- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
After making a post about comparing VPN providers, I received a lot of requested feedback. I’ve implemented most of the ideas I received.
Providers
- AirVPN
- IVPN
- Mozilla VPN
- Mullvad VPN
- NordVPN
- NymVPN
- Private Internet Access (abbreviated PIA)
- Proton VPN
- Surfshark VPN
- Tor (technically not a VPN)
- Windscribe
Notes
- I’m human. I make mistakes. I made multiple mistakes in my last post, and there may be some here. I’ve tried my best.
- Pricing is sometimes weird. For example, a 1 year plan for Private Internet Access is 37.19€ first year and then auto-renews annually at 46.73€. By the way, they misspelled “annually”. AirVPN has a 3 day pricing plan. For the instances when pricing is weird, I did what I felt was best on a case-by-case basis.
- Tor is not a VPN, but there are multiple apps that allow you to use it like a VPN. They’ve released an official Tor VPN app for Android, and there is a verified Flatpak called Carburetor which you can use to use Tor like a VPN on secureblue (Linux). It’s not unreasonable to add this to the list.
- Some projects use different licenses for different platforms. For example, NordVPN has an open source Linux client. However, to call NordVPN open source would be like calling a meat sandwich vegan because the bread is vegan.
- The age of a VPN isn’t a good indicator of how secure it is. There could be a trustworthy VPN that’s been around for 10 years but uses insecure, outdated code, and a new VPN that’s been around for 10 days but uses up-to-date, modern code.
- Some VPNs, like Surfshark VPN, operate in multiple countries. Legality may vary.
- All of the VPNs claim a “no log” policy, but there’s some I trust more than others to actually uphold that.
- Tor is special in the port forwarding category, because it depends on what you’re using port forwarding for. In some cases, Tor doesn’t need port forwarding.
- Tor technically doesn’t have a WireGuard profile, but you could (probably?) create one.
Takeaways
- If you don’t mind the speed cost, Tor is a really good option to protect your IP address.
- If you’re on a budget, NymVPN, Private Internet Access, and Surfshark VPN are generally the cheapest. If you’re paying month-by-month, Mullvad VPN still can’t be beat.
- If you want VPNs that go out of their way to collect as little information as possible, IVPN, Mullvad VPN, and NymVPN don’t require any personal information to use. And Tor, of course.
ODS file: https://files.catbox.moe/cly0o6.ods
You must log in or # to comment.
Thanks so much! I am looking for a new one because my current one is expensive and of questionable ownership haha.
Mullvad also ran some pretty quirky ads on our public transit. I hadn’t been that familiar with them, but it did heighten my awareness, and they seem pretty fine.
Where does AzireVPN stand?
It is a bit sad and unexpected that AirVPN has not been audited…
It’s not entirely a big deal to me.
I think I agree with the staff reply on this thread: https://airvpn.org/forums/topic/56799-audits/
Our software is free and open source, while we repute at the moment not acceptable to provide external companies with root access to our servers to perform audits which can not anyway guarantee future avoidance of traffic logging or transmission to third parties. On the contrary, we deem very useful anything related to penetration tests. Such tests are frequently performed by independent researchers and bounty hunters and we also have a bounty program.
@Charger8232 as a NymVPN user I would add that I got 2 years of service paying in crypto for $50
Also this post is from Lemmy, so I retooted a Lemmy postSince you do not seem to list self-hosting options, e.g. WireGuard or OpenVPN, then IMHO it’d be good to at least have a line on each about what’s the actual backend, e.g. does service X runs on WireGuard, OpenVPN, something else, something proprietary that has been audited by 3rd party if so whom and when.
Edit: suggested self-hosting (but not at home) WireGuard in the previous thread https://lemmy.ml/post/37270537/21536054
How does Obscura compare? @[email protected] They’re pretty innovative imo. Its cool that VPNs are doing new stuff, like Mullvad’s DAITA.
Maybe a field for number of servers currently?
Would be nice to include boycat vpn
I got Mozilla VPN back when it launched. I got it at $4.99/month. I only use it for viewing and downloading “free” media online. Should I switch?
Mozilla VPN is just Mullvad, so you are on a very good vpn service.
As long as you are happy, I don’t see why you should swap.
(Going to mullvad directly could be slightly beneficial if you want a generated account that has no direct metadata to link to you, using a card to pay would negate that benefit, but theres other options… in the end you are using a good service already)
I kinda wonder if it is slightly more private separating the billing company from the providing company.
From what I know, the only free VPN worth using is Proton because they don’t keep logs on their free tier either.
Last time I said it was hard to figure out if this was some kind of malice or just someone without much experience/knowledge.
I been thinking about what this post and the one before it actually are though. They’re not disinformation, I don’t think they’re misinformation although I think that argument could be made if there was actual intent (and a person could also make the argument that there is intent).
This just kind of seems like white noise or what would be called slop if it were generated by ai.
It’s not useful in making a decision.
A vpn is a tool and you use the right tool for the job. A chart comparing the various similarities and differences between a box and open end wrench, flare nut wrench, socket set, power drill, impact driver and torque wrench would be useless for decision making about what tool to buy because they’re for different jobs.
If you need to take the lug nuts off a truck the right tool is an impact, if you need to replace brake lines you’re gonna use a flare nut wrench.
It’s not useful to compare pia and mullvad. If all you need is a cheap way to reliably bypass geofencing then pia is the right tool. If you need deniability and trust then mullvad is the right tool.
It makes no sense to compare air and nord. If you need the cheapest per device service for bypassing content blocks then the tool is nord. If you need port forwarding for torrents, soulseek and usenet all at once then the tool is air.
The problem with posts like this is that they don’t really provide any useful understanding or decision making process and wouldn’t be useful from an educational perspective like the comparison between various wrenches made above (if it were in some kind of Tools for Dummies publication) because they’re not even contextualized as such.
A better start for this kind of post would be “here are some reasons to use a vpn service” or “here are some actual important differences between different vpn services apps”, not weather they’re available on Jim’s cut rate Secure I Promise ™ alternative android App Store.
Last time I said it was hard to figure out if this was some kind of malice or just someone without much experience/knowledge.
Totally disagree with the first few paragraphs. Someone makes a post you feel has inadequate depth and you think they’re the goddamned CIA? I don’t see any basis for the hostile tone.
If you need port forwarding for torrents, soulseek and usenet all at once then the tool is air.
But like it’s nice to be able to have a reference to quickly exclude certain options without having to wade through all their various websites. If you already know that you need port forwarding, then a chart like this will help you exclude several mainstream options. If there is some other criteria you already know about it could save you a lot of time.
A better start for this kind of post would be “here are some reasons to use a vpn service” or “here are some actual important differences between different vpn services apps”
Those do exist elsewhere and I don’t think there is much wrong with summarizing the current state of things for an informed audience. We are on lemmy here! I wouldn’t mail this chart out to the whole neighbourhood or anything, it’s probably not a good very first intro for most people. Although even for a person just getting started, having the column of criteria on the left could be useful to point out “what are the things to consider”. Like maybe you wouldn’t even guess that the number of devices would be limited.
Long narrative comparisons can be hard to follow. They are good for understanding the differences but then once you are having an understanding how do you pick? It’s very convenient if someone else goes to the trouble to sift through the information. On wikipedia there are some subjects that have tables comparing things and I find them very helpful. Otherwise I’d just have to spend hours making my own tables.
BTW wikipedia has a table comparing different kinds of wrenches so obviously someone thought it would be useful!!
The main issue is that the information could become out of date or erroneous in the first place so you need to verify for yourself whatever is key to your decisions. That’s just the nature of third party info.
So like I said, I don’t think the post is malicious.
I tried to be careful not to take a hostile tone. It’s possible you’re correctly identifying a critical tone, because my comment was intended as criticism of the post.
There are ways of presenting factual information that are not helpful or useful and actually serve the opposite purpose. You certainly don’t need to use prose to present information in a useful way, but consider how much closer to the old car paint color versus mileage chart (or whatever example they used to teach you about uncorrelated data in school) the posters chart is than the Wikipedia wrench table you linked.
The Wikipedia wrench table is in the context of “tools for dummies” that I said might be appropriate for that type of presentation, just as an aside.
The whole point of using some kind of chart or table is to make understanding easier, not more difficult. The posted chart does the latter. I think its because the op doesn’t understand both what they’re trying to say or the information they’re trying to show to convey it and because they chose a really excessively dimensional way to do so. A flowchart, infographic or anything other than a three dimensional chart would be better but since it’s so unclear what they’re trying to express, except possibly how much they love nymvpn and how people should really take a look at that previously underrepresented option, I can’t really make a recommendation.
OK well then I should divulge to you full disclosure that I think you, like OP, are also probably not a hostile actor who is commenting to fuck with me specifically or ?lemmy users? in general. More likely someone who’s got a bit spun up their head. But I can’t say for sure…
As it happens, last time I was looking at different VPN vendors I had to spend a ton of time basically creating an abbreviated version of this chart that had the items most salient to my use case. To sift through the websites, forums, support sections etc, because the information isn’t clearly presented was annoying. They are all trying to emphasize their strengths to make a sale based on their marketing strategy.
I can say that this chart, exactly as it is, would have saved me significant time had it been available. I found similar but they were old. And I looked at it to see if the conclusion I came to is still the right one for me— it is. I can clearly see the required information.
Good! You’re on a public forum and people do that shit! Our instance is slightly better than the other Reddit offshoots but most of them haven’t kicked the social media curse and everything you read on lemmy needs to get the sidest of ways glances.
I have trouble taking your statement that you can see the required information seriously when the required information literally isn’t there. Important stuff like weather a service accepts cash anonymously, is owned by what company and what that company’s affiliations are (talking about kape and israel here, not the proton red herring) and how forwarded ports are allocated are not included in the chart.
Of course, that kind of information doesn’t fit neatly into a table so it’s another example of the format of the data being inadequate.
I can believe that a broad generalized table like this is useful in the context of learning the ropes of what’s out there in terms of vpn services, but it isn’t being presented in that way. If this kind of table were around years ago when I was getting my feet under me I would have made bad choices based on it.
My comments saying “hey, this is bad and not something to use” are not coming from my seat of power at the player haters annual dinner and awards ceremony but from clear recognition of misleading information based on experience.
PIA isnt independent, its by a Israeli spyware company, that owns multiple VPN Review sites and VPN services . Remove it from the list.
I read from somewhere that mullvad is owned by two israeli guys. Dont remember the names, but I was told, that it’s written on a frontpage or smth.
No, don’t rrmove it from the list. Make a note acknowledging the issue so others see it
Whoa for real??
Yes. The owner/developer is Kape technologies, an Israeli spyware/adware company.
For maximum privacy, I recommend VPN providers with a jurisdiction outside of Five Eyes and other international intelligence-sharing agreements – that is, one headquartered outside of the US, UK, Australia, New Zealand and Canada. So it initially seems like a positive sign that, while CyberGhost has offices in Germany, it’s headquartered in Romania. German entrepreneur Robert Knapp says he founded the $114,000 startup on the back of low-wage Bucharest labor before flipping it for $10.5 million in 2017.
The issue is who he sold it to – the notorious creator of some pernicious data-huffing ad-ware, Crossrider. The UK-based company was cofounded by an ex-Israeli surveillance agent and a billionaire previously convicted of insider trading who was later named in the Panama Papers. It produced software which previously allowed third-party developers to hijack users’ browsers via malware injection, redirect traffic to advertisers and slurp up private data.
Crossrider was so successful it ultimately drew the gaze of Google and UC Berkeley, which identified the company in a damning 2015 study. (You can read the Web Archive version of that document.)
This practice, commonly called traffic manipulation, is condemned web-wide. And the only difference between it and one of the oldest forms of cyberattack, called man-in-the-middle (MitM), is that you clicked “agree” on the terms and conditions.
Whether or not PIA or ExpressVPN or the other providers owned by Kape fulfill this data scraping and ad-serving pipeline in my mind is irrelevant. Choosing to do business with them rewards bad actors when there are other VPN sellers who don’t have such a tainted lineage.
Why isn’t F-Droid included in the Availability section?
Could be wrong but I think it’s due to the security vulnerabilities present, its generally better to just use Google play store with an anonymous account.
Na… The likelyhood of installing some bad or fake app from google play store is much higher than on fdroid.
i think the security issues are not about fake apps, but about fdroid signing the builds themself, while their build infrastrcuture is described as insecure
The issue there AFAIK is that some app builds aren’t fully reproducible, because if they were the developer signature would still apply and be used. In the reproducible case the security of the build infra wouldn’t matter, because the same app would be produced the same regardless were they are build.
Without reproducible builds, you cannot really trust the software anyway, because the Dev could hook some hidden code only for the released binary app and sign that.
uhm no not really? I mean reproducible builds are used to cross verfiy that it is the same binary in this case, but like android has no mechanism to do that, this is not how it works.
that a build should be reproducible is more about your second point and doesnt really have anything to do with fdroid, as far as i know
Edit: these links should explain it all: https://discuss.grapheneos.org/d/21675-fdroid-security/2
Once it passes inspection, the F-Droid build service compiles and packages the app to make it ready for distribution. The package is then signed either with F-Droid’s cryptographic key, or, if the build is reproducible, enables distribution using the original developer’s private key. In this way, users can trust that any app distributed through F-Droid is the one that was built from the specified source code and has not been tampered with.
https://f-droid.org/en/2025/09/29/google-developer-registration-decree.html
I’ve been using one of these since forever and it just works. Should I look at the others?
I don’t want this to be a “I use x and its the best” type comment so I won’t say which one.
I only use wireguard and wouldn’t touch openvpn just because it seems so complex in comparisson.
The price is fine, the speed is fine, wireguard makes it ubiquitous, never had a problem with reliability.
If you feel one of the options offers something better than the one you currently use, you may consider switching. That’s the purpose of comparisons, after all!
that’s kind of my point though. I’ve never considered switching because what I’ve been using is fine.
Same, my VPN works and I can download Linux ISOs because of port forwarding.
