20 votes

VPN testing reveals poor privacy and security practices, hyperbolic claims

12 comments

  1. [2]
    teaearlgraycold
    Link
    Very happy to see my VPN provider of choice, Mullvad, repeatedly given praise in this article. Their client is also GPL licensed (and written in programming languages that I like for what it's...

    Very happy to see my VPN provider of choice, Mullvad, repeatedly given praise in this article. Their client is also GPL licensed (and written in programming languages that I like for what it's worth - rust and typescript).

    12 votes
    1. kwyjibo
      Link Parent
      Ditto. I've been using Mullvad for about 10 years now (although for two years I did use algo on the side) and I could not be happier. I wish every product was like it. No bullshit, a flat fee and...

      Ditto. I've been using Mullvad for about 10 years now (although for two years I did use algo on the side) and I could not be happier. I wish every product was like it. No bullshit, a flat fee and does one thing rock solid. I genuinely don't know what I'd do without it.

      3 votes
  2. [7]
    kfwyre
    Link
    I don't know if this is pure coincidence or not, but my husband watches a good amount of YouTube content, and these four VPNs specifically are the ones that come up again and again in sponsorship...

    We didn’t include evaluations of how easy VPNs were to use in our testing, but one problem stood out. A number of the services made it difficult to turn off auto-renewal or to cancel. This is a problem with services of many kinds, and it can be extremely frustrating.

    The VPNs where this was a problem include ExpressVPN, NordVPN, PureVPN, and Surfshark.

    I don't know if this is pure coincidence or not, but my husband watches a good amount of YouTube content, and these four VPNs specifically are the ones that come up again and again in sponsorship plugs.

    I've personally been very happy with Mozilla VPN now that their iOS app is up to snuff, so it's nice to see that Consumer Reports validates that choice (full disclosure: I subscribe to CR and trust their product reviews pretty strongly). I know that Mozilla VPN is just Mullvad by a different name, but given how sketchy the VPN market is, having the Mozilla name went a long way with me. It's not something I'd recommend to power users (which I know excludes much of the Tildes audience), but for a lay user like me who wants an easy toggle and a bit more peace of mind that my ISP can't sell my browsing habits, it's pretty much perfect.

    7 votes
    1. vord
      (edited )
      Link Parent
      I subscribe as well, but you should take their reviews with a grain of salt. They've definitely become less reliable over the last 10ish years. Not even that they've gotten much worse, but due to...

      I subscribe to CR and trust their product reviews pretty strongly

      I subscribe as well, but you should take their reviews with a grain of salt. They've definitely become less reliable over the last 10ish years.

      Not even that they've gotten much worse, but due to the sheer added variety courtesy of the internet it becomes impossible for them to fully cover the spectrum and get the most-correct best/value/budget item in many categories. Some of their automotive reviews might be flawed. Though that blog definitely gets the 'wealthy bias' wrong. I'll likely never buy another American car (at 100k household income) because my Toyota cars work(ed) better at 130k miles than any of my Ford/Chrystler cars did at 70k. Toyota just provides better value over time. I rarely buy new though, but do go for single-owner cars with decent service history, so YMMV.

      All that said, they definitely are still a quality publication. They offer a useful metric if you don't want to research in-depth, and are likely to be satisfied with anything green. Anything yellow tends to have some drawback (that you might not care about or even like). Red is severely flawed and an instant blacklist.

      They also do a lot of great informative pieces like this one. I highly reccommend their online TV calibration guide. It produces very accurate colors for dim-light movie/tv watching. I use it as a basis for all my profiles (like late-night, high-light, gaming).

      4 votes
    2. [5]
      Akir
      Link Parent
      I thought it was interesting that the only VPN I recall Linus Tech Tips being sponsored, TunnelBear, was also recommended by CR. I knew that they only allowed sponsorships from companies they...

      I thought it was interesting that the only VPN I recall Linus Tech Tips being sponsored, TunnelBear, was also recommended by CR. I knew that they only allowed sponsorships from companies they trusted, but I never realized that they dug so deep into them.

      In other news, my next PC power supply will be made by Seasonic.

      2 votes
      1. [2]
        teaearlgraycold
        Link Parent
        Seasonic is and has been the best PSU manufacturer for years.

        Seasonic is and has been the best PSU manufacturer for years.

        3 votes
        1. Akir
          Link Parent
          Yes, this is true, but they've always been at least twice as much as I have been willing to pay.

          Yes, this is true, but they've always been at least twice as much as I have been willing to pay.

          3 votes
      2. [2]
        stu2b50
        Link Parent
        Although if LTT partnerships is the barometer for quality, I wouldn't jump to start a TunnelBear subscription - they had a public "falling out" where LTT explicitly stopped taking their ads...

        Although if LTT partnerships is the barometer for quality, I wouldn't jump to start a TunnelBear subscription - they had a public "falling out" where LTT explicitly stopped taking their ads because they no longer trusted them.

        3 votes
        1. cfabbro
          (edited )
          Link Parent
          LTT sponsorship actually is a barometer for quality, to a certain degree, IMO. But the caveat to that being, like you said, you have to keep up with latest LTT news since they will drop said...
          • Exemplary

          LTT sponsorship actually is a barometer for quality, to a certain degree, IMO. But the caveat to that being, like you said, you have to keep up with latest LTT news since they will drop said sponsors if things at that company change, and Linus feels he can no longer give his stamp of approval.

          E.g. LTT is currently being sponsored by PIA (Private Internet Access), and has been ever since they broke up with TunnelBear. However, they even dropped PIA for a short while too, after they were acquired by Kape Technologies, and concerns were raised about what that would mean for the company going forwards. However, LTT accepted them back as a sponsor when the PIA CEO personally reached out to Linus, and cleared the air around the terms of the acquisition in a video chat session (which you can watch here).

          See also: PIA Executives Give THEIR Side of the Story - WAN Show Feb 7, 2020

          cc: @Akir, since you seem interested in LTTs sponsorship process.

          5 votes
  3. sjvn
    Link
    As someone who's covered VPNs for ages, this piece by my friend Yael Grauer, comes as no surprise whatsoever.

    As someone who's covered VPNs for ages, this piece by my friend Yael Grauer, comes as no surprise whatsoever.

    6 votes
  4. [2]
    Bullmaestro
    Link
    The article itself doesn't tell us anything about which VPNs are offenders, so I looked at the VPN White Paper linked. Firstly... it's a bit of a dud to mention Hola Free VPN and HideMyAss on the...

    The article itself doesn't tell us anything about which VPNs are offenders, so I looked at the VPN White Paper linked.

    Firstly... it's a bit of a dud to mention Hola Free VPN and HideMyAss on the report. They're well-known for being unreliable. Hola Unblocker is incredibly well-known for being borderline malware while HMA were the reason why Lulzsec hackers got busted because it turns out that yes, they were keeping connection logs despite their marketing claiming otherwise.

    Secondly, I'm surprised and a bit dubious that ExpressVPN and NordVPN ranked so highly, especially since the latter has been in hot water lately. These are the VPNs that frequently get shilled on YouTube channels.

    5 votes
    1. TheJorro
      Link Parent
      Were they ranked highly? They weren't mentioned in the recommended VPN services at the end of the whitepaper. Their top three, in order, were Mullvad, IVPN, and Mozilla. They also did talk about...

      Were they ranked highly? They weren't mentioned in the recommended VPN services at the end of the whitepaper. Their top three, in order, were Mullvad, IVPN, and Mozilla. They also did talk about the NordVPN reporting issues in the Response to Breaches section.

      Also I think they identified Hola and HMA as duds as well, those weren't chosen for further examination in the whitepaper.

      2 votes