CyberGhost VPN

When you are connected to CyberGhost VPN, who’s servers are you really using? After all, you’re trusting them with potentially your life. After detailed testing, I found that CyberGhost predominantly uses PacketHub, M247, Tzulo, CDN77, and GSL Networks servers.

According to VPN Mentor, they rank CyberGhost as a safe choice — and it has a lot to offer in other respects, especially in terms of ease of use and unblocking your favorite streaming platforms (it’s ideal if you’re a VPN newbie). Plus, it offers one of the longest money-back guarantee periods of any other VPN — you get 45 days to test it out and can request a full refund within that timeframe if it’s not for you (most VPNs only offer 30-day money-back guarantees). However, I found a few areas where CyberGhost still can’t compete with other premium VPNs.^[1]

Data collection

Like almost every VPN, CyberGhost does collect some maintenance-related data, but it claims to not log your server location choices, your total amount of data transferred nor your connection timestamps. As with any VPN, it’s nearly impossible to independently verify the company’s no-logs claim. Even so, CyberGhost does log certain user hardware data in what is likely a bid to enforce the company’s limit of seven simultaneous connections per account. 

According to the spokesperson CNET spoke to in August of 2019, CyberGhost does have the ability to help law enforcement by activating a limited user-tracking feature.  

“The only way to do it is if that user is still in the system and if the law enforcement knows the IP and could provide also a warrant to track that IP,” the spokesperson said. “We can activate a special feature like a logging feature for that IP, but we have that ability to prevent malicious actions when using our service. But only if that user is still active and we have proof of what exactly is wrong, what IP he is using, and so on. So we’ve got to bring that in order to activate that, to be sure we don’t activate it on a regular user. Otherwise, we can not help any law enforcement company.” 

In 2016, however, CyberGhost was called to the carpet by ProPrivacy when the company was discovered to be quietly requesting potentially dangerous, root-level access to customers’ computers — a function the software hasn’t included for about three years now. The service was also caught logging the unique identifiers of each of its user’s computers. Similarly, other reviewers have also expressed wariness after CyberGhost appeared to remove some threads from its forum which may have detailed a critical 2016 malfunction and potentially revealed log-keeping practices within its free proxy service.

Speaking of revelations, in March 2019, CyberGhost took a small hit when the customer-survey company it contracted, Typeform, was breached. The company said 120 email addresses and 14 CyberGhost usernames — but no passwords — were included in the two forms involved in the compromised data. 

The bigger concern for me is that CyberGhost still uses a method of ad-blocking that’s considered at best ineffective and at worst insecure. Most VPNs block ads by filtering out requests from websites identified as suspicious. Not CyberGhost. The company instead uses a method which inspects and modifies — rather than filters out — those requests. The method is twice as risky and only half effective since it only works on sites with an HTTP URL and not those with HTTPS. 

CNET asked Beyel in June this year about this method of ad-blocking and the criticism it’s received. 

“We know this is not very effective. That’s why we’re already working on a better solution which is working on the process,” he said. “We need to completely move this kind of technology on the client side because in the browser you can, of course, do that.” 

In its suite of features, however, CyberGhost does offer an option (enabled by default in its MacOS client) which forces your browser to redirect away from sites not secured by HTTPS. 

Beyel also said that CyberGhost will be releasing a new suite of privacy modules in the coming weeks which go beyond its VPN to include tools for optimizing your computer and preventing vulnerable apps from affecting your privacy.^[2]