AzireVPN is a VPN (Virtual Private Network) service provider based in Sweden. VPN services provided by AzireVPN are intended to provide its users with increased online privacy and security, by encrypting their internet traffic and hiding their IP address. AzireVPN was founded in 2012 and offers VPN services for various platforms, including Windows, macOS, Linux, Android, and iOS. AzireVPN also supports a variety of protocols, such as OpenVPN, IKEv2, and WireGuard. The company prides itself on its commitment to privacy and security, with a strict no-logging policy and strong encryption algorithms.
Has AzireVPN been audited?
Yes, AzireVPN has been audited by a third-party security audit firm called Cure53. The audit was conducted in 2019 and focused on AzireVPN’s WireGuard implementation. The goal of the audit was to identify any security vulnerabilities or weaknesses in the WireGuard protocol as implemented by AzireVPN.
The audit report found that AzireVPN had implemented WireGuard correctly and securely, with no major security issues identified. However, the report did identify some minor issues and recommended some improvements to further strengthen the security of AzireVPN’s WireGuard implementation.
Overall, the Cure53 audit report was positive about AzireVPN’s security practices, and the company’s commitment to privacy and security is further demonstrated by their strict no-logging policy and the use of strong encryption algorithms.
StrongVPN is a virtual private network (VPN) service provider. A VPN is a service that encrypts a device’s internet connection and routes it through a server in a location of the user’s choosing. This can be used to protect the user’s privacy and security online, as well as to access content that may be restricted in their location. StrongVPN offers a range of VPN plans and features, including support for multiple devices, unlimited bandwidth, and a variety of security protocols. The company is based in the United States and has been in operation since 2005.
StrongVPN, formerly Black Oak Computers / Reliable Hosting / Overplay, is owned by Ziff Davis (formerly J2 Global) who owns NetProtect who operates IPVanish as well as StrongVPN.
Is StrongP2P safe for torrenting?
In the book Resistance, Liberation Technology and Human Rights in the Digital Age by Giovanni Ziccardi, he writes:
This company did not directly answer questions but pointed to their logkeeping policy instead. StrongVPN do log and are able to match an external IP address to their subscribers. They were the most outwardly aggressive provider in the survey when it came to dealing with infringement. “StrongVPN does not restrict P2P usage, but please note sharing of Copyrighted materials is forbidden, please do not do this or we will have to take action against your account”
“StrongVPN Notice: You may NOT distribute copyright-protected material through our network. We may cancel your account if that happens.”
Privacy Policy
The StrongVPN privacy policy is reasonably transparent and does not appear to have any major contradictions. However, a few aspects stand out as potential privacy concerns:
They collect email addresses, payment information, names, credit cards, and billing addresses to create accounts. This is quite a bit of personal information.
They use cookies and allow third party cookies for analytics and functionality. Users have to opt out of each third party cookie separately.
They may send marketing and promotional emails, requiring users to actively unsubscribe.
They disclaim warranties and liability, reducing accountability.
Users have to take multiple steps to exercise data rights like deletion. StrongVPN can retain data if needed for legal reasons.
They can monitor, restrict, or suspend accounts without notice for any reason. This could enable unfettered surveillance.
Data can be shared across their corporate group and third party processors quite freely.
Data is transferred internationally, with some protection measures. Local laws may differ.
Retention periods are vaguely defined as “necessary” for purposes in the policy.
Overall the policy seems standard for a VPN provider, but the collection of personal information, broad data sharing allowances, and power to monitor/suspend accounts stand out as areas of concern that could impact privacy. The policy meets transparency requirements but still merits careful review by users.
Terms of Service
Users should carefully scrutinize the StrongVPN Terms of Service before signing up for the VPN service. Several clauses in the Terms grant StrongVPN alarming levels of discretion when it comes to monitoring, restricting, and terminating user accounts without notice. Users must agree to binding arbitration and waive rights to class action lawsuits, severely limiting legal recourse options. Additionally, StrongVPN disclaims all warranties and liability on their end, removing accountability for services. The Terms also give StrongVPN broad rights to collect and use customer data with few constraints. Restrictions like prohibiting account sharing among household members seem unnecessarily strict as well.
Overall, the StrongVPN Terms of Service appear heavily stacked against users and in favor of StrongVPN’s interests. Users have little power or recourse under the Terms as written. StrongVPN reserves the right to change the Terms anytime without directly notifying users beyond posting to their website. Those concerned about privacy and accountability are advised to fully review the StrongVPN privacy policy and Terms of Service before subscribing. Important to understand exactly what user data StrongVPN collects, how they use it, and what options users have. Proceed with caution given the broad disclaimers and unilateral power granted to StrongVPN under the Terms of Service.
Private Internet Access (commonly known as PIA) is a capable VPN provider, now owned by Kape, which also owns CyberGhost, ZenMate and ExpressVPN.
PIA has servers available in just about every single state in America, which is great if you want to encrypt and protect your connection but don’t want to get locked out your account for suspicious activity. Choosing a server in a remote country for instance can have some benefits but it is not always the most practical choice.
Privacy Policy
PIA’s privacy policy is a classic example of a company trying to paint itself in the best possible light regarding privacy and legal compliance. They talk a big game about scrutinizing legal requests and standing up for user privacy, emphasizing their commitment to the “spirit” and “letter” of the law. This is meant to reassure you, the user, that they’re on your side, ready to shield your data from the prying eyes of the law—unless absolutely necessary of course.
But here’s the rub: when push comes to shove, the majority of companies, especially those anchored in the U.S., have a breaking point. The notion of a corporate David going toe-to-toe with the Goliath that is the federal government and emerging unscathed is, frankly, more fairy tale than fact. It’s not just about being bullied into submission; it’s about survival. Companies operate under the jurisdiction of local and federal laws, and while they might resist or push back on requests initially, the potential consequences of outright defiance—legal battles, hefty fines, or worse—make compliance the path of least resistance.
What often goes unsaid in these polished statements is the scale and intensity of pressure a company can face behind closed doors. Yes, they might question or attempt to narrow down overly broad subpoenas, but these are tactical moves within a game where the house always wins. The promise to not participate with unconstitutional or illegal requests is noble but navigating the complex web of legal interpretations and potential repercussions makes this a tightrope walk at best.
And let’s not gloss over the part where they say they’ll give users a chance to object to disclosures “when it is possible and a valid option.” That’s a lot of leeway packed into a few words, suggesting that this opportunity is more of an exception than a rule.
In essence, while the statement aims to reassure you of the company’s steadfastness in protecting your privacy, the reality is often shaped by legal and political pressures that can turn those assurances into well-intentioned but ultimately hollow promises.
Terms of Service
As far as Terms of Service go, PIA’s is boilerplate industry standard. If you violate law they reserve the right to terminate your service. They don’t include any of the vague terms and phrases like some other providers due like “inappropriate conduct”.
You must conduct yourself in a way that complies with law and would not violate these rules of conduct.
Log Policy
In the book Resistance, Liberation Technology and Human Rights in the Digital Age author Giovanni Ziccardi shares this response from Private Internet Access:
“We absolutely do not maintain any VPN logs of any kind. We utilize shared IP addresses rather than dynamic or static IPs, so it is not possible to match a user to an external IP. These are some of the many solutions we have implemented to enable the strongest levels of anonymity amongst VPN services. Further, we would like to encourage our users to use an anonymous e-mail and pay with Bitcoins to ensure even higher levels of anonymity should it be required.” Q2: “Our company currently operates out of the United States with gigabit gateways in the US, Canada, UK, Switzerland, and the Netherlands.
We chose the US, since it is one of the only countries without a mandatory data retention law. We will not share any information with third parties without a valid court order. With that said, it is impossible to match a user to any activity on our system since we utilize shared IPs and maintain absolutely no logs.”
Torrenting
Private Internet Access (PIA) beats around the bush when it comes to using their VPN services for BitTorrent. While their terms of service explicitly prohibit copyright infringement, their Frequently Asked Questions page delicately navigates the subject of torrenting. PIA suggests that utilizing their VPN can enhance online privacy and prevent ISPs from potentially labeling a user’s activities as suspicious. However, this stance is somewhat disingenuous, as ISPs generally do not actively monitor their customers’ web traffic. The primary concern with torrenting, particularly in the context of piracy, is the risk of receiving DMCA takedown notices, which is a more direct consequence of copyright violation than mere ISP scrutiny.
Torrenting with PIA is a breeze, however. After I connected to a Canadian server about 1,200 miles away I fired up QBitorrent and within seconds was connectable. I was able to achieve speeds of 10Mbps down and 1.4Mbps up. Not too shabby. It’s important to remember that torrenting is a completely subjective experience and these results are only indicative of my experience. Yours may differ wildly.
According to my research, PIA VPN predominantly uses CDNext, GTT, and M247 servers depending on where you are connecting to.
Use of virtual servers
While it’s not uncommon for VPN providers to use location virtualization, some do see it as dishonest and another deceitful marketing technique. During our testing, we discovered that PIA does in fact use location virtualization. For instance, 100% of the servers advertised as being in the Philippines were actually located in Singapore.
IP Advertised Country Actual Country ISP ASN
188.214.125.131 Philippines Singapore M247 AS9009
ASN Diversity
In the realm of Virtual Private Networks (VPNs), diversity is a key indicator of network resilience. A significant measure of this diversity can be evaluated using the Shannon Diversity Index (SDI), a concept borrowed from ecology to measure the biodiversity in a given community. In the context of VPNs, the SDI offers a quantitative assessment of the diversity of Autonomous System Numbers (ASNs) among VPN servers. Theoretically, a higher SDI correlates with increased network diversity, indicating a more resilient network structure less prone to single-point failures.
An examination of Private Internet Access (PIA), with its SDI value of 1.8, reveals a comparatively lower network diversity in relation to other VPNs. For instance, Windscribe, Surfshark, and NordVPN have reported SDI values of 3.6, 2.88, and 2.75 respectively. This suggests a potential susceptibility in PIA’s network to failures or targeted attacks, owing to its relatively less diverse network.
However, it is crucial to emphasize that SDI, while informative, is not the sole determinant of network performance and resilience. Several other factors, including the choice of Internet Service Providers (ISPs), geographical server distribution, total network capacity, and VPN service management practices significantly influence a VPN’s overall performance. Thus, while PIA’s SDI value may not place it at the pinnacle of network diversity, it is important to consider the holistic context when evaluating VPN performance and resilience.
