There are so many VPNs in the market right now. But, choosing the right one can be risky. VPN software are becoming popular among the netizens due to the advantages they provide. Online anonymity is a good way to protect your personal and financial data.
There are so many security products are out there and the producers of those security products are not always delivering the performance and features that they like to boast about. This is why it is always risky to promote a product without knowing much about its performance and deliverance of the promised features. Promoting a flawed product risks not only your reputation but also the privacy and financial safety of the people who are using those products.
To review these VPN products, we have to consider several fronts in the same time.
Security, performance, features and product reviews released by independent cyber security labs.
Firstly, we have to find out what sort of features makes a product perfect.
VPN services are usually provided as subscription packages. The price and the features attached to these services can be different from other service providers and their packages. So, when we review the VPN services, we will always note down the information regarding the package and the price tag attached to it.
VPN features to look out for
There are more and more VPN software popping up with every passing month, this is why companies are including more and more features to keep up with the competition. We try to note down every feature as much as we could, because certain features can make a product stand out among the crowd.
The number of devices that could be connected simultaneously to the VPN can vary from the package basis or by the product basis. This is a very important point to get a measurement of value and a point we like to report.
1. Ability to bypass censorship
Some countries are controlled by governments that have chosen to restrict information and apply sever punishment upon people who are violating those rules. VPN software are far more valuable to people who are living and working in countries like this. We believe that experienced VPN providers can bypass restrictions to evade censorship without putting the users in legal trouble. My understanding regarding this is that connecting to a server within a country will not always deceive government-imposed censorship. It would rather provide privacy and security to some extent.
The technology behind VPN software is actually very mature. It has evolved heavily in the past decade or two. VPN is not based on some static technology either. There are many ways to establish a VPN service, whether you like to believe it or not. However, not all of them offer the same level of performance or protection.
Like many other fields in the software industry, there are open source protocols as well as proprietary protocols.
One of the most famous protocols is OpenVPN. The OpenVPN is an open-source protocol and it was developed and updated by volunteer cybersecurity and programming experts, making it quicker to find and fix potential issues and vulnerabilities rather than relying solely on a limited technical support group.
OpenVPN also has a reputation among the professionals for providing more reliable and secure connection while maintaining higher speed. OpenVPN is the best performing protocol with fastest speed even on connections with high latency and across great distances. The encryption level is 256 bit and the port is automatic.
The OpenVPN protocol is capable of masking VPN traffic so it cannot be identified as a VPN
There are several protocols based on the OpenVPN protocol out there.
The WireGuard is a free open source communication protocol that implements VPN connection to create a secure point to point connections in either routed or bridged connections. The WireGuard VPN runs as a module inside the Linux Kernel. It is aiming to provide better performance and power saving than the aging IPsec and OpenVPN protocols.
The OpenVPN and IPsec are often considered as too complex to setup, and disconnect easily in the absence of further configuration. OpenVPN and IPsec are taking substantial time to negotiate reconnections, and are using outdated ciphers. They are also having massive code bases which makes it harder to find vulnerabilities and issues. Ars Technica reviewed WireGuard back in 2018 and found out that it had a codebase of merely 4000 lines, about 1% of the code base of OpenVPN and IPsec. The OpenVPN got 400,000 lines and the IPsec got 600,000 lines in comparison
WireGuard VPN is designed in a way to address these issues and it aims to make the tunnel more secure and easier to manage. Linux Kernel creator Linus Torvalds mentioned that WireGuard is a work of art when compared to the OpenVPN and IPsec. Ars Technica further reported that in testing, the stable tunnels were easy to create with WireGuard when compared to the alternatives. They also praised the instant reconnections.
WireGuard supports ChaCha20 encryption algorithm only.ChaCha20 is the cipher used by Google, along with Poly 1305 message encryption to ensure internet security.
Due to these reasons, we believe that the WireGuard VPN is going to become the number one in terms of security and ease of use, and will be available to the public in the future.
The IKEv2 is also favored by the professionals for providing a newer and more secure technology than the old protocols.
L2TP/IPsec is a secure protocol with 256-bit encryption. This protocol is considered as slower than the OpenVPN because of the encryption strength. Comes with built-in support most of the time.
In-House VPN protocols
Some software programs are coming with their proprietary VPN protocols. Most of these protocols are built on established tools and open-source encryption algorithms. For example, Telegram is using its own MTProto, a protocol based on 256-bit AES encryption and Diffie Helman key exchange.
3. VPN speed
VPN speed is one of the biggest concerns when it comes to choosing the correct VPN service provider for you. A VPN can increase your latency and slows down the overall internet connection. However, the experience we get while using the connection we have can be quite different to the internet experience the user may have due to network speed and network configuration. Due to this, we can only provide a comparison.
To find the fastest VPN, we use the Ookla test. The Ookla test return results for latency, upload speed, and download speed. Running the Ookla test few times without the VPN to get the average matrix and running the test with VPN on to get the median of these results to figure out any significant reductions of network speed while using a VPN service.
The performance of a VPN may depend greatly on the VPN server you are connected to. Many VPNs are providing the facility to select a specific server over and over again. The distance between your location to the server can result in slowdowns as well.
4. Privacy and Trust Policy
For example, NordVPN is based in Panama and falls under their jurisdiction and ProtonVPN is based in Switzerland. Both of these cannot retain information or handing it over to law enforcement.
5. DNS and IP leak test
We use the Ookla speed test tool to see whether the IP address and ISP identification is different from the originals when using the VPN.
The DNS Leak Test tool at dnsleaktest.com is used to check for a possible DNS leak. This test also provides a list of DNS servers are being used and by comparing the list with and without the VPN, we can notice whether there is a DNS information leak or not.
6. Support for mobile operating systems such as iOS and Android OS
In the past, you had to rely on a computer to connect to the internet, but now everything is much different. You can connect to the internet via a mobile phone or a tablet PC. Most of us prefer a mobile phone or a tab over a laptop as it is more practical with our ever-busy lifestyle. Not only mobile phones and tablet pcs are easy to manage, they are also packing almost the same amount of features as a laptop or a desktop pc. Instead of connecting your laptop to a public network, more and more people are now connecting their mobile phones and tablet PCs these days. This is why evaluation of a VPN service on a mobile platform is very important.
Most of the features offered on the mobile platforms are as same as the features offered on a desktop platform. But we will take time to explain differences here and there. The computers are usually connected to the internet via Ethernet or via Wi-Fi. We make sure that the mobile internet is turned off and the internet is provided through Wi-Fi, to reduce variables that could result in different performance results.
One of the major differences between mobile VPN software and the computer-based VPNs is the selection of protocols. Android, Linux, and Windows are more likely to get OpenVPN while iOS or macOS doesn’t. The main reason behind this is due to certain requirements enforced on the developers by Apple.
But more and more developers are trying to develop VPN apps based on OpenVPN for iOS and macOS.
Applications designed for mobile phones usually got a visual and functional level of similarity across all platforms, but are developed to incorporate with the needs and requirements of the specific OS.
7. Ad blocking, Malware blocking, and malicious URL blocking
Some VPN services provide adblocking and malware blocking facilities. The malicious URL blocking and malware blocking is are significant features that may further secure your online day to day experience. Adblocking feature is not for everyone as many do not consider it as that important.
8. Coverage for Torrents and P2P services
Downloading torrents can cause you to experience legal copyright issues, as many countries around the world are already taking measures to battle software and entertainment piracy. Downloading torrents for one reason or another is an important aspect of the online experience for many users. This is why we take extra time to notice whether the VPN services are also provided for BitTorrent or any other P2P services on its network.
9. Does this VPN support Netflix?
Streaming services like Netflix can sometimes block VPN services as it allows them to enforce more clear regional licensing agreements.
For example, Supernatural is available on Netflix for multiple years. It can be viewed from anywhere on earth as long as you got a Netflix subscription. But Star Trek Discovery is available on Netflix as long as you are watching it outside the U.S and territories. If you live in the U.S, then you must get yourself a CBS All Access pass to watch it.
This is why some people are interested in VPN services that are providing coverage for streaming services as it saves them much money in the long run and they can watch their favorite shows without worrying about the financial commitment. Due to this very reason, VPN services are being blocked by streaming services such as Netflix.
It is important to see whether the VPN services are capable of bypassing those limitations.
10. Distribution and the number of servers at your disposal.
Now, this is a significant point. Our VPN reviews include the number of servers provided by the VPN company as it directly affects the level of robustness it provides you in the long run. The more servers are available, the fewer the people who are connected to the same server, which translates into a bigger amount of bandwidth getting assigned per each person. This results in better responsiveness as well as higher speed.
It is noteworthy to mention that many VPN companies are hiring 3rd party servers or start their own new servers to meet the demand as necessary, resulting in the exact number of servers to change every now and then. It is also doesn’t make any sense for a small company with thousands of servers to get the same amount of servers available as a company with millions of subscribers. Hiring servers from a 3rd party can be troublesome when comparing to outright ownership of a server due to security concerns, but there’s no clear way of telling which is what.
Some companies try to boast about the available number of servers to prove that they got a better advantage than their rivals. To get this done, they inflate their server count by using virtual servers. A virtual server functions as a server in a given location without having to physically be in that location or region. We cannot penalize a VPN provider for relying on virtual servers as long as they provide all the features they promise to provide, but we give more preference to VPN providers that keep providing clear information on the locational availability of servers. We prefer services that keep minimum use of virtual servers that appear to be in a location other than their host machine. This is important if you are concerned about having your data in a specific region.
Countries like U.S and Britain are having millions of VPN subscribers who are trying to access the service at once. This is why there must be more and more servers in locations like this. The closer the location is the better.
Another point that we must consider thoroughly is how many different servers are available and how widespread those server locations are. Geographical diversity is very important to provide location independence and this is why we give preference to services with lots of servers in many different countries around the world.
This is very important to frequent travelers and users overseas as the closest server that they could get access to is usually faster and more reliable than a server in a faraway location.
Most of the companies offer servers in Australia, Western Europe, Eastern Europe, Canada, Middle East, Eastern Asia, China, etc.
Some VPN service providers further provide locations in Africa, South America and South Asia as well. We give preference to VPN service providers with more practical server offerings covering the entire globe.
Testing each and every connection to ensure it’s functionality is not practical as it takes a big amount of time and resources. So, we must assume the companies are honest about the server locations and availability, but server unavailability and connectivity issues are noted down if we experience them first hand.
12. Overall User Experience
There is a well-established myth, for valid reasons of course, in the cybersecurity industry that a product with a pretty interface is not good at getting the job done. Most of the experts in the field do prefer working with the command line and software with a bare minimum and less flashy user interfaces. The more utilitarian the better.
But the average user prefers a more well designed and easy to use product with a good amount of security and there’s nothing wrong with that, to be honest. A well designed easy to use product is better than an almost perfect security product that is only accessible via the command line.
When we review VPN software, we take the time to go through the setup process as well as the settings the software is providing. We take time to notice whether it is easier to do a certain task or not. It is always better to have a sense of what you are going to get and whether it is the correct software for you and that is why we want to give you some insight before you make the final decision.
Personally, we prefer a product that is easy to use in day to day life while offering a decent level of security without any performance lags, but I cannot brush away the importance of technical excellence as well.