Choosing the Right VPN

Choosing the best VPN

Reliable Information

As Ars Technica 1 discovered, choosing a VPN service is difficult. There are some obvious reasons for this. First, VPN services have some of the highest paying affiliate programs online. This means there are often huge incentives for the shady best VPN lists and clickbait that dominate search results. 2 The same incentives hold for ‘worst VPN' lists. They direct traffic toward venders offering higher rewards.  Second, people feel vulnerable, and with good reason. There is nothing like vulnerability for bringing out the sharks.

Finding reviews of VPN services that are not glorified advertisements is as hard as finding google search results without list posts. The torrent of junk articles, and marketing shills pedalling services they never use, means the only way to find a service that works for you is to either try a bunch yourself, or get a recommendation from a trusted source. I am working toward making this site the latter.

Trial and Error

The advice of trusted sources has led me to try some of the best known and popular VPN services. In this are Cloak VPN — which has recently become Encrypt Me— and Tunnel Bear. Both of which are fine services that will be good enough for a lot of users, but I have set a higher threshold for privacy than either service can provide. If you needs are modest, Tunnel Bear even offers a free tier — although I doubt 500mb will satisfy many people reading this. The best feature ofCloak/Encrypt.me is it’s user friendliness and ability to automatically connect to chosen networks, but I find the service is expensive considering its other limitations.

Until recently access to streaming services in New Zealand was poor. The way around that for committed nerds was to override the geolocation. While this is not the only, or even the main reason I use a VPN, it remains a decent barometer for the quality of service. It is what led me to try the smartDNS and VPN from OverPlay, which is a service plagued with problems. Further trial and error led me to try numerous other services, includingPrivate Internet Access, IPVanish, Express VPN, and Pure VPN. All of which were found wanting in different ways for my particular needs. In some cases the connection speeds would be good, but streaming or something else would break. At other times, the opposite would be true. I kept bumping up against problems that would put me back at square one. From there a host of others either had terrible speeds, are plagued with usability problems, or simply aren’t secure beneath all the bluster 3

So having tried so many VPN services, and having spent hours sifting through the claptrap to read anything that isn’t a glorified advertorial — or self-serving blog posts by service providers. I hope that my opinion at least has some weight behind it. I must stress, however, this is still very much an opinion. As they say, your mileage may vary.

Privacy and Security

Privacy and security are the bread and butter of any VPN service. Every year Torrent Freak runs an updated survey called Which VPN Services Take Your Anonymity Seriously?. The questions range from how each service handles logs, to whether or not they own their own services. They ask what they do in the event of a court order. The strength of their encryption technology, and whether or not they support anonymous payment. I will let you decide for yourself how important each of the answers are to you. Technically the article is an affiliated list, not completely unlike the ones I criticise above. The difference is this one includes a lot of relevant information. Neither does it scream at you with arbitrary ratings, gold stars and fake medallions. This is a worthwhile exercise for the quality of the questions. Putting stock in them has proven fruitful in finding a service that I am happy with.

Elsewhere, similar concerns are addressed by privacytools.io — an excellent privacy and security resource with an active community on Reddit. Particularly the issue of legal jurisdiction. Privacytools.io takes an uncompromising approach to where the service is located, and what legal implications that has for how they operate. The importance of location is something that services like Cloak/Encrypt.me 4 contest for their own obvious reasons. I happen to live in a so-called Five Eyes country — and one that has shown a liberal application of due process at times. So even for my simple needs, I would prefer to err on the side of caution and take the advice of folks who make it their business to know better.

User Experience

Beyond the crucial matters of security and privacy, what remains is the user experience. Yes, the quality of service matters. It matters a lot. Yet, you can be as secure and anonymous as you like, but if getting there requires the use of substandard apps, obscure configurations, and crawling speeds, then I doubt you will be persuaded.

No matter what a VPN service claims it can deliver in terms of bandwidth, there is no such thing as a VPN that doesn't slow your traffic down in some way. The question becomes how much of a hit you will take. The only way speed issues are addressed in earnest is by having servers close to where you are. If a service can bring together proximity, privacy and security, with a decent user experience, then it starts being worth your time.

Having done all the work balancing out all of these questions, I eventually landed on a VPN service that I can happily say meets my needs. Having used NordVPN 5 for over a year now, I finally feel comfortable with recommending it to others.

This is a further summary of what I feel NordVPN has going for it:

  • The NordVPN apps are a pleasure to use. Just install, login and click to connect. The include a graphical map for choosing the server location. From there you can drill down to chose individual servers. The client includes a kill switch for any apps you choose, so if the service gets disconnected nobody will catch a glimpse of you pulling down your latest ‘public domain' television episodes
  • The desktop apps include a contextual search engine that will suggest the best servers for particular tasks.
  • The service is truly multi-platform, covering everything from the mainstream operating systems to Raspberry Pi, Open VPN and firmware for just about any router you can think of. They also sell pre-flashed routers to run the service from the point of connection.
  • A single account can connect 6 simultaneous devices. Or as many as you like if you run it on your router
  • They are the only service I have found that consistently keeps ahead of the geo-blocking and VPN blocking efforts of streaming services like Netflix, BBC iPlayer, Amazon Prime, and Hulu. You will sometimes need to contact support to find which servers are working as it continues to be a game of cat and mouse for every service, but the response has always been immediate via their 24/7 chat support
  • The Mac client for NordVPN include a technology they call Cybersec, which blocks trackers, malware and intrusive data hogging advertisements
  • They currently have a network of 1093 servers operating across 61 countries. I am yet to find something I cannot access with the service.
  • A number of dedicated P2P servers are specifically configured for file sharing
  • Double VPN and TOR over VPN are uber privacy services if you ever need to break out the tinfoil hat
  • Support has been quick, responsive and friendly. Not that I have ever needed it for much.
  • The service is comparatively inexpensive, they currently have a deal that amounts to US$3.29 per month — albeit if you sign up for two years. Shorter terms, starting at one month, are also cost effective. You can check out the options here

The Limits of Anonymity

Having covered the good stuff, I want to stress there is no such thing as a perfect VPN service. To my mind, any service that betrays the trust of its users is committing commercial suicide. But that doesn’t mean it hasn’t happened. It also says nothing of mistakes, or of bugs in the code. I trust NordVPN for my purposes, but if your goal is absolute anonymity, then you are going to need a lot more than what any such service can provide. If that is the case, then start with TOR.

Across the board VPN services ted to either lay claim to, to imply, an infallibility that they are not only incapable of delivering, but for most people is impossible to verify. To the credit of services like the VPN formerly known as Cloak, they make no such claims to anonymity, but rather aim to ensure your safety on untrusted networks and so on. I happen to want more from a VPN, but I'm not daft enough to overlook the glaringly obvious fact that using any VPN service requires an unparalleled leap of faith. All of your data is funnelled through a server you have no control over. Somehow I doubt anyone reading this is looking for advice on how to get away with illegal activity, suffice to say I don't think a VPN is going to cover you if you are.

Why use a VPN?

VPN providers are becoming increasingly important as the ever decreasing circle of internet privacy is squeezed by big advertising and ideological zealotry. While accessing television shows that you otherwise might not be able to, is potentially fun, it is not the reason you need to take this seriously. There are any number of reasons why you should. Consider the draconian laws and mandatory data retention in Australia. The extreme surveillance in the UK, or internet service providers preparing to auction off user data in the US. These are the real reasons that you should consider a VPN. As for the ‘I have nothing to hide' cliché, my favourite response remains the Snowden line, ‘Arguing that you don’t care about the right to privacy because you have nothing to hide is no different from saying you don’t care about free speech because you have nothing to say'. Believing otherwise is not only naive, it’s dangerous.

As for academics, the cynic in me fears that security measures are only going to become more relevant as the aforementioned circle starts cross the threshold of so-called academic freedom. The signs are there for anyone to see. Sadly privacy and security are something of a privilege and a luxury at this point in time, but if you have the means this is something worth your attention. What a VPN can provide you with is extra security and privacy, but only when combined with competent online behaviour.

I want to end this with something of a disclaimer. I qualify my recommendation with a reminder that you should be clear on your needs when looking at a VPN. Go in with your eyes open. If you want to understand just how subjective this can be, head over to reddit and try to find a VPN provider that hasn’t been trashed by somebody. What works for a gamer on a PC is not necessarily going to translate to an academic researching wanting uninterrupted access across multiple time zones. I also have to add that my choice of service has been a balancing act, for example I have used faster services than NordVPN, but none of them offered enough of the features I needed.

There is a lot of misunderstanding around, and some frankly ridiculous expectations at times. If you keep yours realistic, and test your chosen service against your specific needs, you are less likely to join the such and such service sucks chorus on social media. Despite all of the aforementioned misinformation, there are a number of good VPN services available. If you are not ready to accept my recommendation, start with the list on. Even if criteria your is not as exacting as mine — or for that matter, more so — find a recommendation from a source you trust. 6 NordVPN works well for me. That gives me the confidence to suggest it here, but I cannot guarantee your needs will be met as well as mine. If you try it and are not satisfied, do not be shy about asking for your money back. They will give it to you.

If you do want to try NordVPN, they offer a 30 day, no questions asked money back guarantee. You can sign up at NordVPN.com

Rolling Your Own

If you can’t take the leap of faith required to use a third-party VPN service, and TOR doesn’t meet your needs, there is at least one other option. That is to roll your own VPN service using something like Algo. You will need access to virtual private server to set it up. The Algo repository suggests using Digital Ocean. I recommend using Linode, where you can set up a powerful server in next to no time for $5USD a month. You will need to be comfortable running a few simple commands in the terminal for setting up both the server and the VPN. Don’t let that put you off, if you can follow instructions you will be fine. I’m pretty sure most people learn the command line with a combination of cut, paste and hope anyway.

Once you it up and running you could use something like Shimo to connect to it from your Mac, which is also available with Setapp. Or configure it directly in the native macOS settings. On iOS you can do something similar, either configure it in settings or use a client like OpenVPN. If you are even contemplating rolling your own, I would expect this to make sense.

Further Reading (and watching)

Berkeley Blog – Why Care about Privacy

Nothing to Hide

Why Privacy Matters – Ted Talk

  1. The final subtitle in that article is not a good sign post. Some VPNs can most definitely put you at risk, but the onus is on the user to select a service that won't
  2. To be clear, this uses affiliate links. However, not only is that is far from its reason to exist, but nothing is linked without personal experience and usually at considerable personal expense. This site runs at a loss as a result. I would hope the difference between this and affiliate marketing is obvious.
  3. To be doubly clear, I am not condoning illegal activity
  4. The name change might appear arbitrary, but I would wager it has something to do with SEO. I also feel uncomfortable with their use of the phrase ‘free apps' for a service that requires a subscription
  5. Not to be confused with NordicVPN