After making a post about comparing VPN providers, I received a lot of requested feedback. I’ve implemented most of the ideas I received.
Providers
- AirVPN
- IVPN
- Mozilla VPN
- Mullvad VPN
- NordVPN
- NymVPN
- Private Internet Access (abbreviated PIA)
- Proton VPN
- Surfshark VPN
- Tor (technically not a VPN)
- Windscribe
Notes
- I’m human. I make mistakes. I made multiple mistakes in my last post, and there may be some here. I’ve tried my best.
- Pricing is sometimes weird. For example, a 1 year plan for Private Internet Access is 37.19€ first year and then auto-renews annually at 46.73€. By the way, they misspelled “annually”. AirVPN has a 3 day pricing plan. For the instances when pricing is weird, I did what I felt was best on a case-by-case basis.
- Tor is not a VPN, but there are multiple apps that allow you to use it like a VPN. They’ve released an official Tor VPN app for Android, and there is a verified Flatpak called Carburetor which you can use to use Tor like a VPN on secureblue (Linux). It’s not unreasonable to add this to the list.
- Some projects use different licenses for different platforms. For example, NordVPN has an open source Linux client. However, to call NordVPN open source would be like calling a meat sandwich vegan because the bread is vegan.
- The age of a VPN isn’t a good indicator of how secure it is. There could be a trustworthy VPN that’s been around for 10 years but uses insecure, outdated code, and a new VPN that’s been around for 10 days but uses up-to-date, modern code.
- Some VPNs, like Surfshark VPN, operate in multiple countries. Legality may vary.
- All of the VPNs claim a “no log” policy, but there’s some I trust more than others to actually uphold that.
- Tor is special in the port forwarding category, because it depends on what you’re using port forwarding for. In some cases, Tor doesn’t need port forwarding.
- Tor technically doesn’t have a WireGuard profile, but you could (probably?) create one.
Takeaways
- If you don’t mind the speed cost, Tor is a really good option to protect your IP address.
- If you’re on a budget, NymVPN, Private Internet Access, and Surfshark VPN are generally the cheapest. If you’re paying month-by-month, Mullvad VPN still can’t be beat.
- If you want VPNs that go out of their way to collect as little information as possible, IVPN, Mullvad VPN, and NymVPN don’t require any personal information to use. And Tor, of course.
ODS file: https://files.catbox.moe/cly0o6.ods
How does Obscura compare? @Charger8232@lemmy.ml They’re pretty innovative imo. Its cool that VPNs are doing new stuff, like Mullvad’s DAITA.
Why isn’t F-Droid included in the Availability section?
Could be wrong but I think it’s due to the security vulnerabilities present, its generally better to just use Google play store with an anonymous account.
All VPNs are blocked on my university’s network
I live off campus, thankfully, but it sucks that I can’t have any privacy on my laptop while on campus.
Mullvad on desktop has QUIC protocol encapsulation so that wireguard just looks like normal https traffic.
There’s also shadowsocks protocol encapsulation to look like ssh traffic. And that’s even available on mobile too.
You can set up a wireguard tunnel for yourself relatively easily, there are a ton of guides out there. Its basically a way for you to pop out elsewhere, same principle as a vpn. Most vpn providers use wireguard as a protocol.
If the VPNs are blockable and detectable just like that, they don’t really serve as good VPNs, no? Buy some cheap VPS and setup some state of the art thing like x-ray/vless - surely that would solve the problem.
PIA does not have WireGuard configs available. To get those, you have to use third-party tools to capture and generate the necessary info. Otherwise, you have to use their client, or else no WireGuard.
Users have been asking for years (since 2018, I think), and they’ve never provided them.
PIA was also purchased by the Israeli company, Kape Technologies, which is tied to Unit 8200. If your concern is privacy, I would recommend do against it.
The very first CEO of Crossrider, Koby Menachemi, happened to be once a part of Unit 8200 which is an Israeli Intelligence Unit in their military and has also been dubbed as “Israel’s NSA “.
Is this really much of an issue? They provide documentation and a repository of scripts for working with WG for instance. And I’ve been using this docker container for many years without issue.
It’s an issue for accuracy in the comparison images that were posted.
For anyone who considers getting the tor vpn android app “Tor VPN is beta software. Do not rely on it for anything other than testing. It may leak information and should not be relied on for anything sensitive” (it is a disclaimer from their website)
Thank you for adding the created date column and making sweden green
Tor isn’t a VPN. It’s a proxy.
I’ve been using one of these since forever and it just works. Should I look at the others?
I don’t want this to be a “I use x and its the best” type comment so I won’t say which one.
I only use wireguard and wouldn’t touch openvpn just because it seems so complex in comparisson.
The price is fine, the speed is fine, wireguard makes it ubiquitous, never had a problem with reliability.
If you feel one of the options offers something better than the one you currently use, you may consider switching. That’s the purpose of comparisons, after all!
that’s kind of my point though. I’ve never considered switching because what I’ve been using is fine.
Also of note, some providers have data caps. I haven’t looked at all providers, merely Nymvpn as I was interested. Turns out they have a 2TB/month cap. Might not be an issue for some, but might be for others.
4·4 days agoC tor/little-t-tor/etc. is licensed under the “3-clause BSD” license
Tor technically doesn’t have a WireGuard profile, but you could (probably?) create one
I dont know a lot about wireguard, but of the cuff answer would be no.
Since you do not seem to list self-hosting options, e.g. WireGuard or OpenVPN, then IMHO it’d be good to at least have a line on each about what’s the actual backend, e.g. does service X runs on WireGuard, OpenVPN, something else, something proprietary that has been audited by 3rd party if so whom and when.
Edit: suggested self-hosting (but not at home) WireGuard in the previous thread https://lemmy.ml/post/37270537/21536054
One thing you may want to update - listing Tor’s logging policy as “No Logs” is a bit misleading, that’s really more of a voluntary recommendation for individual Tor exit relay operators.
Tor exit relay operators absolutely can store logs of outgoing connections if they choose to. And technically they could even snoop on non-secure traffic if they choose, there’s a reason you should be using HTTPS if you’re going to use Tor for clearnet browsing.
Of course most Tor exit relay operators aren’t going to do these things but it’s all voluntary, seems incorrect to claim all exit relay operators follow no log principles.
EDIT: Also AFAIK you can’t forward a port from the clearnet through a Tor exit relay’s public IP address back to your own Tor client, Tor doesn’t do port forwarding like that. It’s definitely not needed to run Tor Browser (and Tor VPN I think) but that isn’t needed for any of the other VPNs either, a bit confusing how you listed that one.
I appreciate the attempt to quantify availability, but don’t most of these providers allow you to generate OpenVPN and Wireguard configs, which can be used practically anywhere?
Nevertheless, your work is appreciated.
I think it’s worth noting NYMVpn uses a quite advanced mixnet for security which is different from other VPNs and theoretically more secure than even TOR. I say theoretically because it hasn’t yet been proven with large scale use.
From what I know, the only free VPN worth using is Proton because they don’t keep logs on their free tier either.
