. Your favorite vpns for privacy does not have nord but they offer multihop. Is express encryption that much better? I dont need super high speed so I am trying to decide between the two.
ExpressVPN and NordVPN both use strong encryption standards and offer good leak-protection features in their apps. NordVPN, however, also offers multi-hop (double-VPN) servers and Tor-over-VPN servers, as well as a CyberSec ad-blocking feature. So NordVPN is also a solid choice, and it has passed a third-party audit.
Just a quick note about ProtonVPN. I just received an email about their new app for Android. It now supports OpenVPN protocols.
The only thing I really wish they would do is to put their app either on F-Droid or have the APK for download right from their website. Maybe one day. I will wait until I can get it from APKPure.
Follow up: They do have the APK’s if you wish to get it straight from the source. I emailed them this morning and by this afternoon I was able to have the APK, downloaded it, installed and changed to OpenVPN protocols.
It is automatically chosen to run on a the IK4 (I think) protocol. Before you access a server, you need to change this under settings and then access the server. Will still have to play with it to see what it can do.
It is actually IKEv2 protocol.
Hi Sven, I am reading your websites, almost when it was first went online. And, it’s impressive for sure. But I wanted to ask you something. I have subscription of both ExpressVPN(for streaming services obviously) and Perfect- Privacy. Recently I got interest in Qubes-OS and switched to it for some days(20 to be specific) but I found it hard to use VPN with it ( frankly, did not get a hold). Can you advice on using VPN in Qubes.
Qubes routes traffic through the Tor network, which will be extremely slow.
Hey Hardsell.
Thanks for that info.
That’s not the problem though. When it works, it works fine. It’s when it doesn’t work; then it’s the problem. I’m am totally against troubleshooting software, particularly when I am paying a premium for it. When I was using PerfectPrivacy I never had such issues…..the only reason I stopped using them was because of the Netflix issue.
I’m going to try out ProtonVPN from the end of this month – hopefully it will be better.
Hey Ray,
Thanks, I do try to give help and I to dislike troubleshooting as well when I’d first have to learn digital troubleshooting skills to carry any out.
I should mention then, to by-pass VPN.ac as for me it drops a connection and seems to crash the client all at/within the same time. Using US servers in the US…
This had started sometime back with the kill-switch enabled and as I was getting the yellow network warning icon in the taskbar of windows (it’s VPN.ac client v4.0.7).
[I had run a few different branded VPN clients and services in years prior – Never witnessed the triangle warning before I’ll say on any Win box]
It wasn’t dropping the connection as often (back then v4.0.7/v4.0.8 clients) – just visually disturbing to see some connection error from windows while running with the VPN.ac service.
I opened a ticket or two and understand VPN.ac has since re-worked the kill-switch some. Fixed – not to me as it still drops out today worst than when I first reported of the triangle warning issue in windows. Back then it wasn’t a connection issue – just enabling the kill-switch gave the triangle warning in windows.
My particular trouble I’ve attributed to the mobile data internet’s speed I was getting from Sprint to the hotspot delivering internet to my PC over a USB cable. But that would be wrong because it’s happening on my cable’s internet today.
Before that and 3 years prior of the past, I had been tethering business grade Sprint mobile internet from my smartphone, USB cabled over to my PC.
With about three different VPN’s usage it’s only VPN.ac as the only one I had dropouts with. Then the client started crashing and would close after their support worked on it.
Even today running without the VPN.ac kill-switch enabled on their latest versioned VPN.ac windows client and with a little faster cable’s internet service it still drops connection and crashes randomly.
If I were a troubleshooter I’d probably look at VPNCheck Pro – (another kill-switch) type of software, I’m running as having some conflicts because I’ll have to take it offline (close it) to get VPN.ac client back online at most times.
VPNCheck Pro I’ve used for quite awhile now not so much for it’s kill-switch functions but, for the gray noise I can create from my system using it.
[[ Why is Computer ID protection important?
Did you know you’re exposing yourself on the network even if using VPN. It is possible to find out who you are by looking at your Hostname, Computer name or MAC address by those on the web or local network. ]]
http://www.guavi.com/vpncheck_pro_computer_id.html
It has other features (all housed in a oldish looking little interface) but I like that I can control changing my Hostname, Computer name or MAC address with every restart of the PC. Never giving off a same digital exhaust or trail.
I believe this to all be true.
Good Morning Sven,
You have given a Tip on https://restoreprivacy.com/stop-isp-spying-tracking-browsing-history
“When using a VPN, the router will be processing encrypted data from the VPN server. You will need the higher CPU, especially if you want faster speeds and plan on using multiple devices.” I’m interested to hear if both are run.
What if you wish and try to run VPN clients from both your router and the computing devices OS. EX: Devices in the chain as a Cable Modem – Wireless Router – PC are hardwired together hosted by an ISP cable provider.
[Router used is not a custom VPN firmware flashed unit (DD-WRT)]
But offers a VPN function of a client in the Administrations online UI.
Does this have a name – or term when the VPN clients are to be combo employed to more-less tunnel within an encrypted tunnel ?
Is that a correct description ?
What kind of cryptography format scheme could this be considered as what happens really in play as . . . T-n-T (tunnel in tunnel) – -or- – 2X’s Encrypt ?
It’s seems more to a double encrypting of the data – say OS VPN client encrypts the browser data traffic and then it gets encrypted again leaving through the routers VPN client.
The encryption of this type in it’s setup (duel VPN clients) when applied to the sending and receiving of the data within the transmission system happens as how ?
Mental us in a picture then cause as I’m seeing it this is looking like the path.
_______@___@_____@./……………ENCRYPTED………ENCRYPTED…………………………|
……………………………. Modem > Router(VPN) > Computing Device(VPN) > Browser
(this is how I see the connection to my browsers window loading up)
So reverse the route when I take some key action in the browser requesting a reply in fashion from a server.
I do understand the benefits of everything behind your Router and would appreciate an explore of this option in the VPN client of the OS tandem used with the router VPN client and I’m wishing to understand in Pro’s & Con’s.
Routers Admin UI VPN clients features (basic) – select 1 server opvn file’s at a time, credentials entry, and connect/disconnect to it’s server, – delete file to replace with another. To where that’s about it.
Logically, you could use the same VPN server for both clients or could you ? Thinking about a server pretty close of a few hundred miles and both clients set to the server.
Thank you, and please if you could say any to answer.
My mental image illustration got messed up in the above comment.
Path was to look closer to this image.
….WEB…ISP…> Modem > Router(VPN) > Computing Device(VPN) > Browser.
Anyways where (VPN) is shown above – the transmission is encrypted…
Hi HardSell, yes, you can definitely do this and it is basically a tunnel within a tunnel, with your traffic being encrypted across two different VPN services. This also distributes trust in the case that one VPN is compromised.
What you describe is a simple way to execute this setup. In other words:
VPN1 on your router & VPN2 on your computer, connected through your VPN router
The obvious drawback here is speed, but if you are connecting to nearby servers, it shouldn’t be too bad.
Thank you Sven,
The distribution of trust is a good philosophy when privacy and security are paramount. If my speed reduces so be it as my privacy increases…
Something I wondered, when the VPN clients installed to the Windows OS – they always come with baggage of the Tap-Adapter.
What does the Router w/VPN client use (in a case here) ?
Maybe the Tap (driver) is just required only on Windows because of the opvn protocol, or something I don’t know as it compartmentalized inside the Routing device firmware for that VPN client function.
Thanks
No, the router firmware (if it supports OpenVPN) handles this without the need for installing anything other than the OpenVPN config files you want to use.
@HardSell
Last thought and then I will end. I agree with your thought of not giving too much information to one company. Having both a VPN and Email in one place does give a lot of information and information is power. I just had to look at my specific situation when making the decision and this was the best I could come up with. If another company comes along that gives me these same aspects as Proton, I would really consider switching one of my services.
Hey J.M.
I’ve come to know the site rotates the tiles that you see of the articles when you land on the homepage – I’m guessing in a set time or when Sven updates one not being shown for a time.
– The search symbol in the top right corner opens the box and a single term returns the title results first and everything after – I’ve not studied it’s function for accuracy but that’s what I’d seen for my term.
– – blackfriday in it will bring up that topic and you’ll see the 24 comments there yet. It died till next year I suppose to making a homepage tile’s spot.
I’d say you’d know more than I about your devices and systems from your professional and personal life needs. There’s growth in experimenting I find, like you could always find an email service to try out like a burner account. Sign up using it for when any new account isn’t important to you and it needs an email entered.
Same with a VPN that offers a guarantee to refund in full by x days in. There are VPN’s offering you 30 days given time and use to claim a refund in and some say no reason needed – but you know their going to ask you why.
I”d say you were comparing it to X to see if it seemed a better service to you. As to knowing if X was a problem or your system was causing so slow speeds you had gotten.
I got in to really using the online world with a sony laptop running Vista, never was an XP’er – so I’m thinking it had to be around 2009. Had a smartphone before that nothing like the screens of now, that I surfed from a little.
I got in to trying to modify win 8 OS when I updated to a desktop. There was a couple of programs out and a community following each helping others doing the same modifying theirs (like here just a different topic) where one could modify the OS code I’d guess to omit out different stuff – included in the windows OS version they had. Mainly to strip out the business crud a home user don’t need.
I got a lot of practice of reloading the stock win 8 OS anew on the desktop. Never did fully grasped on to what I was doing tech wise but I could follow a TUT or guide to the letter getting the results.
It’s was like here user choice and nothing set in stone to do – but pointers of what this being discarded has in an effect that to the other functions of the OS.
That was in the days when M$ hadn’t locked the OS down as they seem to have with win 10.
I’ve read a guys pursuit to strip out the telemetry components of his 10 OS when it first was out- long story short every M$ update rolled out had reversed the tweaks he made to the OS. He went as far to have a scrip to redo his tweaks after an update. He busted, in the end as each update changed the OS enough to make his scrip ineffective and it was harder to get the tweaks to hold form restart to restart manually going in setting things as he had.
My focus now of late it to finger the areas that give off clear texts of our personal info related to just going online in the modern age of today. Trying to understand then any ways to defend against these, and if not possible to add some noise to the info give off by my system in someway.
Basically I’m thinking it’s all the areas were the info is collect to fingerprint the device and OS as they can and use.
Have a good December
@HardSell,
Thanks. I found that after my long post.
I agree with you. The trial works great to test. I guess I am not as fast or smart to take that…and putting money upfront always bothers me because of bad past experiences.
I guess if the company is sure of their product, don’t make me pay first. Give me the test full on and let me see.
I did reach out to a couple of the VPN’s on here and they either did not respond or the discount was still more than I pay now, I couldn’t get to them.
7 days free, full service, no money down. That was what Proton offered. Then the NPO discount after…hard to beat.
I do wish, should say hope, they follow my advice and get a third party verification on the no logs. Especially after the links I sent them and the issue and potential due to PIA.
As far as the OS, I should also add that I really hate Windows as well. My wife jokes and says there is nothing I like (LOL). I like Linux and am have a work computer built for me based on Linux (my old system just died today).
If I could figure how to ditch Windows and have Wine work with my required software…I would be happier than a fish in a flood.
Maybe a VM on a linux? I don’t know. But I do agree. While I know my NPO is easy to find and get to me…it is more just the casual snoopers and data copiers and hogs I am hiding from (cell and work ISP) and public Wifi.
Hope you have a great December and a Merry Christmas!
When I speak of them and your comments, it was in connection to me using Proton for my VPN and my Email service. I guess I should have made that clearer in my statement above. Sorry.
Hey Sven,
Switched to ExpressVPN via your Black Friday/Cyber Monday page and it’s link / supporting the site to I hope.
Things I don’t like are so far.
I paid with paypal and my expressvpn invoice has my real name used there.
I tried finding a way through paymentwall but not for the US was anything offered that I could use. I don’t do crypto-coins and that’s still link able isn’t it to user then account.
Something that might fly under the radar was the activation code needed to install the windows application and with expressvpn’s no logs policy, then with IP address shared amongst users. I don’t need to worry about my account’s payment and the account itself I’ll use be to of an association being linked in anyway.
Could you offer anything specific you’d understand here?
I did notice that with adguard AD BLOCKER running and set as I have, the link from your site was for the EXPRESS ad without any mention of the +3 months and then stating the 15 months for $99.95 and 12 billing to follow of the next year. It was the plan old 12 month ad I seen – so I disabled AG and tried again.
Finding the 15 month deal…
Anyways I still have a year on VPN.ac but the setup I use (ISP over cellular data) and it’s kill switch with the network disconnects I face was a bust for me. I have notice that my slow internet is still slow with first impressions of Express.
Thanks
Hey HardSell, thank you.
I am curious, does Perfect Privacy support perfect forward secrecy (PFS)? It was not listed in the comprehensive review but it is quite important feature imo.
Yes, it does.
Dear Sven,
Longtime reader here. I’ve thoroughly enjoyed perusing all of your reviews, articles, exposés, etc. and have always been satisfied by the quality. You clearly are a man who cares about privacy. As such, I’ve been somewhat shocked at the silence from you, and similar reviewers, about MLATs: Mutual Legal Assistance Treaties. A lot of “private” jurisdictions have been tooting their horns lately, and so I’ve been looking them up
here: http://www.cbi.gov.in/interpol/mlats.php
and here: https://2009-2017.state.gov/j/inl/rls/nrcrpt/2014/vol2/222469.htm
and there are a lot of results! An MLAT with the United States basically guarantees an entry into a proto-Eyes situation. It’s just like being in the 14 Eyes, in essence, and it’s scary! Many of the so-called private jurisdictions which VPN providers procure host MLATs with the US, thus making their claims worthless. What are your thoughts?
Sincerely,
Anonymous
P.S. I’ve created a list of some of the more private jurisdictions which don’t have MLATs, appear in the eyes, and have strong data protection laws. Here it is:
1. Iceland
2. Seychelles
3. New Zealand
4. Malta
Interesting, thanks for the info!
@Anonymous I agree and an email service as with the vpn jurisdictions as where our personal data is involved.
https://restoreprivacy.com/5-eyes-9-eyes-14-eyes/#comment-58133
List of government mass surveillance projects
https://en.wikipedia.org/wiki/List_of_government_mass_surveillance_projects
At the core of it all was the alliance forged after the last world war. Never was good in history. But with so much of the internet’s existence starting in the US and a majority of the traffic routed through it – it’s a core player.
Then no companies privacy policy or the privacy laws in any one location of the world can stands up against it’s own countrys court system. Then the connected eyes network work through these governments down the ladder.
@HardSell I always see you in the comments, and I sincerely admire your dedication. Totally agree. It gets made into a political issue to divide “the masses”, but really, nothing good has ever come out of these shadowy transnational agreements; that goes for corporations too! The Wikipedia articles you linked alone are pretty jarring, even to me, someone probably more read in these areas than the average consumer. Litigious is the word — the death of privacy, clear and simple. This is why we need a decentralized, federated web!
Thank you Anonymous.
Yes something better than the seemingly mafia like hierarchically structured organizational control in a gestapo’s like grip on the web, that we – all the nations use.
As the “eye’s nations” have presented over the modern internet and it’s traffic these symptoms above to warrant our concerns or simply put – to catch and store with the profiling of all users data in a database having that knowledge and control over us.
The MLAT’s as I understood were to help aid the exchange of evidence and information in criminal and related matters.
Of course being used in the Nations outside of the 14 eyes.
Interesting is the “Asset Sharing” https://2009-2017.state.gov/j/inl/rls/nrcrpt/2014/vol2/222469.htm
I could see this as (foot in the door) to the nations that enter into a MLAT to cooperate fully in any request, and then it does speak of getting laws changed.
[offering the possibility of sharing in forfeited assets. A parallel goal has been to encourage spending of these assets to improve narcotics-related law enforcement. The long term goal has been to encourage governments to improve asset forfeiture laws and procedures so they will be able to conduct investigations and prosecutions of narcotics trafficking and money laundering that includes asset forfeiture.]
As we’ve seen with the modern web and in advertisings polluted roll with our privacy’s loss there. The web emits digital exhaust that fingers us and everything then goes into the data profile. It’s probably not hard to get laws changed
in a nations government if the monetary incentive is there as well – then general as a rule of law and not specific.
THE INTERNET AGE has nations far behind in their own privacy protection laws to the tech used today…
Enjoyed your insights in the quest for an online privacy too.
There’re so many useful information mentioned. It is great to see that more and more people starting understand how much data security is important at the ages of tech world. I use so many security programs, so never been hacked or my data leaked. I see you mentioned Nord, so I use their business solution NordVPN Teams. I am working as freelancer and I like their services, feel secured with it on my computer and phone app. I think their prices are the most relevant, aren’t they?
Yes, NordVPN is one of the best values you’ll find. They are also running a cyber security month special right now.
Hey, I liked your article and all your thoughts.
I’m now opening a small company and I will need a VPN which could be used by 20 people. For my personal use, I was using NordVPN, I kinda liked it and now I saw that they launched a new product for b2b which is called NordVPN Teams. So I’m thinking to take a VPN which is designed only for business, so I could take more benefits from it. Maybe you have any thought about business VPN?
Hi, I haven’t looked into this area too much. I think most VPNs could offer a custom plan if you ask them for a small business. I also know VyprVPN has a business product as well.
Hi Sven,
Having followed your guides on use of VPN, browser choice and modification there are a couple of questions based on best practice when using a VPN.
ISPs can see that an individual is connected to a VPN server so
a) Is it best practice to use just one VPN server for everything you do day to day – all traffic.
b) or use different VPN server in a country with strong data protection laws when downloading (raising the question that if your ISP sees high data throughput when connected to a VPN in a given country, is this likely to raise any flags).
Thanks for all you do to help the community.
Hi Jason, to be honest, I don’t think it really matters. VPNs are becoming mainstream with many people using VPNs for torrenting and Netflix streaming, which are both high-bandwidth activities. So I don’t think you have to worry about any “red flags” so to speak. Connecting to a closer server should give you better performance.
I just stopped using Perfect Privacy. Too often recently the connection would cut out or I would not be able to connect to a particular server(s) on the server list (I’m in Germany and could never connect with Frankfurt and only rarely with Erfurt). Also, not being able to access Netflix and other IP dependent streaming services – such as ITV – was a bummer.
Gonna try ExpressVPN for a few months to see what they’re like.
Hi Sven.
First thank you for your website, it has helped me a lot and I have learned many things with it. And I keep learning.
I am currently a VPN.AC user. What it has caught my attention are their policies, they are very clear and technically give concrete explanations. I think they provide solutions that I don’t know if they have any other VPN service.
In general, it is a good VPN service. Good speeds even with the double server jump. I have implemented the VPN on the router and through the computer I use the double jump, which makes it triple and the speeds are still good. The kill switch works perfectly and also allows you to stop the VPN service and not have an Internet connection. The kill switch works both when changing servers and if you stop your VPN service directly. I have not had service interruptions for months.
As for the daily connection log policies, I don’t think it’s a problem.
The company indicates that it is for safety reasons and work procedures and for the own VPN infrastructure. As they own everything (including servers in countries) I understand that they need some control over the system. Besides, I think it’s even good. It is true that there are companies that work with “marketing” to reassure a client by offering many things that personally make me doubt. There are many users who use paid VPN, and they don’t know what is behind them with respect to the loggs, and although they promise that they do not exist, putting reasons of speed, location of servers, I have reason to doubt … I think all VPN companies have some type of log (except Perfect privacy), such as determining the number of simultaneous connections.
Besides, they don’t have a tracking connection to Google or Facebook (indicated in their policies).
I also consider it important to be the owner of the entire infrastructure, including own servers. This makes exclusively they are those who handle the entire system, without third parties.
My attention is largely the work with own DNS servers. As they say, the privacy with a VPN depends of many things, and DNS requests are something that many people forget and it is no less important.
I have used several VPNs for several years: VYPRVPN, EXPRESS VPN, PERFECT PRIVACY and VPN.AC. Everyone has their good and less good things and there is no perfect VPN. There are very good things about some that do not have others, but I prefer to use PERFECT PRIVACY or VPN.AC.
I apologize if there is a mistake in making the comments, I would like to be told it.
Thank you.
Hello Steve, I have been using Surf Shark for several days. Supposedly does a lot for security and privacy and the servers are very fast in my opinion. So far, I am thrilled. Although I’m skeptical about new VPN, but it is recommended everywhere, even by independent, on Reedit there is a discussion and they are also excited. However, the app makes some problems with Windows 10 Spring Update. Sometimes it just hangs, does not react at all, and then it’s back after 2 minutes. Although I had to shoot it completely once, because it completely hung up. In my eyes Promising VPN. Let’s see what else they can think of.
Do you think chaning VPN across different countries is BETTER done in VM or better done on VPN routers made by different companies?
also, with TOR as the endpoint and multi chained VPN behind it, if TOR is compramised, they would just see your last VPN, and then need to go to your next vpn etc this seems like the best approach as far as I can tell.
I would still like to hear your thoughts on Qubes OS with Whoonix and TOR as a less exploitable surface than VPN chain due to virtualization compartmentalization
just trying the Protonvpn trial, and for the record, they got great speeds, same datacenter as airvpn, again around 100Mbps, fast also with double hop. The windows and android clients are very very nice, fast to log in and don’t drop connections, don’t leak that much:
– leaks during user’s configuration change, you need to stop connection to make some changes, weird but it’s one time and can be controlled
– leaks during VPN server change (which is quite fast, but even 100ms is enough for GMS to connect to Google and add your real IP to their unique_ip list)
– no leaks on connection change
– routing messup, packets not coming back will make app stuck & “connected” while there’s no connectivity.. -> restart wifi router to spice it up and it won’t switch to mobile while wifi is already off, -> set wifi back and it will leak via wifi while still stuck
Isn’t it funny that only “Block connections without VPN” works these days…
Still this as a reminder where airvpn needs to improve because it’s even worse on Android: opensource Openvpn client is slow and leaks in every possible situation (at boot, during connection change, during VPN server change or simply by system apps like Download manager), while eddie for android is, while new, a total mess (chaotic UI, long boot leak, boot connect not possible via login, nonstop connection drops, with no other leaks at least). PC and router clients perfect with no leaks there.
I consider using protonmail on mobile device due to 2 less leaks. I’m not having big expectation on android devs grasping the programming logic, but If there’s really leakproof android VPN client/service, i’m interested.
Hi all, I’m considering to get a VPN to torrent some obscure film that is generally unavailable to the public and/or unavailable to purchase. However my upload and download speed is mediocre, sitting at just 2Mb and 15Mb (may dip to below 10Mb) respectively. I live in SEA, if that helps.
Should get NordVPN, VPNac, or Zorro?
VPN.ac might be a good option: fast speeds, servers in Seattle, torrenting friendly…
Hi Sven, I read your thoughts and I am now trying to choose between ExpressVPN and vpn.ac. I had a IVPN account for about one year, they were ok, but I want to move on as they are too expensive and also as you mention just „ok“ – no netflix, no browser add-on and ok speeds for Germany. On the positive side I can say there were flawless with a lot of updates among this year. However, everywhere you look for a vpn review you can find ExpressVPN as the total leader and I am not sure if they pay their way in to be on the top or are they that good. Does it worth the price difference (ExprssVPN vs. vpn.ac)? You tested both, so I would relate my question in terms of speed and „feeling of anonymity“. Because vpn.ac logs, but they say they keep only check in and out times and data volume – and only for one day.
Would you consider moving from IVPN to one of your recomended VPNs an improvement (you mentioned you have also tested IVPN)? Thank you
Yes, ExpressVPN is the best all-around VPN in my opinion: excellent speeds (verified with the recent review update), 24/7 Netflix access, very secure apps, support for all devices and operating systems, verified no logs provider, and quite reliable. VPN.ac is also a great option, and even though they don’t advertise it, they do support American Netflix. VPN.ac is also a good value at only $3.75 with the two-year plan. IVPN is also a good provider from everything I’ve seen, although lacking a bit in some areas as you pointed out.
If you’re on the fence about switching, you can get a cheap one-week trial for $2 on the VPN.ac website (see FAQ page). ExpressVPN also offers a 30-day refund window, no questions asked.