best vpn ? any recommendations?

I know Im going to get jumped on, but I would recomend PureVPN, some would say they log yes for 5 days, but they do try to help you to use their service with as much privacy and security as they can, and the other thing is they are based in Hong Kong.

Nessy

 

I have heard that Anonine is a good VPN https://www.anonine.com/en what does everyone think of that? anybody used it? or would recommend it?

 

I haven't gone far looking into their website and found this notice.

"We are currently performing an upgrade to our system, in which a couple of bug fixes are included which will solve some recurring problems for our users. This is expected to continue during next week. Because of this upgrade, we have had a tough time keeping up with our support but we promise that all incoming support tickets will be dealt with shortly and the support will be back to full swing from the beginning of next week."

How refreshing! Honesty and humble acknowledgement can go a long way.

 

I didn't have a good experience with them.

 

Here's another Swedish VPN-provider :
https://www.privatvpn.se/affiliate/BA1eXzpp89B

openVPN with Blowfish and PPTP (for all your smart-devices)
Servers in Sweden,Germany,Switzerland,The Netherlands,UK and US .
On the Swedish server you are assigned a REAL PUBLIC Swedish IP,
just for you to use !
No logs, except for the US-server.

They have a dot-net client with some features some may find useful, like
automatic blocking of specified apps if the tunnel goes down .
Or you can just use the default openVPN client .

Uses Username/password authentication, no "private.key" and all that .
No, your username/password is NOT used for any crypto-purpose ..

 

swedish always good ,dont like dedicated ips thou ,just rubs me the wrong way i guess ,thanks for the suggestion , marktor ill be checking out bolehvpn , heard some bad things and good things bout em, but ill give em a shot

p.s: perfect privacy still no pm, either they dont like presales support or i dont know what , its odd since its a highly recommended vpn too -.-',anyhow, so new list of vpns to check :

perfect privacy <yet to be contacted -.-'
bolehvpn


and dasfox well the airvpn dude aka paolo never replied again bout him using theyre own vpn , odd

 

Just curious what bad things have you heard about BolehVPN?

 

relevant XKCD

Some members on this board will take opinions cited in passing on other discussions over their own research if any.

 

well here :

https://www.wilderssecurity.com/showthread.php?t=314309

update: got another reply from paolo from over at airvpn regarding my question if he uses theyre own vpn :


Hello!

Of course I do, why?


On the thread you linked, the questions by "fly" are essential. If you wish to publish them, the following considerations might be interesting for a security forum:

====
Re: "Who is the adversary?" - "Everyone can claim not to log" -"Privacy fighters? How many have sold out?"

The AirVPN system, if used correctly, is designed to defeat an adversary that has up to the following abilities:

- the ability to fully monitor the customer's line AND (the relevant portion of the TOR network OR all of the Air VPN servers)
- the ability to fully monitor any financial transaction of the customer

An adversary with such abilities can be defeated in the following way:

- the customer subscribes to AirVPN with a Bitcoin transaction toward an independent AirVPN reseller
- the transaction is performed by tunneling Bitcoin over [AirVPN over] TOR
- the transaction is performed with a wallet exactly fit for that transaction
- the wallet is destroyed immediately after the transaction success (safe deletion of the wallet)
- the customer always performs "partition of trust" (with the proper account) between parties from now on

Partition of trust is essential, so that a betrayal of trust by one party does not compromise the anonymity layer. An example of partition of trust is AirVPN over TOR: the TOR nodes see only encrypted (by OpenVPN) traffic and AirVPN servers do not see the real IP address of the user (they see the TOR exit node IP address). On top of that, entry-IP and exit-IP addresses of AirVPN servers are different (to emulate a 2-hop VPN in addition to the multi-hop provided by TOR) in order to prevent correlation attacks. The VPN admins therefore do not know the identity of the customer while the TOR nodes admins do not know the content, the real origin and the real destinations of the packets from/for the Air customer.

Finally (this is not our competence, but obviously highly recommended) the customer should add a further encryption layer to protect her packets payload once they get out of our servers (trivial example, use GnuPG for e-mails) in case the payload could be exploited (for example by a second adversary, unrelated to the first, that monitors the line of the final recipient) to disclose the customer's identity.

An adversary with superior abilities may not be defeated by the above setup. Typical examples:

- an adversary with the ability to monitor the customer's line AND the relevant portion of the TOR network AND all the AirVPN servers
- an adversary with the ability to fully control the hardware of the customer, without the customer's knowledge AND while the customer uses this hardware (it's only up to customer to take care against this threat, we can't do anything about it)
- a global adversary

The first kind of adversary requires additional(s) trust partition(s). The second kind of adversary renders the anonymity layer outside the victim's hardware irrelevant. The global adversary theoretically can never be defeated on the Internet.


Re: "Then there's the part about jurisdiction" -"Servers owned or rent"

Jurisdiction is surely a factor to be taken into consideration, but even more important is the applicable law. To see the difference between applicable law and jurisdiction in the EU in the field of data protection see [also] Art. 29 Working Party EU Opinion 8/2010 http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2010/wp179_en.pdf, in particular with reference to Directive 95/46/EC Art. 4.1 (a, b, c)).

We take into account both jurisdiction and applicable law. Taking into account only the first might have very unpleasant consequences (for us).

Unfortunately, we must admit that an owned server does not add any significant security. There are feasible methods to wiretap a server without allowing the server admins to know it, regardless a server is owned or rent. Furthermore, in case of physical access to the VPN servers by an adversary with such power, there's no difference whether the server is rent or owned. Again, partition of trust is a way to defeat this threat, so that a VPN server will not have any information exploitable to disclose the customer's identity, not even while a customer is connected.

Re: "Cloud computing":
we avoid it.
=====

We have further layers of security on our infrastructure, we'd be glad to discuss those that are public with the forum members if they wish so.

Kind regards

 

I dont think that that thread amounts to a "bad experience" with BolehVPN. It has to do with passwords being shown in clear text when you login on the bolehVPN website. This really has nothing to do with the service its self. On top of that when you login to the BolehVPN website you are submitting your username and password via https so I really dont get why this is such a huge deal. I mean I guess if you left yourself logged into your BolehVPN account on a computer and someone else got on your computer and went to BolehVPN.com they could see your password right on the website in clear text. Other than that I just dont see what the issue is as you are accessing and submitting everything via https on their website.

 

makes sense ill give em a try then

update: gona send em a pm now bout em 4 files if the supply them to customers and for a 1-2 day test account to see if theyre speeds are worthy , lets see what they have to say , would be nice if theyd cooperate the same as AIRVpn did

and id like for them to accept more payment options like ucash , psc etc, matter of fact ucash and other anonymous payment options should be a vpn wide standard


and ive just sent perfect privacy another pm , lets see what they have to say , theyre pretty slow thou with replying imo

 

well just got a reply back from bolehvpn ,and am gona test them out now , will update you with results

p.s: to let you know in advance yes ive received my personal key files all of them so its once again a contender worthy for my list

update:

first off i didnt have any problems with the setup or i wouldve contacted support as ive been asked of before posting ,everything went smooth , wouldve been the first time in my life using a vpn and it not working as should xD, ive used theyre official software btw, anyhow lets get it goin shall we :

luxembourg tunnel all > 13-14mbit ping= 95-99

switzerland tunnel all > 6-8mbit ping=75-80

canada tunnel all > dont work

uk tunnel all < why would anybody use that one? -.-'

and thats all they got on servers , the rest of theyre

offerings dont interest us , since where out for fully tunneled traffic

not streaming a country specific locked youtube video here and there with a proxy ,

i recommend bolehvpn for people with dsl speeds or best test the speeds

yourself to experience it first hand

p.s: as usual tested per real world usage, own isp speedtest and with direct downloads and streaming videos


so current testing list :


perfect privacy and thats bout it , any other ones i should test ? bring it



vpns that are recommended from best to worst atm , still got ways to go thou :

Airvpn , slow but still the fastest of the bunch ive tested up till now and competent folks that are actually interested in security and countermeasures, +1

bolehvpn <second ,good but speeds are lacking and only a few servers with full traffic encryption

mullvad < slooowww well and slow not much more to say bout them except for the one good point they concentrate on swedish servers , thou em servers need an upgrade including theyre speeds

 

happyyarrou: I think speeds are highly dependent on your routing and connectivity and we're happy to test this further as to why you're getting less than optimum speeds.

Just for your information the Swiss servers for us give the best bandwidth and easily max out 20 mbit broadband and is a widely popular server since it has full gigabit capabilities.We have tested this and have confirmed this with Verizon and Comcast users. They're actually by cost our most expensive servers and are hosted in a world class datacenter.

In fact the Luxembourg servers are in our experience, slower as a whole than the Swiss servers but we understand certain people get excellent speeds with it and they are reasonably reliable. In any case 14 mbit in my own humble opinion cannot be considered in any sense, 'slow'. We have more than 2000 users with almost half of them actively connected and downloading and still can offer this level of speed.

Could you please confirm that Canada is not working? We tested it on our side and seems to be working well.

UK Tunnel-All is purely for those who use it for streaming BBC/and other things. I understand that people concerned with privacy or P2P would not want this but it remains actually a frequently requested server and we are merely catering to our customer's desires and requests. The same goes with US-SurfingStreaming servers. No one is forcing anyone to use them but it's there for those who need it.

As to the selection of servers, we're looking at expanding our list but it poses a constant challenge to find reliable, fast, P2P friendly and non-logging hosts. We believe in quality over quantity and in fact consolidated several of our less performing servers with larger beefier ones that represented better burst performance than several weaker servers hence the appearance of having less servers.

You may note that all our servers on fully-routed offer port forwadable status on 1024-65000 which is important for many applications such as eMule. However such a setup requires dedicated IPv4 addresses which are limited and not cheap and we decided against having a mixture of servers with port forwarding enabled and those that are closed. Having dedicated IPv4 addresses have been controversial on Wilders but I have explained our stand on it as we don't keep logs and IPs are assigned totally via DHCP. In fact, having a remote port forwarded to a unique user on a shared IP (since this info has to be stored somewhere) may be more of a privacy risk than a dedicated IP. We feel having greater number of IP addresses and not keeping logs would offer better privacy for our customers whereby they can appear from more different IP addresses. This also protects against cases where an IP is blacklisted for whatever reason in that we have many alternate IPs.

I bring this up as I understand some VPN providers use a shared IP and then remotely forward a port to a customer through a user panel but as this is a process which requires the user to set it which implies direct user intervention and secondly this info has to be stored somewhere as to which user is getting which port to prevent overlap and do the necessary adjustments to forward that port to that unique user which requires communication from our panel to all the servers.

As we maintain multiple servers in diff datacenters which operate totally independently of each other (there is no communication with our customer database server/payment processing), we feel this offers a neat solution in ensuring that a VPN server does not have any links or access to our customer database (which records payments and etc). Each VPN server stands alone and needs not communicate to our customer server which would be required if remote port forwarding via a panel system is to be setup.

There are both pros and cons of course but we have made a conscious choice to avoid this to both ease of use of the customer and maintain privacy and server independence.

It is also incorrect to say that our servers do not offer full traffic encryption. Even the proxied servers offer the same level of encryption as the Fully-Routed ones. It's a matter of ensuring the program you are using does not leak out data outside the proxy or download something to your computer to determine your real IP address. With proper configuration this can be achieved. Of course we still feel that the Fully-Routed is better for privacy since it's much easier to configure and ensures all data goes through the VPN but this doesn't mean that the proxied servers are less secure. It just requires more configuration. Those who use the proxied servers generally want to have a mixture of a VPN connection and their regular net connection. For e.g. if they game and wish to P2P at the same time or if they only want certain programs to be protected. A VPN always adds latency so in certain cases, it makes perfect sense to use a proxied connection. Also a properly configured program that uses the proxy may be MORE secure than a Fully-Routed connection since if for whatever reason your connection to the VPN is interrupted, the traffic cannot flow outside the proxy while for the Fully-Routed unless you use firewalls and such to achieve this, you are left naked for a brief moment while the VPN connection re-establishes. We are working on some improvements to our GUI to automate this process on killing traffic if the fully-routed connection disconnects. Also despite the name of "Proxied" this is not your regular proxy with direct access but a proxy residing within an encrypted VPN network.

Again, you have to understand BolehVPN caters for a wide variety of customers and we aim to meet all of these needs. No one forces anyone to use a particular configuration that is why we have a variety of configurations meant for varying needs.

 

Thanks for stopping by BolehVPN!
I am not really sure what the speed expectations are or if he was really getting that slow of speeds. I have personally been very satisfied with the speeds I get.
Browsing the web I notice no real difference. When downloading a file it is a bit slower but very acceptable. With using ANY VPN you will have a noticeable slow down.

 

speed expectations? well i was expecting to get a 21-28mbit connection from my regular 35mbit connection , thats all, im sure thats not too much asked , get it 14mbit =slow and 21-28mbit is acceptable, and im only using an average connection 35mbit is like nothing nowadays but gotta wait till we get better speeds around here


p.s: thanks bolehvpn for the interesting feedback , and yes canada didnt work, maybe itd work if i could change its setting from udp to tcp or vice versa , since ive experienced a similar problem with airvpn's netherlands leonis until ive switched it to tcp

 

Yes; here are 5 more recommendations. All are OpenVPN, good selection of "offshore" servers, and no logs.

BW Privacy Services
https://www.bwprivacy.to/

Insorg
http://vpn.insorg.org/

nVpn
http://www.nvpn.net/

oVPN.to
https://www.ovpn.to/

SecureSystems
http://www.secsys.net/

 

While I understand wanting as much as possible, VPN Speeds will be slower than your connection. 15mbits from Mullvad is plenty for me though. I'm on a 30mbit connection from my provider. Also, how did you test: Using Speedtest.net, the location should be the exit of the tunnel...did you test that one, or one from your home country?

PD

 

i tested from where my isp is located aka my own country , makes sense since the traffic has to travel through my connection


p.s: i use my own isp's speedtest , its the most trustworthy and delivers me my real world speeds and to confirm the speedtests validity ive used multiple server downloads and streaming videos , and indeed the speeds where identical to the speedtest provided , ive tested speedtest.net and gives me radically random speeds each time i test it -.-', worthless imo

thanks casper btw already tested ovpn its almost worse than mullvad gona give em others a looksee , and still no reply from perfect privacy , guess they dont like presales communications? hmmm...


ovpn:


lt 2 = 9-10mbit ping= 145

lt 3 = 4mbit ping=187

ru2 = 5-7mbit ping=175

ru3= 6-8mbit ping=194

ru4= 2-3mbit ping=197

nl2=9-10mbit ping=75

nl5=8-11mbit ping=65


ch3=6-7mbit ping=78

ro1=8-9mbit ping=131

hk1=460kbit ping=759 <lmfao

 

The best speedtest to you is one that is close to your VPN server location.

Traffic flows like this

Computer -> ISP -> VPN -> Speedtest server -> VPN -> ISP -> Computer

So using your own ISP's speedtest may not be accurate considering that it has to travel outside your ISP, to the VPN servers then to your speedtest server and then back again.

 

ummm didnt i just say that ive not only counted on the speedtest i would be stupid if i would , but have done actual direct downloads from multiple servers and video streaming? to saturate my bandwith and test the speeds -.-'

p.s: no offense but that speedtest is the most accurate ive tested out there

 

Seriously? That strikes me as quite counterproductive.

 

I dont know about anyone else but Id be ok with those speed while using a VPN. Just curious has any VPN met your speed expectations yet?

 

Mate I cant believe that you are complaining, as far as Im concerned if you can get at least 50% of youre ISP speed from a vpn then that is fantastic,the privacy and encryption gained from a vpn makes up for that speed loss, I spent nearly 3 months looking for a vpn that would give me at least 50%, all those I tried before my present vpn only gave about a quarter of my speed.

 

The higher your bandwidth relative to other users sharing your VPN exit, the less anonymous you are. Anonymity focused VPNs typically cap bandwidth at 3-5Mbps, in my experience.

 

youd be suprised its not trust me, and read my previous post mirimir

not yet still on the lookout , but if any then id pick Airvpn atm not finished yet thou still got ways to go im sure ill find the holy grail, i knew from the beginning that it wouldnt be a 2-3day and finished thing

and yes nessy90 i am abit spoiled from my current speeds and thus try to get the most out of it as i possibly can and im sure theres a vpn out there that can do that just havent found it yet but im positive itll show up , as im gona be checking out caspers recommendations too like bw privacy services and secsys maybe, dont like that secsys dont offer swedish servers thou, the other 2 insorg and nvpn isnt worth anything they dont support anonymous payment options thou i still can test them out, already sent out pm's , if any others keep em comin




update: well just got a reply back from nvpn and it seems theyre not gona be tested from me then

heres an excerpt :

"hello

first things first..

not any VPN "MUST" provide 4 files.. we dont even use .key validation, we use auth-user-pass and grab the user/pass by the env variables and then verify the login with a DB in panama...

so there is no .key validation therefore anywhere...

and besides, these files there which you request, are meaningless to narrowing down anything, like what would they prove or show to anyone? not anything...

they dont tell you about a VPNs policy and abuse handling and the NO log policy or anything...

if you want to get the .crt file, you can simply ORDER an account and you receive the .crt + .ovpn file and you can then investigate all you want from there, speed, .crt all .. i mean we dont simply send it around only cuz somebody requests it, specially not cuz i dont see any point in doing this or what this would prove...

and we dont have test acounts and dont need to do it... to tell you the truth now, we get these type of tickets and trial requests and PMs daily and all get denied, cuz we dont have to do it...

dont get it twisted, i understand your plan and that you want to make a list of the best VPNs, but then find a nvpn customer to tell you about his experience or even better simply order it yourself, now that is a real review (which you plan to do anyways...)

i know our quality and what we offer and what we do, so simply order it and test it yourself and we can then move ahead from there.."


and so i have to order to test if theyre worth it ?,thats as much as ive been able to understand from him repeating me to order ,lmfao somebodys on theyre high horse , one less on my list , as if i hadnt read theyre tos beforehand , what does he take me for an idiot? -.-'