I doubt that encryption is the weakest link in using VPN services. xkcd: Security <http://xkcd.com/538/>
The better the tunneling and "ENCRYPTION" technique, the more secure your identity, confidential information and other data are. http://topvpnguide.net/how-secure-is-top-vpn-2013/ As a general rule of thumb, the higher the level of encryption, the more secure it is but a higher level of encryption also normally means a slower connection. Most VPN service providers utilize a high level of encryption during authentication (e.g. 1024bit or 2048bit). Then a lower level of encryption on the tunnel (e.g. 128bit or 256bit). Our editors, in general, feel that as long as 1024 bit is used in control (authentication), 128bit on data (tunnel), and any SHA-2 for HMAC a customer can feel very secure. Using 256bit on data is a nice upgrade, as is 2048bit on control. http://vpnandusenetreviews.com/can-you-explain-openvpn-encryption
Im just wondering would it be better say for a NGO to lease their own servers and run their own VPS or even buy a reseller plan?
@ PIA and Android Users: Could I hear comments on the Android user experience? How well does the PIA app perform? Will I be able to select different servers through the app? Thanks!
I haven't checked Wilders in a while so just thought I'll pop in and say hi and thank everyone recommending us Sorry for not responding to PMs. If any questions and I don't reply to PM (just e-mail me reuben [a] bolehvpn dot net <3 <3
After further searching, the answer is YES! I have completely moved away from desktops and laptops to Android phones and tablets so hence my question! FYI - i tested "Mullvad" on my Galaxy Nexus using their free 3 hour trial and was very impressed with the speed. Unfortunately, there are 2 things stopping me from using that service - #1 no canadian servers and #2 don't appear to accept prepaid credit cards as that is the "only" way i purchase online.
VPN Gate had a pretty significant update this year and the Softether VPN client is now open source and went from version 2.0 to 4.03 . I updated when it came out an now it is more comparable to the Security Kiss Jadite plan freebie I have been trying out. I don't have any more or less disconnects using either one now. VPN Gate and the Softether VPN client are both produced by the University of Tsukuba Japan. The main intent is to provide a way to defeat Chinese Internet Censorship and similar censorship in other countries. I have been using mostly Japanese and Korean exit nodes due to good bandwidth and stability but today used a VPN server in Sweden. Only one disconnect in a few hours time which is about what I've been getting with Security Kiss. VPN Gate is interesting. The VPN servers are all volunteer and the list is growing and becoming more diverse. Finding one that has both bandwidth and stability is the main issue but this is definitely getting better as a free VPN option. I still intend to try VPN Gate with Openvpn but with the recent update, it is just to see how it works, not for any improvement in performance. VPN Gate with Softether is giving me about the same as the Security Kiss Openvpn based client. I have been abusing bandwidth with both and the results are comparable. Here are links. http://www.vpngate.net/en/ http://www.softether.org/ Almost all the VPN Gate servers have a stated 2 week logging policy. Not having any payment at all associated with VPN use is a great advantage in staying completely anonymous. It is possible to cascade servers with a VM. I have used VPNgate in a VM in a host connected to Security Kiss and have cascaded two VPN Gate servers doing the same.
Take care that anyone who runs any of those servers have any information that travels through them, Your ISP/IP name/ user information/email / passwords. Also you should not be disconnecting so much. I rarely ever disconnect from my VPN.
The disconnects are mainly timeouts that are from dropouts in my own long range wireless Internet connection. I live in a bandwidth ghetto and I am glad to have internet access at all in a rural, if not remote, location. In a bandwidth rich part of the world like Japan, I don't think the programmers would run into issues like mine. I don't use VPNs for any personal business and I don't think the VPN severs would have any access to passwords and log on information because that is already https encrypted. I would never log on to any site that didn't use secure logons. All they would have is the IP and whatever it was connecting to. Keep in mind that the VPN Gate system is designed to circumvent totalitarian censorship, not merely hide torrent IPs so I would say that it is fairly secure. The way to find out would be to download the VPN Gate server software and see what the parameters are and what access there is to the data being passed through it. The consequences of being caught in China bypassing the great firewall are going to be far worse than a threat of a lawsuit from a copyright troll. I don't think the risk is any greater than with a commercial VPN provider and that can be reduced by jumping from server to server and VPN Gate has a big server list. The other trade off is no payment transaction record. That makes you much more anonymous and bypasses the whole complicated issue of anonymous payment. I am leaning towards PIA as a paid VPN because of value for the money and they are very creative in coming up with ways to pay anonymously but it is complicated where I live. It is a small community and there is no easy access to bitcoins for cash here and any bitcoin purchases I made online would be traceable to some extent because I would be using paypal or a credit card to buy the bitcoins.
You can always get bitcoins from someone you trust online, many people do PayPal for Bitcoin trades you just have to know where to look and trust a person, best to do with people you have known for a while.
yes you can chose which server you want. Also, just FYI the PIA android app works great also on the Kindle Fire HD, you just need to side load it. Tested myself yesterday.
Really not practical for me and far from anonymous. I would rather not have Paypal involved at all. Not only does Paypal keep records of the transaction, so do all parties involved. I did another afternoon on a VPN Gate connection and ran a 1mbs download stream for several hours. Only one disconnect. Performance pretty much equal to Security Kiss. I don't have the means to test it at really high bandwidth and I feel it will probably max out much less than PIA or any other good paid provider. I'm not against paying for a good VPN service and bandwidth is one of the things that money buys. For those who can't afford to or don't need lots of bandwidth, VPN Gate is a good free VPN service and is really noble in its intention. It is not just an enticement to pay for a higher level of service from a provider.
Your ISP could threaten to shut down your account for downloading copyrighted material. It's something that some of them started doing recently. Also, the entertainment industry has sued many people for thousands of dollars for using peer to peer. A local college student where I live was charged for downloading music. They came and took his computer. And they fined him a few thousand dollars. And whatever you do don't ever download anything illegal. They actively monitor peer to peer for people downloading illegal porn and that sort or thing. I read about that the other day. Evidently they have some way of monitoring everything that goes on. I don't know how but they do but they do. So if there is something that looks questionable, just skip it. Because if it turns out to be something bad they will come and bust your door down and throw you in prison so fast you won't know what to think. That happened to a friend of mine's cousin a few months ago. I finally found something on the internet about him and sure enough they were monitoring peer to peer just waiting for people to download or share illegal porn. They came and got his computers.He is in prison doing time.
Question: After reading about EarthVPN it appears that even though a VPN provider doesn't keep logs, their data center probably does. So if a person is not chaining VPNs like Mirmir does, and is using only one single VPN, would it not be a much wiser choice to use a multihop VPN? What would the second data center know?
I have given the VPN chaining a test run since I feel its a better compromise for speed over just running Tor, but even with a pfsense dedicated PC and then running a 2nd openvpn vpn while it does work the stability and performance after a 2-3 hours can take quite a hit in speed.... Connection goes from full bandwidth to perhaps 50-70% with the 2nd VPN tunnel after few hours.... making it somewhat unusable. Has anyone done VPN tunnelling and noticed this effect?
Yes, using a two-hop VPN would protect against datacenter logging, unless an adversary got both datacenters to log.
That's not bad, really. There's no free lunch. Try different combinations of servers, and you may find a faster one. Also, check UDP ve TCP. I generally find UDP>UDP fastest, but sometimes it's UDP>TCP.
Other thing maybe to consider when choose VPN. A website like Wilders probably is very popular also to kind of people you are using VPN for protection from! So VPNs that are very popular in discussions at this kind of website or in the comments at torrentfreak website probably get lot more attentions. Maybe better to learn about VPN that is not known so much. Less popular VPN.
Be sure to check if your VPN provider has issued new keys and certificates after Heartbleed, and update the VPN client on your computer as well: https://news.ycombinator.com/item?id=7598616
Indeed! And using TLS authentication doesn't help However, unless an adversary can also poison DNS, clients won't use their server clone. And as long as clients access their provider's servers by IP address, they'll be safe, with one exception. The exception involves replacing genuine servers with evil clones at the same IP addresses. But that's not a new threat. Any adversary capable of that would have access to data centers, and could get keys directly from servers' RAM.
