Tag: estnoc

  • X-VPN

    X-VPN

    X-VPN is a freemium VPN service that has become well-known for its simplicity and extensive server network. However, these points are overshadowed by some major concerns, making it a questionable choice for privacy-conscious users. One key issue is the existence of adware built into its app, making it a risky choice for users valuing privacy and security.

    X-VPN is owned by Free Connected Limited, a Hong Kong-based company that, upon investigation, revealed alarming links to mainland China. Given China’s notorious approach towards VPNs and digital rights, this is a significant cause for concern.

    Considering all these factors, X-VPN doesn’t come across as a trustworthy service. Its price and value for money also rank low at 6.0 out of 10, especially when there are cheaper and more reliable alternatives available.

    Privacy Practices

    Among the numerous concerns associated with X-VPN, the most unsettling is its privacy and logging policy, which received a dismal score of 2.9 out of 10. While many VPNs pride themselves on a strict no-logs policy, X-VPN has chosen a path far from it.

    Firstly, X-VPN logs a range of information that should typically be off-limits for a VPN service, especially one that purportedly values user privacy. This logged data includes device information, individual bandwidth usage, and connection timestamps, a decision we find to be unacceptable. While none of this information may be immediately identifiable, when correlated, such data can potentially be used to de-anonymize user activity.

    For mobile app users, X-VPN goes a step further, collecting VPN connection timestamps, choice of VPN protocol, and network type. Although the service has recently reduced its data retention period from 96 to 48 hours, it still raises eyebrows as to why it needs to collect this data in the first place. Top VPN providers have shown it’s entirely possible to optimize service without maintaining such logs.

    Furthermore, X-VPN’s vague privacy policy and the extent of data it collects vary by device. Across all its apps, it logs data like device information, usage, and city-level location, ostensibly for product development purposes. Even though this data can be deleted upon request, it’s unclear how straightforward this process is and whether any residual data remains.

    X-VPN’s logging practices become all the more concerning when coupled with its ties to China. Given the stringent regulation and censorship in the country, the possibility of data being accessed by third parties or government authorities can’t be ruled out.

    Lastly, X-VPN’s logging policy has not been verified by an independent audit or backed by a warrant canary. This lack of transparency and validation casts further doubt on X-VPN’s commitment to user privacy.

    In conclusion, X-VPN’s privacy policy and data logging practices not only betray the core principles of what a VPN should stand for – privacy, security, and anonymity – but also place it as a poor choice for those seeking a genuinely private and secure online experience. Users are strongly advised to consider VPNs that have clear, user-friendly, and audited no-logs policies to ensure their online activities remain private and secure.

    During the review, we also noted multiple connections to various domains such as get-xmore-links8.com, api.du-just-link.com, etc., which only compounds our concerns about its commitment to user privacy and security.

    We strongly advise against using X-VPN, particularly its free version which comes without a kill switch and is restrictive on server locations. While it does have some positives like ease of use and ability to unblock streaming platforms, its serious flaws, especially the adware issue, make it a risky choice.

    We suggest exploring other VPN services ranked higher, which offer fast speed, reliable unblocking capabilities, and most importantly, prioritize user privacy and security.

  • McAfee VPN

    McAfee VPN

    It’s highly likely that you’re familiar with McAfee if you’re acquainted with any company in the realm of digital security and virus protection. Founded in the United States in 1987, McAfee has gained notoriety primarily for its antivirus software. However, upon discovering that they also offer a VPN service, we felt compelled to put it to the test. Here are our findings.

    We found that McAfee has an extremely poor logging policy. Their VPN service logs information that can be used to personally identify you, including your IP address and the websites you visit. By using McAfee Safe Connect, you’re essentially forfeiting your privacy to McAfee instead of safeguarding it. While it’s true that VPN providers retain logs, they are typically only the minimum necessary to ensure their services run smoothly.

    Infested with tracking scripts

    One thing I always do when testing out app-based VPNs is pay attention to my DNS logs for anything suspicious. One or two pings to home servers is nothing unusual, you do have to connect to your provider’s servers to log in, change account settings, etc. But when I start to see a bunch of advertising domains come up, it makes the company lose any credibility whatsoever. While using their VPN app, I saw the following connections in my DNS logs:

    polargrizzly.com
    lazerpenguin.com
    usbla.net
    usabilla.com
    appsflyer.com
    moengage.com

    Slower speeds

    It’s common knowledge that using a VPN service can often result in a slower internet connection – but I found McAfee’s speeds to be horrendously slow. One of the reasons for this is that VPN providers may have a limited infrastructure that they use to route their customers’ internet traffic through. To save money and reduce infrastructure costs, VPN providers may opt to use a smaller number of servers, which can become overloaded and slow down the overall connection speed. While some VPN providers do invest in larger server networks and higher quality infrastructure, the cost associated with this can make their services more expensive than other options on the market. Clearly McAfee is not one of them.

    Recommended VPNS:

  • IPVanish

    IPVanish

    IPVanish is a virtual private network (VPN) service that allows users to securely and anonymously access the internet. A VPN creates a secure, encrypted connection between a device and the internet, protecting data and preventing snooping or tampering by third parties. IPVanish offers a range of VPN products and services, including support for Windows, Mac, iOS, Android, Linux, and other platforms. The company was founded in 2012 and is headquartered in the United States.

    A few years ago, IPVanish handed over user logs to the FBI. This caused consumers to question just how seriously the company takes user privacy, and it saw a dip in use and confidence as a result. As part of my review, I look to see if there have been any changes, or if IPVanish still deserves caution when choosing a VPN.

    IPVanish is the latest high-profile VPN to have provided information to the authorities after earlier claiming security for their users. Back in 2011, HideMyAss handed over information that would help to jail LulzSec hacker Cody Kretsinger. Last year it was revealed that PureVPN helped the FBI catch a cyberstalker.

    Can you torrent with IPVanish?

    One of the most common reasons why people sign up for VPNs is so they can use BitTorrent without revealing their true IP address. If you look at section 12 and 13 of the IPVanish Terms of Service, it clearly states that they respect copyright and intellectual property. They also have a page on their website instructing individuals how to submit DMCA notices. It is clear from their ToS that repeated DMCA violations will result in termination of your account:

    It is our policy to terminate in appropriate circumstances the accounts of subscribers who infringe the copyrights of others.

    Looking at their privacy policy

    The IPVanish privacy policy starts off the generic “we do not log, monitor, or collect your browsing history” which is the baseline for a decent VPN. A lot of people will read that line and go SEE!!! They’re anonymous!!!1. However, the devil is in the details – just a few lines down in G. Lawful Bases for Processing Personal Data it states:

    We may Process your Personal Data where the Processing is required by applicable law;

    What exactly does that mean? Just a few more lines down it explains:

    “Personal Data” means information that is about any individual, or from which any individual is directly or indirectly identifiable, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
    “Process”, “Processing” or “Processed” means anything that is done with any Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

    In a nutshell – they may not “monitor” or “log” your browsing activity but per their Privacy Policy they will hand over any and all information they have on you if required by law.

    Hands in many different pies

    IPVanish has an interesting history that also includes a few different ownership changes over the years.

    Here is a brief summary of IPVanish’s history based on my research for this review:

    • IPVanish was founded by Mudhook Marketing in 2012, a subsidiary of Highwinds Network Group in Orlando, Florida.
    • In 2017, StackPath acquired Highwinds Network Group, which also included IPVanish.
    • In 2019, IPVanish was sold off to J2 Global (now called ZiffDavis Inc.) under the “Net Protect” division.

    J2 Global, also known as ZiffDavis Inc., isn’t just any ordinary company – they’re the parent company for many websites that publish reviews, including PCMag. But wait, there’s more. J2 Global doesn’t just stop at publishing reviews, they also own several VPN services, such as IPVanish, StrongVPN, and Encrypt.me. As if that’s not enough, they also have a secure cloud storage service called SugarSync. It seems like J2 Global wants to control every aspect of the digital world, doesn’t it? Who knows what kind of data they’re collecting from all these different services. It’s enough to make you wonder who’s really in charge of your data and privacy.

    So, J2 Global is the proud owner of a collection of VPN services, which means we’re now in a situation where VPN review websites are recommending products that are actually owned by the parent company. How convenient, right?

    It’s a bit of a dubious situation if you ask me, and we’ve discussed it before in our article on VPNs that own review websites. It’s hard not to be skeptical when the very same company that owns the VPN service is also the one getting glowing reviews from their own review websites. One has to wonder if these reviews are truly unbiased or just part of a larger marketing scheme. It’s a classic case of “who watches the watchers,” and it’s not exactly comforting.

  • Windscribe

    Windscribe

    Windscribe, a cross-platform virtual private network (VPN) service provider, was founded by Yegor Sak and Alex Paguis in 2016. Based in Canada, it has grown to operate internationally, supporting a broad range of operating systems and platforms, and providing services to personal computers, smartphones, routers, and smart TVs​1​.

    The company’s offerings include OpenVPN, Internet Key Exchange v2/IPsec, and WireGuard protocols in its applications, supporting peer-to-peer file sharing, and ensuring user privacy with a no-log policy. Additionally, Windscribe provides open source applications and encrypted proxy support, while allowing for unlimited device connections​1​.

    Windscribe has been recognized for its social responsibility efforts, particularly in advocating for freedom of access to information in regions of political unrest. It has also developed transparency tools to shine a light on the relationship between corporate VPNs and their paid promoters​.

    Despite earning accolades from publications like Wired UK and Engadget for its reliability, cost-effectiveness, and range of server options, Windscribe has faced criticism related to security vulnerabilities. However, the company has demonstrated swift response to these issues, underscoring its commitment to user security​.

    Some users familiar with the name may be wary to trust their services, after the poor security practices were revealed in their 2021 data breach. The company has since promised to do better. You can read the original article, but here are the main highlights:

    • Windscribe left its VPN servers in Ukraine unencrypted and unsecured.
    • When Ukrainian authorities seized the servers, they also obtained Windscribe’s private key.
    • With the private key, Ukrainian officials could decrypt traffic and spy on Windscribe users.
    • Windscribe admitted that it does not follow “industry best practices” with its server network, but promised to change.
    • Windscribe is in the process of upgrading server security and hopefully undergoing a security audit.

    Based on data collected, when you are using Windscribe VPN you are predominantly using Quadranet, CDNext, Global Secure Layer, CDN77, or M247 servers.

    Global Coverage

    Windscribe showcases an impressive degree of geographic diversity in its server locations. It has a presence in 59 countries across multiple continents including North America, South America, Europe, Africa, Asia, and Oceania. This comprehensive global coverage provides users with extensive options for regional access and optimizes connection speeds. Key locations such as the United States, Canada, the United Kingdom, Australia, and the Netherlands host a significant number of servers, ensuring a robust and reliable service. Windscribe’s commitment to geographic diversity is also demonstrated by their notable presence in emerging markets. Given this extensive geographic spread, Windscribe earns an impressive score on our Global Coverage Index, receiving an 85 out of 100.

    WeVPN users acquired by Windscribe

    In 2023 VPN service provider WeVPN announced that it is shutting down due to unforeseen financial difficulties. In a statement, the company assured its customers that those with active subscriptions will be able to use Windscribe for the remaining duration of their subscription free of charge. Windscribe has agreed to offer free accounts to WeVPN users, which will provide them access to Windscribe’s network of servers, robust security features, and customer support.

    However, many are skeptical of this offer, as it appears to be a backdoor deal, and there is a lack of transparency regarding the relationship between the two companies. Windscribe and WeVPN have confirmed that Windscribe did not acquire WeVPN, but rather, it is a gesture of goodwill by Windscribe’s founder, Yegor. The company will cover WeVPN accounts for three months up to two years, but those who purchased their subscriptions from specific promotions such as lifetime deals will not be covered. Despite this offer, customers are disappointed by the lack of compensation from WeVPN and the lack of transparency regarding the closure.

    It’s super weird that they’ve removed theWeVPN founder’s and CEO information from the site, and there is so little information about them on the Internet. Specially when WeVPN founder claims to “have been running” Private Internet Access for years, and there’s a blog post saying that he used to be the President for PIA, and some other press releases saying he was the CEO.

    The cache for their “about us” section [0]:

      Jonathan Roudier
      Founder
      
      VPN Experience: 8 years
      
      Jon has nearly a decade of working in the VPN industry originally in Marketing and later in leadership and senior management. With his years of insight and customer knowledge gained from running Private Internet Access®, one of the world's biggest VPN providers, Jon decided to build his own VPN to ensure that the moral and ethics which he holds true are upheld and to provide an industry leader in transparency and accountability. Outside of WeVPN, He enjoys spending time at the gym and watching movies.
    

    Press release in PIA’s blog for when they bought Cypherpunk VPN [1]:

      Private Internet Access President Jon Roudier
    

    Press release announcing CES sponsor [2]:

      Jonathan Roudier, CEO of PIA, said “We, at Private Internet Access, are so thrilled..."

    0: https://webcache.googleusercontent.com/search?q=cache:LVfIvHK77E4J:https://wevpn.com/about-us&cd=2&hl=es&ct=clnk&gl=es
    1: https://www.privateinternetaccess.com/blog/private-internet-access-london-trust-media-acquired-cypherpunk-vpn/
    2: https://www.businesswire.com/news/home/20151221005130/en/Private-Internet-Access-Top-Mobile-Sponsor-2016

    Windscribe pros & cons

    Pros

    • Free version with 10GB of data
    • Unlimited simultaneous connections
    • Unblocks various streaming sites
    • Supports torrenting
    • No DNS leaks
    • Highly configurable
    • Military-grade encryption
    • Lots of tunneling protocols
    • Reliable kill switch
    • Split tunneling on Android

    Cons

    • Potential speed issues
    • Not that many servers
    • WireGuard only on Android
    • No independent audit
    • Has had at least 2 unencrypted servers in Ukraine
    • Based in a 5-Eyes country
  • Surfshark

    Surfshark

    Surfshark VPN is one of the most popular VPN services in 2022. Its competitive price and unlimited simultaneous connections make it a very attractive VPN option for all kinds of users. But does this VPN live up to give the actual value for money that it claims? Surfshark also offers thousands of servers worldwide, excellent connection speeds, and next-gen AES encryption. However, users have been questioning its jurisdiction and whether it’s as private as showcased.

    Surfshark offers some really useful features like SmartDNS, the fast WireGuard protocol, P2P-optimized servers, and provides a selection of easy-to-use intuitive apps and platforms.

    So, when you’re connected to Surfshark – who’s servers are you really using? After completing my testing I have concluded that Surfshark uses 20% their own servers, 17% CDNext, 17% M247, 14% CDN77, 13% Host Royale, and the remaining few are Host Universal, Clouvider, and Hydra Communications.

    Surfshark Network Overview

  • ExpressVPN

    ExpressVPN

    ExpressVPN was launched in 2009 by serial entrepreneurs Peter Burchhardt and Dan Pomerantz. From its inception, ExpressVPN’s commitment to privacy and security would be called in to question as several unsettling events unfolded. The service would eventually be acquired by Kape Industries (see more below) for just shy of 1 billion dollars. You have to ask yourself – what kind of company has that kind of cash sitting around, and how do they earn it? Certainly no humble privacy thinktank or nonprofit.

    Contents

    The notoriety of ExpressVPN began to gain prominence in 2016, when Turkish authorities confiscated one of its servers. The device was believed to be implicated in the erasure of evidence linked to the assassination of the Russian ambassador to Turkey.

    The spotlight shone on ExpressVPN again in 2021, but this time due to a change in its corporate structure. The VPN provider was acquired by Kape Technologies, an Israeli company with a concerning history of generating malware and adware. The implications of this acquisition remain debatable, especially considering the parent company’s questionable past activities.

    The plot thickened in the same year when Daniel Gericke, ExpressVPN’s Chief Information Officer, admitted to participating in Project Raven. In this scheme, he helped the UAE spy on American dissidents and journalists, a revelation that raised alarm bells among privacy advocates. It was discovered by Reuters that some of those individuals were later tortured by the UAE.

    ExpressVPN Privacy Policy

    When evaluating ExpressVPN’s privacy policy, there is one interesting bit that stands out:

    Legal. Your Personal Data is controlled by and stored under ExpressVPN, and not by its ultimate holding company, Kape Technologies PLC (UK) or other related entities. Express Technologies Ltd. operates under BVI jurisdiction, in accordance with BVI laws (pursuant to Section 16 of the Terms). Consequently, any demand via legal means for Personal Data (or other types of data) is subject to BVI jurisdiction and laws. We fight vigorously to defend our rights (and those of our users) if an attempt is made to bypass the privacy protections provided for by the BVI. A parent, subsidiary, or related entity cannot be compelled to, nor would it voluntarily, provide Personal Data stored by Express Technologies Ltd.

    Let’s translate this from legalese and break it down. What that essentially means is that if a law enforcement agency from outside the British Virgin Islands, such as an American agency, wants access to your account information, the request would be assessed under BVI legal standards. This does not mean gaining access to your account information is not impossible, just more difficult.

    If a U.S. law enforcement agency contacted ExpressVPN for your account information, several scenarios could unfold:

    1. Mutual Legal Assistance Treaty (MLAT): The agency might go through an MLAT or other formal channels to request assistance from BVI authorities. If BVI authorities deem the request valid under BVI law, they might compel ExpressVPN to comply.
    2. Direct Request Refusal: If the U.S. agency approached ExpressVPN directly, the company might refuse the request based on BVI jurisdiction unless ordered by BVI courts to comply.
    3. Challenge and Defense: ExpressVPN indicates it would fight vigorously to defend its rights and the rights of its users against attempts to bypass BVI privacy protections. While highly unlikely, this could involve legal battles where the legitimacy of the request would be tested against BVI privacy laws.

    The more heinous your offense was, the more likely the British Virgin Islands are to cooperate with the United States.

    App Telemetry

    When evaluating a company’s commitment to privacy, one of the best representations is what data or telemetry is collected while you are using their app. It’s kind of like if you were to find out a guest went through your medicine cabinet while using your bathroom. I do applaud ExpressVPN for immediately asking whether you would like to participate in sending usage analytics – most apps leave that option buried in the settings.

    However, despite turning this setting off, the iOS App Privacy Report tells an interesting story. The most contacted domains are all related to analytics and marketing:

    • app-measurement.com
    • firebaselogging-pa.googleapis.com
    • googleadservices.com
    • adservice.google.com
    • app.usercentrics.eu
    • fonts.googleapis.com
    • googleads.g.doubleclick.net
    • app.launchdarkly.com
    • sdk.iad-05.braze.com

    Collectively, these instances draw attention to ExpressVPN’s tangled engagement with privacy, power, and politics. They suggest a need for more in-depth investigations and disclosures to make informed decisions about the use of such services. Evaluating any VPN service is no longer just about comparing features and prices; it also entails a keen understanding of the company’s ethics, allegiances, and accountability. It’s clear that trust and transparency are vital in the digital age, but the story of ExpressVPN reminds us that these values are often harder to find than we’d like.

    Can you safely torrent with ExpressVPN?

    In section 7 Acceptable Use Policy of the ExpressVPN Terms of Service it clearly states that you are not to upload, download, or distribute material that is copyrighted, and that they will terminate your account after repeated violations. That is not to say that ExpressVPN actively monitors for BitTorrent usage – it simply means if your account is flagged multiple times for DMCA violations they will terminate your account in order to remain legally compliant. That being said, quite often once an IP address is verified to be from a VPN the group representing the intellectual property holders will not bother to submit the DMCA notice, but your mileage may vary.

    What services are available while using ExpressVPN?

    ServiceBlocked / Restricted
    Amazon PrimeAccessible; non-US IPs blocked
    NetflixAccessible
    SpotifyAccessible
    PandoraAccessible
    YouTube MusicAccessible
    HuluAccessible
    Disney+Accessible
    Google SearchCaptcha for non-US IPs
    ChatGPTAccessible
    YouTubeAccessible

    It’s also worth discussing ExpressVPN’s questionable advice regarding browser choice. Their marketing team has recommended the Chrome browser to its users, a decision that stands in stark contrast to their ostensible privacy-focused ethos. Chrome, as is well known, is a product of Google, a company with a prominent role in the realm of data collection and targeted advertising. Recommending a browser that has been at the center of various privacy controversies suggests a surprising disconnect from the fundamental principles of data protection. This discrepancy between ExpressVPN’s supposed commitment to privacy and its browser recommendation raises questions about the company’s understanding and prioritization of privacy issues. It serves as a sobering reminder that companies may not always act in the best interest of users when it comes to safeguarding digital rights and freedom.

    Kape Industries

    In our original article, we highlighted the evolution of Kape Technologies, formerly known as Crossrider. Initially, Crossrider was involved in the production of a browser development platform that was unfortunately exploited by third parties to distribute malware onto devices. However, in 2016, Crossrider decided to shut down its development platform. Subsequently, the company underwent a significant transformation, acquiring various VPNs starting in 2017 and ultimately rebranding as Kape Technologies in 2018.

    Under the umbrella of Kape Technologies, several notable VPN services are now owned, including CyberGhost, Private Internet Access, ZenMate VPN, and recently, ExpressVPN. It is worth noting that Kape Technologies also runs VPN “review” websites, which curiously rank its own VPN services in top positions. This arrangement raises questions about the impartiality and objectivity of these rankings.

    Despite the acquisition, ExpressVPN seems to be operating independently for the time being. However, the long-term impact of the ownership change remains uncertain. It will be interesting to see how ExpressVPN develops under the ownership of Kape Technologies. In our latest round of tests, ExpressVPN has performed well, surpassing its performance from the previous year. We will closely monitor the situation and update our ExpressVPN review accordingly to provide accurate observations and insights to our readers.

    ExpressVPN’s ‘No Logs’ Policy Put to the Test

    In December 2017, Turkish authorities seized an ExpressVPN server in an attempt to obtain customer data. However, the authorities were unable to find any logs on the server, as ExpressVPN does not keep any logs of its users’ activity.

    This incident demonstrates the strength of ExpressVPN’s ‘No Logs’ policy. Even when authorities seized a server, they were unable to obtain any user data. This is because ExpressVPN does not store any logs of its users’ activity, including their IP addresses, browsing history, or connection times.

    ExpressVPN is one of the few VPN providers that can make this claim. Many other VPN providers claim to have a ‘No Logs’ policy, but they have been caught logging user data in the past. This makes ExpressVPN a more trustworthy option for users who are concerned about their privacy.

    See Also

  • ProtonVPN

    ProtonVPN

    ProtonVPN is a virtual private network (VPN) service provided by Proton Technologies AG, the company behind the email service ProtonMail. ProtonVPN was created to provide a secure, private, and censorship-free internet connection to people all over the world. It encrypts your internet connection and hides your IP address, making it difficult for hackers, ISPs, and governments to track your online activity. ProtonVPN is available on various platforms, including Windows, macOS, Linux, Android, and iOS. It offers a variety of subscription plans to suit different needs, including a free plan with limited features.

    What services are available when you’re connected to ProtonVPN?

    Nothing is more frustrating than connecting to your VPN, heading over to your favorite streaming service… Only to find out your connection is blocked. Unfortunately, it’s a never ending cat and mouse game. We decided to test our experience using ProtonVPN servers based in the United States as well as a few random foreign countries. Note: Registering an account while connected to a VPN may be blocked entirely, the tests below reflect establish a connection from an account that’s already logged in (to simulate someone traveling).

    ServiceBlocked / Restricted
    Amazon PrimeLimited; some IP ranges are blocked
    NetflixAccessible
    SpotifyAccessible
    PandoraLimited; some IP ranges are blocked
    YouTube MusicAccessible
    HuluAccessible
    Disney+Accessible
    Google SearchMay encounter CAPTCHA
    ChatGPTLimited; some IP ranges are blocked
    YouTubeAccessible

    When you are connected to ProtonVPN, who’s servers are you really using? I tested over 50 ProtonVPN servers and found that 36% use M247, 27% use Datacamp Limited, 10% use Datacamp Limited UK, 8% use Estnoc Global, 5% use FDC Servers, 5% use GSL Networks, and the remaining servers use Packet Exchange, and Intergrid. In a recent AMA on reddit, ProtonVPN stated the reason they utilize M247 so heavily is due to cost efficiency and being able to support the freemium model:

    Comment
    byu/protonvpn from discussion
    inIAmA

    ProtonVPN Network Overview

    Stealth Protocol vs WireGuard

    WireGuard and ProtonVPN’s Stealth protocol are both designed to provide security for internet users, but they have different features and levels of security.

    In terms of security, WireGuard uses the latest encryption standards, including the ChaCha20 encryption algorithm and the Poly1305 message authentication code (MAC). These encryption standards are considered to be highly secure and provide a high level of protection for users’ online activities.

    ProtonVPN’s Stealth protocol, on the other hand, uses the Secure Sockets Layer (SSL) encryption, which is commonly used to secure connections to websites. It also uses obfuscation techniques to make it appear as if you are accessing a secured website, rather than connecting to a VPN server. This makes it difficult for firewalls and censorship systems to detect and block your VPN connection.

    In terms of performance, WireGuard is generally faster than ProtonVPN’s Stealth protocol, as the latter adds an extra layer of encryption and obfuscation that can slow down the connection.

    In conclusion, both WireGuard and ProtonVPN’s Stealth protocol provide a high level of security, but they approach security in different ways. WireGuard focuses on fast and efficient encryption, while ProtonVPN’s Stealth VPN provides an extra layer of obfuscation to help users bypass firewalls and censorship systems. The choice between the two will depend on the specific security needs and requirements of the user.

    Audits

    ProtonVPN has undergone several independent audits to verify the security and privacy of its service. In 2018, ProtonVPN commissioned Cure53, a leading cybersecurity firm based in Berlin, Germany, to perform a security audit of its infrastructure and client software. The audit found that ProtonVPN’s security practices were in line with industry standards, and it did not identify any major security vulnerabilities.

    In 2020, ProtonVPN commissioned the independent cybersecurity firm X41 D-Sec to perform a comprehensive security assessment of its infrastructure and client software. The assessment found that ProtonVPN’s security practices were “exemplary” and that the company had “a clear commitment to the security and privacy of their users.”

    ProtonVPN has also undergone a transparency report audit by the firm KPMG, which verified that the company does not collect or store any personal information or metadata about its users.

    Overall, the independent audits of ProtonVPN have found that the service is secure and privacy-protective.

    Related Posts

  • CyberGhost VPN

    CyberGhost VPN

    CyberGhost VPN was founded in 2011 in Bucharest, Romania, and initially began as a free VPN service. By the following year, it had gathered around 1.7 million users​. In 2017, a notable change occurred when Kape Technologies (then known as Crossrider) acquired CyberGhost VPN. This acquisition brought about concerns among observers due to Crossrider’s background as an ad-tech firm known for concealing spyware within its apps, which seemed to present a conflict of interest given CyberGhost’s focus on privacy. However, these concerns were largely allayed as Crossrider rebranded to Kape Technologies and positioned itself as a “privacy-first digital security software provider.” Following this, Kape Technologies went on to acquire other well-known VPN brands such as ExpressVPN and Private Internet Access, though these continue to operate independently. As of 2023, CyberGhost VPN has grown significantly with around 38 million users, making it one of the more popular VPNs available​.

    The company faced a minor hiccup in 2020 when a breach involving Typeform affected around 120 of its users. However, no evidence has emerged to suggest improper use of subscriber data by Kape, its subsidiaries, or any third parties. Despite past skepticism due to its history, CyberGhost VPN has maintained a strong reputation for privacy, continuing to provide valued services to its global user base​.

    Can I torrent with CyberGhost?

    One of the most popular reasons why people use VPNs is to encrypt their traffic and mask their IP while using P2P or BitTorrent services. CyberGhost even offers P2P servers to enhance your experience. However, right in section 8 of their Terms of Service is this alarming statement:

    We reserve the right to take appropriate measures when CyberGhost Products are being used contrary to these Terms and applicable laws, including cooperating with public or private authorities as provided by law.

    The “terms and applicable laws” are so broad that it essentially means anything illegal based on your local laws, wherever you may be. For DMCA violations generally they will just terminate your account and offer no refund. That being said, intellectual property companies rarely bother to file DMCA complaints for IPs associated with VPNs, especially when that company is registered outside of the United States.

    What services are accessible when connected to CyberGhost?

    ServiceBlocked / Restricted
    Amazon PrimeAccessible for browsing; streaming blocked
    NetflixAccessible for browsing; streaming blocked
    SpotifyAccessible; CAPTCHA during registration
    PandoraAccessible
    YouTube MusicAccessible
    HuluAccessible
    Disney+Accessible; no restrictions
    Google SearchCaptcha
    ChatGPTSome IPs blocked
    YouTubeAccessible

    Data collection

    Like almost every VPN, CyberGhost does collect some maintenance-related data, but it claims to not log your server location choices, your total amount of data transferred nor your connection timestamps. As with any VPN, it’s nearly impossible to independently verify the company’s no-logs claim. Even so, CyberGhost does log certain user hardware data in what is likely a bid to enforce the company’s limit of seven simultaneous connections per account. 

    According to the spokesperson CNET spoke to in August of 2019, CyberGhost does have the ability to help law enforcement by activating a limited user-tracking feature.  

    “The only way to do it is if that user is still in the system and if the law enforcement knows the IP and could provide also a warrant to track that IP,” the spokesperson said. “We can activate a special feature like a logging feature for that IP, but we have that ability to prevent malicious actions when using our service. But only if that user is still active and we have proof of what exactly is wrong, what IP he is using, and so on. So we’ve got to bring that in order to activate that, to be sure we don’t activate it on a regular user. Otherwise, we can not help any law enforcement company.” 

    In 2016, however, CyberGhost was called to the carpet by ProPrivacy when the company was discovered to be quietly requesting potentially dangerous, root-level access to customers’ computers — a function the software hasn’t included for about three years now. The service was also caught logging the unique identifiers of each of its user’s computers. Similarly, other reviewers have also expressed wariness after CyberGhost appeared to remove some threads from its forum which may have detailed a critical 2016 malfunction and potentially revealed log-keeping practices within its free proxy service.

    Speaking of revelations, in March 2019, CyberGhost took a small hit when the customer-survey company it contracted, Typeform, was breached. The company said 120 email addresses and 14 CyberGhost usernames — but no passwords — were included in the two forms involved in the compromised data. 

    The bigger concern for me is that CyberGhost still uses a method of ad-blocking that’s considered at best ineffective and at worst insecure. Most VPNs block ads by filtering out requests from websites identified as suspicious. Not CyberGhost. The company instead uses a method which inspects and modifies — rather than filters out — those requests. The method is twice as risky and only half effective since it only works on sites with an HTTP URL and not those with HTTPS. 

    CNET asked Beyel in June this year about this method of ad-blocking and the criticism it’s received. 

    “We know this is not very effective. That’s why we’re already working on a better solution which is working on the process,” he said. “We need to completely move this kind of technology on the client side because in the browser you can, of course, do that.” 

    In its suite of features, however, CyberGhost does offer an option (enabled by default in its MacOS client) which forces your browser to redirect away from sites not secured by HTTPS. 

    Beyel also said that CyberGhost will be releasing a new suite of privacy modules in the coming weeks which go beyond its VPN to include tools for optimizing your computer and preventing vulnerable apps from affecting your privacy.[2]

    See also:

  • TunnelBear

    TunnelBear

    TunnelBear is a virtual private network (VPN) service that is known for its user-friendly interface and its commitment to privacy and security. The company was founded in 2011 and is headquartered in Toronto, Canada.

    TunnelBear offers a range of VPN services that are designed to protect users’ online privacy and security by encrypting their internet connection and hiding their IP address. The company’s VPN services are available for a variety of devices, including computers, smartphones, and tablets, and are suitable for both personal and business use.

    TunnelBear is known for its easy-to-use VPN software, which is available for a variety of platforms, including Windows, Mac, iOS, and Android. The software is designed to be user-friendly, with a simple interface and clear instructions for connecting to the VPN.

    In addition to its VPN services, TunnelBear is also known for its commitment to privacy and security. The company has a strict no-logs policy, which means that it does not keep any records of users’ online activities. TunnelBear is also independently audited to ensure that it is in compliance with its privacy and security policies.

    Overall, TunnelBear is a well-respected and trusted VPN service that is known for its user-friendly interface and its commitment to privacy and security.

  • TorGuard

    TorGuard

    TorGuard is a virtual private network (VPN) service that encrypts internet traffic and helps to secure online activity. It is designed to protect privacy and increase security, and is often used to bypass internet censorship and access blocked content. TorGuard is based in the United States and was founded in 2012. In addition to its VPN service, the company also offers proxy services and anonymous email. TorGuard claims to have servers in over 50 countries and to support a wide range of devices and platforms, including Windows, Mac, Linux, iOS, Android, and routers.

    According to TorGuard’s website and privacy policy, the company does not keep logs of its users’ online activity or IP addresses. TorGuard states that it has a strict no-log policy, which means that it does not collect or store any information about its users’ online activity or IP addresses. This is intended to protect the privacy and security of TorGuard’s users. It’s worth noting that VPNs can be subject to government and law enforcement requests for user data, and a VPN company’s no-log policy may not necessarily protect users in all cases. However, in the absence of any logs, a VPN company like TorGuard would not have any information to provide to third parties if requested.

    Network Overview

    2019 Security Incident

    According to a report by PCMag, NordVPN and TorGuard were hit by hacks involving insecure servers. The server did not contain user activity logs, but the hacker stole a Transport Layer Security key, which temporarily opened the door for a ‘man in the middle’ attack. The hackers may have also gained root access to the server, enabling them to potentially view and modify VPN traffic. NordVPN says that the attacker was able to nab the Transport Layer Security key that is used to verify that a site is actually run by NordVPN. TorGuard said that it manages its certificate authority and keys in-house and that its VPN or proxy traffic was not compromised during an isolated breach of a single VPN server and no sensitive information was compromised during this incident.

    Global Coverage

    TorGuard’s VPN service demonstrates a measure of global reach, with servers located in 34 countries. However, the number of servers per location is relatively modest, leading to less robust representation in each of the countries. The most prominent presence is in the United States, with 54 servers, which, although beneficial for users specifically seeking connections within this region, may not provide the most comprehensive access or optimal speeds for users desiring connections in other areas.

    Upon applying the Global Diversity Index (GDI) – a scoring system designed to assess the geographical spread of VPN server locations – TorGuard achieves a score of 45 out of 100. This rating is influenced by the geographic diversity of server locations, the number of servers within these locations, and the global coverage of the service.

    In constructing the GDI, several key factors are taken into account. The breadth of geographic representation is vital – providers with a greater number of countries covered generally score higher. The quantity of servers within each country is another crucial element, as a higher server count often equates to increased connection stability and potentially faster speeds. Furthermore, we consider the presence in regions typically underrepresented in VPN services, such as Africa and South America, as indicative of truly global coverage.

    Thus, while TorGuard demonstrates a degree of global presence, the relative scarcity of servers within each location impacts its overall GDI score. It’s essential to reiterate, however, that the GDI score represents just one dimension of evaluating a VPN service, and users should also consider factors such as privacy policies, speed, security features, and customer support in making their choice.