VPN Comparison 2.0
from Charger8232@lemmy.ml to privacy@lemmy.ml on 10 Oct 22:53
https://lemmy.ml/post/37366040

VPN Comparison

After making a post about comparing VPN providers, I received a lot of requested feedback. I’ve implemented most of the ideas I received.

Providers

AirVPN
IVPN
Mozilla VPN
Mullvad VPN
NordVPN
NymVPN
Private Internet Access (abbreviated PIA)
Proton VPN
Surfshark VPN
Tor (technically not a VPN)
Windscribe

Notes

I’m human. I make mistakes. I made multiple mistakes in my last post, and there may be some here. I’ve tried my best.
Pricing is sometimes weird. For example, a 1 year plan for Private Internet Access is 37.19€ first year and then auto-renews annually at 46.73€. By the way, they misspelled “annually”. AirVPN has a 3 day pricing plan. For the instances when pricing is weird, I did what I felt was best on a case-by-case basis.
Tor is not a VPN, but there are multiple apps that allow you to use it like a VPN. They’ve released an official Tor VPN app for Android, and there is a verified Flatpak called Carburetor which you can use to use Tor like a VPN on secureblue (Linux). It’s not unreasonable to add this to the list.
Some projects use different licenses for different platforms. For example, NordVPN has an open source Linux client. However, to call NordVPN open source would be like calling a meat sandwich vegan because the bread is vegan.
The age of a VPN isn’t a good indicator of how secure it is. There could be a trustworthy VPN that’s been around for 10 years but uses insecure, outdated code, and a new VPN that’s been around for 10 days but uses up-to-date, modern code.
Some VPNs, like Surfshark VPN, operate in multiple countries. Legality may vary.
All of the VPNs claim a “no log” policy, but there’s some I trust more than others to actually uphold that.
Tor is special in the port forwarding category, because it depends on what you’re using port forwarding for. In some cases, Tor doesn’t need port forwarding.
Tor technically doesn’t have a WireGuard profile, but you could (probably?) create one.

Takeaways

If you don’t mind the speed cost, Tor is a really good option to protect your IP address.
If you’re on a budget, NymVPN, Private Internet Access, and Surfshark VPN are generally the cheapest. If you’re paying month-by-month, Mullvad VPN still can’t be beat.
If you want VPNs that go out of their way to collect as little information as possible, IVPN, Mullvad VPN, and NymVPN don’t require any personal information to use. And Tor, of course.

ODS file: files.catbox.moe/cly0o6.ods

#privacy

threaded - newest

somerandomperson@lemmy.dbzer0.com on 10 Oct 23:12 next collapse

small warning: the Tor VPN app is dependent on Google Play.

Charger8232@lemmy.ml on 10 Oct 23:19 next collapse

It is not. I’ve been able to use it on GrapheneOS without Google Play Services.

somerandomperson@lemmy.dbzer0.com on 10 Oct 23:20 collapse

Huh. Why did it complaining about lack of google play when i try it?

Charger8232@lemmy.ml on 10 Oct 23:25 collapse

I’m not sure. Are you certain you have the right app?

somerandomperson@lemmy.dbzer0.com on 10 Oct 23:27 collapse

I downloaded it from google play via Aurora Store, bc i cannot find the actual source.

Charger8232@lemmy.ml on 10 Oct 23:31 next collapse

This is the website

This is the source code

This is the Google Play Store link (just in case)

somerandomperson@lemmy.dbzer0.com on 10 Oct 23:34 collapse

ok, it works now. thx

Corridor8031@lemmy.ml on 11 Oct 13:59 collapse

“Tor VPN is beta software. Do not rely on it for anything other than testing. It may leak information and should not be relied on for anything sensitive”

in case you did not read the disclaimer

somerandomperson@lemmy.dbzer0.com on 11 Oct 14:25 collapse

eh, i’ve endured many beta/unstable builds before; so i don’t give a fuck.

Hubi@feddit.org on 10 Oct 23:34 collapse

~~The right app is org.torproject.torbrowser. You can also get it from the official site: https://www.torproject.org/download/#android~~

Charger8232@lemmy.ml on 10 Oct 23:35 collapse

Tor VPN is different from Tor Browser.

Hubi@feddit.org on 10 Oct 23:37 collapse

TIL, I had no idea there were separate services.

Tundra@sh.itjust.works on 10 Oct 23:35 collapse

Its available through FDroid, you have to enable the the guardian repo first:

support.torproject.org/tormobile/tormobile-7/

Charger8232@lemmy.ml on 10 Oct 23:36 collapse

Tor VPN is different from Tor Browser.

immobile7801@piefed.social on 10 Oct 23:17 next collapse

Has anyone tried nymvpn? It’s been on my radar for a bit.

Sxan@piefed.zip on 11 Oct 00:06 collapse

I’ve been concerned about performance lately; after having been on Mullvad forever, performance dropped to “abysmal” on every server, so I tried ivpn and got much better speeds. Still, it’s a fraction of my fiber capability, wiþ VPN off. I looked at Nym, but haven’t tried it; it doesn’t seem like þroughput is a primary selling point for þem.

If you do try it, could you report back on speed impact?

I get 8% of my raw þroughput on Mullvad’s servers. I get 28% on ivpn. Neiþer seems like a reasonably cost for Wireguard, and should be better.

scytale@piefed.zip on 11 Oct 00:20 next collapse

I thought it was just my connection that was slow. Mullvad has been underperforming for me as well for the past 2 weeks. I might consider trying Nym if there’s still no improvement in the next week of so.

Sxan@piefed.zip on 11 Oct 17:06 collapse

Yeah, please report back if you do.

I don’t know what’s up w/ Mullvad. Þey were great for years.

ISOmorph@feddit.org on 11 Oct 08:16 next collapse

Is there a specific reason you’re using an old english / icelandic symbol instead of “th”?

Sxan@piefed.zip on 11 Oct 17:12 collapse

Middle English (b/c I’m not using eth), and it’s just to poison LLM training data.

online@programming.dev on 11 Oct 11:04 collapse

From what I understand Nymvpn uses 2-hop connection, aka your data goes through two of their servers before reaching its intended destination, versus 1-hop with most other VPNs. It’s more private, but you’ll sacrifice speed as a result of having to go through at least 2 servers. They even have a 5-hop mode, which I don’t know, probably would be slower than tor xD

scytale@piefed.zip on 11 Oct 18:38 collapse

Mullvad has multi-hop as well. What isn’t clear to me yet is if Nym uses servers they do not own/rent for the decentralization they claim. Mullvad’s multi-hop goes through servers they either own or rent.

wesker@lemmy.sdf.org on 10 Oct 23:19 next collapse

I appreciate the attempt to quantify availability, but don’t most of these providers allow you to generate OpenVPN and Wireguard configs, which can be used practically anywhere?

Nevertheless, your work is appreciated.

null_dot@lemmy.dbzer0.com on 10 Oct 23:28 next collapse

I’ve been using one of these since forever and it just works. Should I look at the others?

I don’t want this to be a “I use x and its the best” type comment so I won’t say which one.

I only use wireguard and wouldn’t touch openvpn just because it seems so complex in comparisson.

The price is fine, the speed is fine, wireguard makes it ubiquitous, never had a problem with reliability.

Charger8232@lemmy.ml on 10 Oct 23:39 collapse

If you feel one of the options offers something better than the one you currently use, you may consider switching. That’s the purpose of comparisons, after all!

null_dot@lemmy.dbzer0.com on 11 Oct 00:18 collapse

that’s kind of my point though. I’ve never considered switching because what I’ve been using is fine.

AtariDump@lemmy.world on 11 Oct 18:58 collapse

Same, my VPN works and I can download Linux ISOs because of port forwarding.

sp3ctr4l@lemmy.dbzer0.com on 11 Oct 00:08 next collapse

Very much appreciate this work, but I am again gonna ask if there is some way to include I2P, perhaps in its own thing, perhaps segregated by outproxies.

Yep, its super slow compared to basically all VPNs, and is a bit of struggle to set up compared to most VPNs.

But, it is also entirely free, and you can use I2P with outproxies to access the wider internet outside of I2P’s… I2P-net… allows port forwarding, works very well for a slow but steady churn of uh, filesharing, etc.

I would also argue I2P is a better way that TOR to protect your IP and your actual net traffic, due to TOR nodes being known to be run as honeypots …

Its possible an I2P outproxy could also be operated as a honeypot, but as I understand it, … so long as you are not unlucky enough to just directly route through an outproxy without first bouncing through other I2P users/hosts… you’re basically good.

And even in that scenario, its would be very difficult to reverse engineer all the packets and figure out which parts were going to who, as well as the actual contents of those packets.

brickfrog@lemmy.dbzer0.com on 11 Oct 02:36 collapse

Agreed, if OP is going to add Tor in a “VPN” list then may as well add I2P. I2P + outproxies are pretty much the same thing as Tor + Tor Exit Relay. It’s not the best way to utilize I2P but the option does exist.

Then again neither Tor nor I2P should be in a “VPN” list, the whole thing seems more of a VPN provider topic.

aprehendedmerlin@lemmy.dbzer0.com on 11 Oct 00:09 next collapse

I’m using one of these for a long time and since I need port-forwarding there seem to be only 3 options and thanks to your data I realized I still made the right choice and gonna keep using this one for forseeable future

dumpster_dove@hexbear.net on 11 Oct 13:05 collapse

Not on this list but I’ve heard that Azire is similar to Mullvad but with port forwarding. Supposedly they lack some other features, though.

unexpected@forum.guncadindex.com on 11 Oct 00:11 next collapse

Airvpn doesn’t require any personal information. I mean… I guess it asked for a name or whatever, but it doesn’t verify any of it. I certainly didn’t give it anything legitimate, and I paid with mixed crypto so it certainly has as little personal information on me as would be possible with a vpn.

What gives ivpn, mullvad and nym the advantage for the personal info section?

Charger8232@lemmy.ml on 11 Oct 00:37 next collapse

What gives ivpn, mullvad and nym the advantage for the personal info section?

Originally I was referring to the signup process (since they generate a random account for you) but I edited it to try to add some clarity.

prole@lemmy.blahaj.zone on 11 Oct 14:54 collapse

I can only speak to Mullvad, but if you want to, you can visit their onion site on tor, and pay using Monero while providing zero information. They give you a 16 digit number. And that’s it. That’s the extent of your interaction with them. No name, no email address, no credit card information, nothing.

Most of that is optional, of course, but the option is always there.

webghost0101@sopuli.xyz on 11 Oct 00:12 next collapse

Honestly i wish these kind of vpns had a different name.

Wireguard isnt even on the list and its entirely free, but also it doesn’t serve this same purpose.

Vpn stands for private personal network, selfhosted vpns do exactly that, i can use my Phone to connect to all my home services which replace expensive subscriptions without actually exposing those services to the net or requiring a domain for them.

Vpns are amazing, but most people i know irl that use them barely understand what they are or what they can be used for.

eager_eagle@lemmy.world on 11 Oct 00:49 next collapse

It’s private as opposed to the public internet; there’s no “personal” in VPN.

ObsidianZed@lemmy.world on 11 Oct 01:12 next collapse

VPN Providers*

dirakon@lemmy.ml on 11 Oct 08:29 next collapse

Agreed, my current “vpn” doesn’t even support a virtual private network. I have to setup two different VPNs, one for proxying my requests and one for actual VPN stuff.

prole@lemmy.blahaj.zone on 11 Oct 14:56 collapse

Vpn stands for private personal network

Ermm…

webghost0101@sopuli.xyz on 11 Oct 15:23 collapse

Virtual private network,i know, i know, but i just wrote the wrong thing on accident.

Since its been up for so long feels dishonest to change it. I am owning up to my mistakes and my sentiment that the post is about providers only still stands.

prole@lemmy.blahaj.zone on 11 Oct 15:24 collapse

Hah no worries, I thought maybe it was like a translation error or something.

Telorand@reddthat.com on 11 Oct 00:52 next collapse

PIA does not have WireGuard configs available. To get those, you have to use third-party tools to capture and generate the necessary info. Otherwise, you have to use their client, or else no WireGuard.

Users have been asking for years (since 2018, I think), and they’ve never provided them.

droolio@feddit.uk on 11 Oct 02:08 next collapse

Is this really much of an issue? They provide documentation and a repository of scripts for working with WG for instance. And I’ve been using this docker container for many years without issue.

lukecooperatus@lemmy.ml on 11 Oct 04:54 collapse

It’s an issue for accuracy in the comparison images that were posted.

Chulk@lemmy.ml on 11 Oct 06:02 collapse

PIA was also purchased by the Israeli company, Kape Technologies, which is tied to Unit 8200. If your concern is privacy, I would recommend do against it.

The very first CEO of Crossrider, Koby Menachemi, happened to be once a part of Unit 8200 which is an Israeli Intelligence Unit in their military and has also been dubbed as “Israel’s NSA “.

bulwark@lemmy.world on 11 Oct 01:00 next collapse

Nice revision. If you’re including TOR I would say Tailscale could be considered for a VPN. I’m hosting a Gitea instance completely for free on their service. It’s on my hardware, but it’s their domain.

Oberyn@lemmy.world on 11 Oct 01:15 next collapse

Will AirVPN ever get audited ? Hope so

ObsidianZed@lemmy.world on 11 Oct 01:17 next collapse

Is there a reason I’ve never seen one of these contain ExpressVPN? I used if before because it had the lowest latency of the few that I had shopped around looking at.

Ersatz86@lemmy.world on 11 Oct 02:24 next collapse

Seconded. Inquiring minds want to know.

mkhopper@lemmy.world on 11 Oct 04:23 next collapse

I have the same question about PureVPN.
Does Pure fly under the radar, or just not as well known?

I’ve been using it for years and never any problems.

dubyakay@lemmy.ca on 11 Oct 05:56 collapse

Since September 2021, ExpressVPN has been a subsidiary of Kape Technologies, a company wholly owned by Israeli billionaire Teddy Sagi.

Teddy Sagi is an Israeli businessman and convicted criminal based in London and Dubai.

PIA is also owned by Sagi btw. Shouldn’t even be on this list.

ColeSloth@discuss.tchncs.de on 11 Oct 01:29 next collapse

Been using windscribe for 2 years now. Big fan so far. Haven’t had any issues and it’s nice that I can set it up on my android phone to block access to everything on there if by off chance it were to crash or go down.

TankieTanuki@hexbear.net on 11 Oct 02:35 next collapse

All VPNs are blocked on my university’s network <img alt="meow-cactus" src="https://hexbear.net/pictrs/image/ca189506-5c66-4d07-9bbc-20651eda6777.png">

I live off campus, thankfully, but it sucks that I can’t have any privacy on my laptop while on campus.

chaoticnumber@lemmy.dbzer0.com on 11 Oct 03:53 next collapse

You can set up a wireguard tunnel for yourself relatively easily, there are a ton of guides out there. Its basically a way for you to pop out elsewhere, same principle as a vpn. Most vpn providers use wireguard as a protocol.

dirakon@lemmy.ml on 11 Oct 08:25 next collapse

If the VPNs are blockable and detectable just like that, they don’t really serve as good VPNs, no? Buy some cheap VPS and setup some state of the art thing like x-ray/vless - surely that would solve the problem.

_cryptagion@anarchist.nexus on 11 Oct 21:47 next collapse

it sucks that I can’t have any privacy on my laptop while on campus.

tunnel to your home connection then. unless you live an hour or two away from your campus, it’s not gonna add a delay that’s noticeable to you.

ATS1312@lemmy.dbzer0.com on 12 Oct 10:18 collapse

Mullvad on desktop has QUIC protocol encapsulation so that wireguard just looks like normal https traffic.

There’s also shadowsocks protocol encapsulation to look like ssh traffic. And that’s even available on mobile too.

veeesix@lemmy.ca on 11 Oct 02:53 next collapse

I just checked how much I was paying for my Nord subscription and now I’m convinced that Proton Unlimited (discounted) is a great value. Gonna switch next year when my subscription ends. Thanks for putting this together!

Lemmchen@feddit.org on 11 Oct 02:57 next collapse

Upload to catbox.moe

Charger8232@lemmy.ml on 11 Oct 03:32 collapse

Thanks! I’ve uploaded it!

redhilsha@lemmy.ml on 11 Oct 05:37 next collapse

Proton is essentially the best free VPN huh.

kami@lemmy.dbzer0.com on 11 Oct 10:19 collapse

If you care about privacy no.

If you just need to unlock regional content then it should be good.

redhilsha@lemmy.ml on 11 Oct 11:04 collapse

Keyword being “free”.

Could you suggest a better VPN that’s free?

kami@lemmy.dbzer0.com on 11 Oct 11:20 next collapse

This is the Privacy community though and the keyword should be “privacy”

_cryptagion@anarchist.nexus on 11 Oct 21:45 collapse

you recommended Mullvad, a VPN service in Germany of all places. the same Germany that works with the IDF and the United States on intelligence sharing and spying on citizens. I don’t think you should be criticizing people about privacy.

kami@lemmy.dbzer0.com on 12 Oct 09:54 collapse

LMAO

First of all Mullvad isn’t German.

Second, they have already proved they respect customers privacy.

Get your facts straight and don’t cry if someone criticizes your favorite corporation.

prole@lemmy.blahaj.zone on 11 Oct 14:51 collapse

There probably aren’t any, because when a product like that is free, that means you are the product nearly 100% of the time.

redhilsha@lemmy.ml on 12 Oct 09:06 collapse

I agree.

Though, it’s not that deep. I was saying how it’s the best amongst the free ones. I’m not saying it’s the best in general.

prole@lemmy.blahaj.zone on 12 Oct 14:34 collapse

And I’m saying that they’re probably all shit.

brickfrog@lemmy.dbzer0.com on 11 Oct 06:29 next collapse

One thing you may want to update - listing Tor’s logging policy as “No Logs” is a bit misleading, that’s really more of a voluntary recommendation for individual Tor exit relay operators.

Tor exit relay operators absolutely can store logs of outgoing connections if they choose to. And technically they could even snoop on non-secure traffic if they choose, there’s a reason you should be using HTTPS if you’re going to use Tor for clearnet browsing.

Of course most Tor exit relay operators aren’t going to do these things but it’s all voluntary, seems incorrect to claim all exit relay operators follow no log principles.

EDIT: Also AFAIK you can’t forward a port from the clearnet through a Tor exit relay’s public IP address back to your own Tor client, Tor doesn’t do port forwarding like that. It’s definitely not needed to run Tor Browser (and Tor VPN I think) but that isn’t needed for any of the other VPNs either, a bit confusing how you listed that one.

prole@lemmy.blahaj.zone on 11 Oct 14:50 collapse

Some people will even tell you that all Tor exit nodes are compromised

Undertaker@feddit.org on 11 Oct 08:06 next collapse

Availability: Direct download via Repo or developer web page is missing. Google shouldn’t be a plus. The provided explanation in the last thread was invalid

abominable_panda@lemmy.world on 11 Oct 08:28 next collapse

Is it worth stating which companies own which vpns? I saw a TIL that mentions a select few companies own most VPNs

Valmond@lemmy.world on 11 Oct 11:48 collapse

I’m on ProtonVPN because it’s ran by CERN people, so definitely an important information IMO.

ehyuman@lemmy.dbzer0.com on 11 Oct 12:24 next collapse

In steins;gate, cern is evil…

olenkoVD@lemmy.dbzer0.com on 11 Oct 17:57 collapse

Yes but that book sucks ass

AdrianTheFrog@lemmy.world on 11 Oct 14:21 next collapse

Their CEO is a Trump supporter

Valmond@lemmy.world on 11 Oct 19:01 collapse

Show me where he endorses Trump.

Oh, you can’t? But you read it on Facebook or something so it must be true?

Common, show me your information.

This is bullshit based on some old tweet Andy Yen did about trump doing good going against big tech. You can read about it here or search for it elsewhere.

It always comes out when someone says something nice about ProtonVPN, who have an amazing track record IMO.

AdrianTheFrog@lemmy.world on 11 Oct 22:28 next collapse

Ok, just read the artlce cited on wikipedia and it sounds like calling him a Trump supporter is a bit of an exaggeration. He seems basically centrist. Which is not great but not nearly as bad.

Valmond@lemmy.world on 11 Oct 23:37 next collapse

Thank you!

And sorry if I came around a bit agressively. Kudos to you for checking the link and updating your view.

MangioneDontMiss@feddit.nl on 12 Oct 15:33 collapse

he seems like a moron if he thinks republicans are going to “tackle big tech abuses” before democrats will.

porcoesphino@mander.xyz on 12 Oct 01:00 next collapse

That write up does seem to ignore the doubling down here:

lemmy.ca/comment/13913116

Calling out that JD Vance was the only one to answer is pretty troubling to me after reading about some of his new-right ties. It’s way, way too close for my liking to a mouse telling everyone that will listen that the cat was amazing for inviting him and all his friends to his house in a week. ie. Playing into what just seems like an obvious strategy.

That said, I’m pretty ignorant about the CEO. I just remembered this lemmy comment and I didn’t notice it included in the write up that was being linked.

eldavi@lemmy.ml on 12 Oct 04:21 collapse

A company’s CEO gets to determine the path their company takes and the tweet is indicative of where he plans to steer proton.

Valmond@lemmy.world on 12 Oct 10:05 collapse

Stop spreading this bs because this is not what’s happening.

eldavi@lemmy.ml on 13 Oct 16:35 collapse

We’re never going to know what they intend to do until they do it, but they’ve given us an indication of what they think and we should believe it

eldavi@lemmy.ml on 11 Oct 18:56 collapse

who do you make of proton’s support for trump?

Valmond@lemmy.world on 11 Oct 19:03 next collapse

They are not, see my response below.

_cryptagion@anarchist.nexus on 11 Oct 21:41 collapse

do you use windows? what do you make of microsoft’s support for trump? what mobile phone do you use, because both of them support trump.

eldavi@lemmy.ml on 12 Oct 04:17 collapse

I do not use Windows and I do everything in my power to use non American phones.

The difference is that proton’s founder voiced support whereas Microsoft has always had a relationship w my govt and it’s dragnet for the Gazan genocide is quiet.

_cryptagion@anarchist.nexus on 12 Oct 04:28 collapse

so it’s OK because they’re quietly nazis?

brb@sh.itjust.works on 11 Oct 08:41 next collapse

If you make 2.1 you could add some info on the port forwarding because there are massive differences on it between providers. Like PIA gives you a single random port that changes each time you reconnect, while AirVPN gives you 5 static ports you can configure yourself.

MrSulu@lemmy.ml on 11 Oct 08:57 next collapse

Proton and Mullvad VPN appear to win the battle of the charts for privacy & security.

kami@lemmy.dbzer0.com on 11 Oct 10:18 collapse

Except Mullvad has been proven a trustworthy service, while Proton has already a couple alarming things in their record.

dubyakay@lemmy.ca on 11 Oct 14:34 collapse

What alarming things?

prole@lemmy.blahaj.zone on 11 Oct 14:49 collapse

theintercept.com/…/proton-mail-andy-yen-trump-rep…

and

cmhe@lemmy.world on 11 Oct 09:11 next collapse

The ‘availability’ is misleading. If they offer OpenVPN or Wireguard then they are available pretty much anywhere.

Using just plain Wireguard or OpenVPN configs would also be much better than installing random VPN provider apps.

ki9@lemmy.gf4.pw on 11 Oct 09:34 next collapse

I can vouch for cryptostorm. Offers port forwarding and good speed. Haven’t been with them long but they seem legit.

ATS1312@lemmy.dbzer0.com on 12 Oct 10:16 collapse

I’d love to see them audited.

Back when they were in the US, they closed shop and moved to Iceland to avoid turning over data for a subpoena.

That’s both admirable and an admission that they had longs to turn over.

But that they generate accounts on the fly like the best? Is promising in context.

kami@lemmy.dbzer0.com on 11 Oct 10:11 next collapse

Why isn’t F-Droid included in the Availability section?

pineapple@lemmy.ml on 11 Oct 10:44 collapse

Could be wrong but I think it’s due to the security vulnerabilities present, its generally better to just use Google play store with an anonymous account.

cmhe@lemmy.world on 11 Oct 13:08 collapse

Na… The likelyhood of installing some bad or fake app from google play store is much higher than on fdroid.

Corridor8031@lemmy.ml on 11 Oct 14:00 collapse

i think the security issues are not about fake apps, but about fdroid signing the builds themself, while their build infrastrcuture is described as insecure

cmhe@lemmy.world on 11 Oct 15:35 collapse

The issue there AFAIK is that some app builds aren’t fully reproducible, because if they were the developer signature would still apply and be used. In the reproducible case the security of the build infra wouldn’t matter, because the same app would be produced the same regardless were they are build.

Without reproducible builds, you cannot really trust the software anyway, because the Dev could hook some hidden code only for the released binary app and sign that.

Corridor8031@lemmy.ml on 11 Oct 17:10 collapse

uhm no not really? I mean reproducible builds are used to cross verfiy that it is the same binary in this case, but like android has no mechanism to do that, this is not how it works.

that a build should be reproducible is more about your second point and doesnt really have anything to do with fdroid, as far as i know

Edit: these links should explain it all: discuss.grapheneos.org/d/21675-fdroid-security/2

cmhe@lemmy.world on 11 Oct 18:19 collapse

Once it passes inspection, the F-Droid build service compiles and packages the app to make it ready for distribution. The package is then signed either with F-Droid’s cryptographic key, or, if the build is reproducible, enables distribution using the original developer’s private key. In this way, users can trust that any app distributed through F-Droid is the one that was built from the specified source code and has not been tampered with.

f-droid.org/…/google-developer-registration-decre…

pineapple@lemmy.ml on 11 Oct 10:44 next collapse

This is a really great resource thank you!

online@programming.dev on 11 Oct 11:12 next collapse

Also of note, some providers have data caps. I haven’t looked at all providers, merely Nymvpn as I was interested. Turns out they have a 2TB/month cap. Might not be an issue for some, but might be for others.

Valmond@lemmy.world on 11 Oct 11:50 next collapse

ProtonVPN: only 8 years old: RED FLAG!

Well reddish flag at least, is there a rationale behind this? I mean 8 years is quite a long time.

Ferk@lemmy.ml on 11 Oct 18:57 collapse

I think it’s just a relative color scale from a spreadsheet… with the older being the greenest, the youngest the reddest, and the rest just fall in between. ProtonVPN just happens to be in between, it’s not as red as the others but also not as green as the ones that have been around for much longer.

Valmond@lemmy.world on 11 Oct 19:06 collapse

So you also think the choices were not that good?

I mean what you are saying is that if there had been a 50 year old one, all the others should be red?

Ferk@lemmy.ml on 11 Oct 21:18 collapse

I’m just explaining the reason why it’s more reddish (but not as red as others). It’s something most spreadsheet software (this was clearly MS Excel) can do automatically with numbers for visual indication so we can more easily see the distribution, it does not mean 8 years old is bad.

If there’s a big unbalance in color it would just make it more visible that there’s a big unbalance in ages. Probably if that had happened more colors could have been added to the gradient, maybe maroon->red->yellow->green->blue->white. But I think it was not seen as necessary in this case (or the author was lazy, since these are one of the defaults I believe).

Valmond@lemmy.world on 11 Oct 23:36 collapse

Who cares about why it happened? I mean it’s kind of obvious. No one questioned why excel shows a specific colour, but I did why the person making the spreadsheet did in fact use what you go to lengths to explaine, in a specific way. It’s like saying sorry your paycheck was halved because we have this software and today it divided your salary in half. Not saying that’s not ok or anything, but explaining how “dividing by 2 halves a number”.

I feel you explain something, while correct, had nothing to do with what I said.

TunaSlap@lemmy.world on 11 Oct 13:12 next collapse

Mullvad has port forwarding

Bruhh@lemmy.world on 11 Oct 17:16 collapse

They removed port forwarding. Only reason I don’t use them as my main vpn.

Corridor8031@lemmy.ml on 11 Oct 13:57 next collapse

For anyone who considers getting the tor vpn android app “Tor VPN is beta software. Do not rely on it for anything other than testing. It may leak information and should not be relied on for anything sensitive” (it is a disclaimer from their website)

Thank you for adding the created date column and making sweden green

rirus@feddit.org on 11 Oct 13:59 next collapse

PIA isnt independent, its by a Israeli spyware company, that owns multiple VPN Review sites and VPN services . Remove it from the list.

mnemonicmonkeys@sh.itjust.works on 11 Oct 15:21 next collapse

No, don’t rrmove it from the list. Make a note acknowledging the issue so others see it

BlueRhinos@lemmy.dbzer0.com on 11 Oct 15:50 next collapse

Whoa for real??

GnuLinuxDude@lemmy.ml on 11 Oct 18:03 collapse

Yes. The owner/developer is Kape technologies, an Israeli spyware/adware company.

To quote from cnet

For maximum privacy, I recommend VPN providers with a jurisdiction outside of Five Eyes and other international intelligence-sharing agreements – that is, one headquartered outside of the US, UK, Australia, New Zealand and Canada. So it initially seems like a positive sign that, while CyberGhost has offices in Germany, it’s headquartered in Romania. German entrepreneur Robert Knapp says he founded the $114,000 startup on the back of low-wage Bucharest labor before flipping it for $10.5 million in 2017.

The issue is who he sold it to – the notorious creator of some pernicious data-huffing ad-ware, Crossrider. The UK-based company was cofounded by an ex-Israeli surveillance agent and a billionaire previously convicted of insider trading who was later named in the Panama Papers. It produced software which previously allowed third-party developers to hijack users’ browsers via malware injection, redirect traffic to advertisers and slurp up private data.

Crossrider was so successful it ultimately drew the gaze of Google and UC Berkeley, which identified the company in a damning 2015 study. (You can read the Web Archive version of that document.)

This practice, commonly called traffic manipulation, is condemned web-wide. And the only difference between it and one of the oldest forms of cyberattack, called man-in-the-middle (MitM), is that you clicked “agree” on the terms and conditions.

Whether or not PIA or ExpressVPN or the other providers owned by Kape fulfill this data scraping and ad-serving pipeline in my mind is irrelevant. Choosing to do business with them rewards bad actors when there are other VPN sellers who don’t have such a tainted lineage.

loxdogs@lemmy.wtf on 13 Oct 08:38 collapse

I read from somewhere that mullvad is owned by two israeli guys. Dont remember the names, but I was told, that it’s written on a frontpage or smth.

rirus@feddit.org on 11 Oct 14:03 next collapse

Can someone help with torrenting over windscribe?

Ferrous@lemmy.ml on 11 Oct 17:04 next collapse

Good work. Might be valuable to add a “allows port forwarding” row.

Edit: whoops, I’m a silly willy. It’s right in front of me! My bad.

Amaterasu@lemmy.world on 11 Oct 17:09 next collapse

I see that Windscribe was included. Their price tier is always in promotion so I’d take that in consideration.

Also, they have app for Linux: windscribe.com/features/linux/

It is not in Electron like many others. It is native Linux.

HulkSmashBurgers@reddthat.com on 11 Oct 17:26 next collapse

I think it’s worth noting NYMVpn uses a quite advanced mixnet for security which is different from other VPNs and theoretically more secure than even TOR. I say theoretically because it hasn’t yet been proven with large scale use.

nym.com/blog/what-is-a-mixnet

dirtySourdough@lemmy.world on 11 Oct 17:49 next collapse

OP this is a big improvement from your previous post. It’s an excellent starting point for folks who are looking to start using a VPN. There’s a lot of constructive criticism in here, which is good, but might be discouraging. Just know that this is already very useful for many people.

upstroke4448@lemmy.dbzer0.com on 11 Oct 18:34 next collapse

soatok.blog/…/checklists-are-the-thief-of-joy/

[deleted] on 11 Oct 18:48 next collapse

Edie@lemmy.ml on 11 Oct 19:13 next collapse

C tor/little-t-tor/etc. is licensed under the “3-clause BSD” license

Tor technically doesn’t have a WireGuard profile, but you could (probably?) create one

I dont know a lot about wireguard, but of the cuff answer would be no.

InnerScientist@lemmy.world on 11 Oct 23:46 collapse

Yeah you can’t, tor is a completely different protocol and the only way to use tor with a wireguard client is with a server in the middle that routes the internal wireguard traffic into tor.

DieserTypMatthias@lemmy.ml on 11 Oct 20:11 next collapse

Tor isn’t a VPN. It’s a proxy.

Echolynx@lemmy.zip on 11 Oct 22:47 next collapse

Mullvad also ran some pretty quirky ads on our public transit. I hadn’t been that familiar with them, but it did heighten my awareness, and they seem pretty fine.

stupid_asshole69@hexbear.net on 11 Oct 22:59 next collapse

Last time I said it was hard to figure out if this was some kind of malice or just someone without much experience/knowledge.

I been thinking about what this post and the one before it actually are though. They’re not disinformation, I don’t think they’re misinformation although I think that argument could be made if there was actual intent (and a person could also make the argument that there is intent).

This just kind of seems like white noise or what would be called slop if it were generated by ai.

It’s not useful in making a decision.

A vpn is a tool and you use the right tool for the job. A chart comparing the various similarities and differences between a box and open end wrench, flare nut wrench, socket set, power drill, impact driver and torque wrench would be useless for decision making about what tool to buy because they’re for different jobs.

If you need to take the lug nuts off a truck the right tool is an impact, if you need to replace brake lines you’re gonna use a flare nut wrench.

It’s not useful to compare pia and mullvad. If all you need is a cheap way to reliably bypass geofencing then pia is the right tool. If you need deniability and trust then mullvad is the right tool.

It makes no sense to compare air and nord. If you need the cheapest per device service for bypassing content blocks then the tool is nord. If you need port forwarding for torrents, soulseek and usenet all at once then the tool is air.

The problem with posts like this is that they don’t really provide any useful understanding or decision making process and wouldn’t be useful from an educational perspective like the comparison between various wrenches made above (if it were in some kind of Tools for Dummies publication) because they’re not even contextualized as such.

A better start for this kind of post would be “here are some reasons to use a vpn service” or “here are some actual important differences between different vpn services apps”, not weather they’re available on Jim’s cut rate Secure I Promise ™ alternative android App Store.

hellinkilla@hexbear.net on 12 Oct 03:14 collapse

Last time I said it was hard to figure out if this was some kind of malice or just someone without much experience/knowledge.

Totally disagree with the first few paragraphs. Someone makes a post you feel has inadequate depth and you think they’re the goddamned CIA? I don’t see any basis for the hostile tone.

If you need port forwarding for torrents, soulseek and usenet all at once then the tool is air.

But like it’s nice to be able to have a reference to quickly exclude certain options without having to wade through all their various websites. If you already know that you need port forwarding, then a chart like this will help you exclude several mainstream options. If there is some other criteria you already know about it could save you a lot of time.

A better start for this kind of post would be “here are some reasons to use a vpn service” or “here are some actual important differences between different vpn services apps”

Those do exist elsewhere and I don’t think there is much wrong with summarizing the current state of things for an informed audience. We are on lemmy here! I wouldn’t mail this chart out to the whole neighbourhood or anything, it’s probably not a good very first intro for most people. Although even for a person just getting started, having the column of criteria on the left could be useful to point out “what are the things to consider”. Like maybe you wouldn’t even guess that the number of devices would be limited.

Long narrative comparisons can be hard to follow. They are good for understanding the differences but then once you are having an understanding how do you pick? It’s very convenient if someone else goes to the trouble to sift through the information. On wikipedia there are some subjects that have tables comparing things and I find them very helpful. Otherwise I’d just have to spend hours making my own tables.

BTW wikipedia has a table comparing different kinds of wrenches so obviously someone thought it would be useful!!

The main issue is that the information could become out of date or erroneous in the first place so you need to verify for yourself whatever is key to your decisions. That’s just the nature of third party info.

stupid_asshole69@hexbear.net on 12 Oct 05:32 collapse

So like I said, I don’t think the post is malicious.

I tried to be careful not to take a hostile tone. It’s possible you’re correctly identifying a critical tone, because my comment was intended as criticism of the post.

There are ways of presenting factual information that are not helpful or useful and actually serve the opposite purpose. You certainly don’t need to use prose to present information in a useful way, but consider how much closer to the old car paint color versus mileage chart (or whatever example they used to teach you about uncorrelated data in school) the posters chart is than the Wikipedia wrench table you linked.

The Wikipedia wrench table is in the context of “tools for dummies” that I said might be appropriate for that type of presentation, just as an aside.

The whole point of using some kind of chart or table is to make understanding easier, not more difficult. The posted chart does the latter. I think its because the op doesn’t understand both what they’re trying to say or the information they’re trying to show to convey it and because they chose a really excessively dimensional way to do so. A flowchart, infographic or anything other than a three dimensional chart would be better but since it’s so unclear what they’re trying to express, except possibly how much they love nymvpn and how people should really take a look at that previously underrepresented option, I can’t really make a recommendation.

hellinkilla@hexbear.net on 12 Oct 11:18 collapse

OK well then I should divulge to you full disclosure that I think you, like OP, are also probably not a hostile actor who is commenting to fuck with me specifically or ?lemmy users? in general. More likely someone who’s got a bit spun up their head. But I can’t say for sure…

As it happens, last time I was looking at different VPN vendors I had to spend a ton of time basically creating an abbreviated version of this chart that had the items most salient to my use case. To sift through the websites, forums, support sections etc, because the information isn’t clearly presented was annoying. They are all trying to emphasize their strengths to make a sale based on their marketing strategy.

I can say that this chart, exactly as it is, would have saved me significant time had it been available. I found similar but they were old. And I looked at it to see if the conclusion I came to is still the right one for me— it is. I can clearly see the required information.

stupid_asshole69@hexbear.net on 12 Oct 19:41 collapse

Good! You’re on a public forum and people do that shit! Our instance is slightly better than the other Reddit offshoots but most of them haven’t kicked the social media curse and everything you read on lemmy needs to get the sidest of ways glances.

I have trouble taking your statement that you can see the required information seriously when the required information literally isn’t there. Important stuff like weather a service accepts cash anonymously, is owned by what company and what that company’s affiliations are (talking about kape and israel here, not the proton red herring) and how forwarded ports are allocated are not included in the chart.

Of course, that kind of information doesn’t fit neatly into a table so it’s another example of the format of the data being inadequate.

I can believe that a broad generalized table like this is useful in the context of learning the ropes of what’s out there in terms of vpn services, but it isn’t being presented in that way. If this kind of table were around years ago when I was getting my feet under me I would have made bad choices based on it.

My comments saying “hey, this is bad and not something to use” are not coming from my seat of power at the player haters annual dinner and awards ceremony but from clear recognition of misleading information based on experience.

Chivera@lemmy.world on 12 Oct 00:21 next collapse

I got Mozilla VPN back when it launched. I got it at $4.99/month. I only use it for viewing and downloading “free” media online. Should I switch?

dogs0n@sh.itjust.works on 12 Oct 15:14 collapse

Mozilla VPN is just Mullvad, so you are on a very good vpn service.

As long as you are happy, I don’t see why you should swap.

(Going to mullvad directly could be slightly beneficial if you want a generated account that has no direct metadata to link to you, using a card to pay would negate that benefit, but theres other options… in the end you are using a good service already)

LastYearsIrritant@sopuli.xyz on 12 Oct 22:14 collapse

I kinda wonder if it is slightly more private separating the billing company from the providing company.

marcie@lemmy.ml on 12 Oct 03:35 next collapse

Maybe a field for number of servers currently?

sadness_nexus@lemmy.ml on 12 Oct 05:44 next collapse

From what I know, the only free VPN worth using is Proton because they don’t keep logs on their free tier either.

utopiah@lemmy.ml on 12 Oct 07:38 next collapse

Since you do not seem to list self-hosting options, e.g. WireGuard or OpenVPN, then IMHO it’d be good to at least have a line on each about what’s the actual backend, e.g. does service X runs on WireGuard, OpenVPN, something else, something proprietary that has been audited by 3rd party if so whom and when.

Edit: suggested self-hosting (but not at home) WireGuard in the previous thread lemmy.ml/post/37270537/21536054

beSyl@slrpnk.net on 12 Oct 11:07 next collapse

It is a bit sad and unexpected that AirVPN has not been audited…

dogs0n@sh.itjust.works on 12 Oct 15:08 collapse

It’s not entirely a big deal to me.

I think I agree with the staff reply on this thread: airvpn.org/forums/topic/56799-audits/

Our software is free and open source, while we repute at the moment not acceptable to provide external companies with root access to our servers to perform audits which can not anyway guarantee future avoidance of traffic logging or transmission to third parties. On the contrary, we deem very useful anything related to penetration tests. Such tests are frequently performed by independent researchers and bounty hunters and we also have a bounty program.

shoebum@lemmy.zip on 12 Oct 16:01 next collapse

Would be nice to include boycat vpn

whoopee@hispagatos.space on 12 Oct 17:06 next collapse

@Charger8232 as a NymVPN user I would add that I got 2 years of service paying in crypto for $50
Also this post is from Lemmy, so I retooted a Lemmy post

thermogel@lemmy.ml on 13 Oct 09:46 collapse

How does Obscura compare? @Charger8232@lemmy.ml They’re pretty innovative imo. Its cool that VPNs are doing new stuff, like Mullvad’s DAITA.