- cross-posted to:
- technology@lemmy.world
- cross-posted to:
- technology@lemmy.world
After making a post about comparing VPN providers, I received a lot of requested feedback. I’ve implemented most of the ideas I received.
Providers
- AirVPN
- IVPN
- Mozilla VPN
- Mullvad VPN
- NordVPN
- NymVPN
- Private Internet Access (abbreviated PIA)
- Proton VPN
- Surfshark VPN
- Tor (technically not a VPN)
- Windscribe
Notes
- I’m human. I make mistakes. I made multiple mistakes in my last post, and there may be some here. I’ve tried my best.
- Pricing is sometimes weird. For example, a 1 year plan for Private Internet Access is 37.19€ first year and then auto-renews annually at 46.73€. By the way, they misspelled “annually”. AirVPN has a 3 day pricing plan. For the instances when pricing is weird, I did what I felt was best on a case-by-case basis.
- Tor is not a VPN, but there are multiple apps that allow you to use it like a VPN. They’ve released an official Tor VPN app for Android, and there is a verified Flatpak called Carburetor which you can use to use Tor like a VPN on secureblue (Linux). It’s not unreasonable to add this to the list.
- Some projects use different licenses for different platforms. For example, NordVPN has an open source Linux client. However, to call NordVPN open source would be like calling a meat sandwich vegan because the bread is vegan.
- The age of a VPN isn’t a good indicator of how secure it is. There could be a trustworthy VPN that’s been around for 10 years but uses insecure, outdated code, and a new VPN that’s been around for 10 days but uses up-to-date, modern code.
- Some VPNs, like Surfshark VPN, operate in multiple countries. Legality may vary.
- All of the VPNs claim a “no log” policy, but there’s some I trust more than others to actually uphold that.
- Tor is special in the port forwarding category, because it depends on what you’re using port forwarding for. In some cases, Tor doesn’t need port forwarding.
- Tor technically doesn’t have a WireGuard profile, but you could (probably?) create one.
Takeaways
- If you don’t mind the speed cost, Tor is a really good option to protect your IP address.
- If you’re on a budget, NymVPN, Private Internet Access, and Surfshark VPN are generally the cheapest. If you’re paying month-by-month, Mullvad VPN still can’t be beat.
- If you want VPNs that go out of their way to collect as little information as possible, IVPN, Mullvad VPN, and NymVPN don’t require any personal information to use. And Tor, of course.
ODS file: https://files.catbox.moe/cly0o6.ods
You must log in or register to comment.
@Charger8232 as a NymVPN user I would add that I got 2 years of service paying in crypto for $50
Also this post is from Lemmy, so I retooted a Lemmy postIt is a bit sad and unexpected that AirVPN has not been audited…
It’s not entirely a big deal to me.
I think I agree with the staff reply on this thread: https://airvpn.org/forums/topic/56799-audits/
Our software is free and open source, while we repute at the moment not acceptable to provide external companies with root access to our servers to perform audits which can not anyway guarantee future avoidance of traffic logging or transmission to third parties. On the contrary, we deem very useful anything related to penetration tests. Such tests are frequently performed by independent researchers and bounty hunters and we also have a bounty program.
Would be nice to include boycat vpn
Since you do not seem to list self-hosting options, e.g. WireGuard or OpenVPN, then IMHO it’d be good to at least have a line on each about what’s the actual backend, e.g. does service X runs on WireGuard, OpenVPN, something else, something proprietary that has been audited by 3rd party if so whom and when.
Edit: suggested self-hosting (but not at home) WireGuard in the previous thread https://lemmy.ml/post/37270537/21536054
Mullvad also ran some pretty quirky ads on our public transit. I hadn’t been that familiar with them, but it did heighten my awareness, and they seem pretty fine.
OP this is a big improvement from your previous post. It’s an excellent starting point for folks who are looking to start using a VPN. There’s a lot of constructive criticism in here, which is good, but might be discouraging. Just know that this is already very useful for many people.
Tor isn’t a VPN. It’s a proxy.
PIA isnt independent, its by a Israeli spyware company, that owns multiple VPN Review sites and VPN services . Remove it from the list.
No, don’t rrmove it from the list. Make a note acknowledging the issue so others see it
Whoa for real??
Yes. The owner/developer is Kape technologies, an Israeli spyware/adware company.
For maximum privacy, I recommend VPN providers with a jurisdiction outside of Five Eyes and other international intelligence-sharing agreements – that is, one headquartered outside of the US, UK, Australia, New Zealand and Canada. So it initially seems like a positive sign that, while CyberGhost has offices in Germany, it’s headquartered in Romania. German entrepreneur Robert Knapp says he founded the $114,000 startup on the back of low-wage Bucharest labor before flipping it for $10.5 million in 2017.
The issue is who he sold it to – the notorious creator of some pernicious data-huffing ad-ware, Crossrider. The UK-based company was cofounded by an ex-Israeli surveillance agent and a billionaire previously convicted of insider trading who was later named in the Panama Papers. It produced software which previously allowed third-party developers to hijack users’ browsers via malware injection, redirect traffic to advertisers and slurp up private data.
Crossrider was so successful it ultimately drew the gaze of Google and UC Berkeley, which identified the company in a damning 2015 study. (You can read the Web Archive version of that document.)
This practice, commonly called traffic manipulation, is condemned web-wide. And the only difference between it and one of the oldest forms of cyberattack, called man-in-the-middle (MitM), is that you clicked “agree” on the terms and conditions.
Whether or not PIA or ExpressVPN or the other providers owned by Kape fulfill this data scraping and ad-serving pipeline in my mind is irrelevant. Choosing to do business with them rewards bad actors when there are other VPN sellers who don’t have such a tainted lineage.
For anyone who considers getting the tor vpn android app “Tor VPN is beta software. Do not rely on it for anything other than testing. It may leak information and should not be relied on for anything sensitive” (it is a disclaimer from their website)
Thank you for adding the created date column and making sweden green
Why isn’t F-Droid included in the Availability section?
Could be wrong but I think it’s due to the security vulnerabilities present, its generally better to just use Google play store with an anonymous account.
Na… The likelyhood of installing some bad or fake app from google play store is much higher than on fdroid.
i think the security issues are not about fake apps, but about fdroid signing the builds themself, while their build infrastrcuture is described as insecure
The issue there AFAIK is that some app builds aren’t fully reproducible, because if they were the developer signature would still apply and be used. In the reproducible case the security of the build infra wouldn’t matter, because the same app would be produced the same regardless were they are build.
Without reproducible builds, you cannot really trust the software anyway, because the Dev could hook some hidden code only for the released binary app and sign that.
uhm no not really? I mean reproducible builds are used to cross verfiy that it is the same binary in this case, but like android has no mechanism to do that, this is not how it works.
that a build should be reproducible is more about your second point and doesnt really have anything to do with fdroid, as far as i know
Edit: these links should explain it all: https://discuss.grapheneos.org/d/21675-fdroid-security/2
Once it passes inspection, the F-Droid build service compiles and packages the app to make it ready for distribution. The package is then signed either with F-Droid’s cryptographic key, or, if the build is reproducible, enables distribution using the original developer’s private key. In this way, users can trust that any app distributed through F-Droid is the one that was built from the specified source code and has not been tampered with.
https://f-droid.org/en/2025/09/29/google-developer-registration-decree.html
I see that Windscribe was included. Their price tier is always in promotion so I’d take that in consideration.
Also, they have app for Linux: https://windscribe.com/features/linux/
It is not in Electron like many others. It is native Linux.
Maybe a field for number of servers currently?
5·1 day agoC tor/little-t-tor/etc. is licensed under the “3-clause BSD” license
Tor technically doesn’t have a WireGuard profile, but you could (probably?) create one
I dont know a lot about wireguard, but of the cuff answer would be no.
Yeah you can’t, tor is a completely different protocol and the only way to use tor with a wireguard client is with a server in the middle that routes the internal wireguard traffic into tor.
I think it’s worth noting NYMVpn uses a quite advanced mixnet for security which is different from other VPNs and theoretically more secure than even TOR. I say theoretically because it hasn’t yet been proven with large scale use.
Is it worth stating which companies own which vpns? I saw a TIL that mentions a select few companies own most VPNs
I’m on ProtonVPN because it’s ran by CERN people, so definitely an important information IMO.
Their CEO is a Trump supporter
Show me where he endorses Trump.
Oh, you can’t? But you read it on Facebook or something so it must be true?
Common, show me your information.
This is bullshit based on some old tweet Andy Yen did about trump doing good going against big tech. You can read about it here or search for it elsewhere.
It always comes out when someone says something nice about ProtonVPN, who have an amazing track record IMO.
That write up does seem to ignore the doubling down here:
https://lemmy.ca/comment/13913116
Calling out that JD Vance was the only one to answer is pretty troubling to me after reading about some of his new-right ties. It’s way, way too close for my liking to a mouse telling everyone that will listen that the cat was amazing for inviting him and all his friends to his house in a week. ie. Playing into what just seems like an obvious strategy.
That said, I’m pretty ignorant about the CEO. I just remembered this lemmy comment and I didn’t notice it included in the write up that was being linked.
Ok, just read the artlce cited on wikipedia and it sounds like calling him a Trump supporter is a bit of an exaggeration. He seems basically centrist. Which is not great but not nearly as bad.
he seems like a moron if he thinks republicans are going to “tackle big tech abuses” before democrats will.
Thank you!
And sorry if I came around a bit agressively. Kudos to you for checking the link and updating your view.
A company’s CEO gets to determine the path their company takes and the tweet is indicative of where he plans to steer proton.
Stop spreading this bs because this is not what’s happening.
In steins;gate, cern is evil…
Yes but that book sucks ass
who do you make of proton’s support for trump?
They are not, see my response below.
do you use windows? what do you make of microsoft’s support for trump? what mobile phone do you use, because both of them support trump.
I do not use Windows and I do everything in my power to use non American phones.
The difference is that proton’s founder voiced support whereas Microsoft has always had a relationship w my govt and it’s dragnet for the Gazan genocide is quiet.
so it’s OK because they’re quietly nazis?
