Review after 6+ Months

[Crewman6639 4]

I have been using the service for 6+ months. Switched over from Mullvad due to needing port forwarding support.

Speed: I get around 50% - 75% of my wired speeds when using AirVPN. I switch between 3 different servers located closest to where I live. I can't say objectively whether this is good or not but for my purposes I am happy with these results.

Reliability: I very rarely have any issues when using AirVPN. Every once and a while I will have to switch to a different server. Recently though reddit seems to be partially blocking VPNs (forced to use old.reddit) which is an annoyance but it does not seem to be an issue with AirVPN.

Eddie Client: Was not reliable. Half of my devices would not recognize the client and there always seemed to be issues with having the Eddie client reliably startup on boot. It has been months since I have tried it again but since the Wireguard client "just works" it is hard to find a reason to use Eddie.

Features: Really love the client area and being able to add blocklists, manage ports, etc. This has been great!

Concerns: Lack of audits. I have asked on the forums but still have never received an answer that justified not getting annual audits from a respectable company such as Cure53. If there was anything that would prompt me to switch its this. A privacy focused VPN should welcome annual audits of its security at the very least, if not its entire infrastructure. Its the one major difference between AirVPN and its peers (IVPN, Mullvad, Proton). 

Conclusion: Overall I am very happy with the service and I just recently extended my subscription. I do hope AirVPN will change its stance on audits. 

[ss11 15]

You are thinking too highly about audits. There is nothing they can do (the audit people) that cannot prevent the operator from changing the status quo after the audit. In other words all can be well at an audit, and then after the audit switched. Allowing "random" root access any time on all servers for a third audit company opens the door for a lot more problems and threats, and in the end users left with nobody to blame. Even so, a malefic script or program that runs from RAM could of course remove itself permanently once root logs in.

Checksum of the entire hard drive is a false sense of security and technical inaccurate term as it cannot properly exist in a modern operating system that is not firmware and also anything can be run from RAM only.

I am only saying AirVPN's stance on audits (I am not against changing it but I also don't see much point if so) is not wrong, it's just spelling the truth as it is.

If one will tell how an audit will be done that will be guaranteed to maintain the audit results after the audit is over, I would love to see it.

[Crewman6639 4]

3 hours ago, ss11 said:

There is nothing they can do (the audit people) that cannot prevent the operator from changing the status quo after the audit. In other words all can be well at an audit, and then after the audit switched.

This is such a ridiculous reason to not get an audit. Anyone who thought AirVPN would do this would not be a customer regardless. It also assumes that it would be reasonable for AirVPN to take the time to get its infastructure ready for an audit and pass the audit, just to dismantle it. Audits can be expensive and time consuming to prepare for and pass, there would be no point in getting an audit if the plan was to just change after. It would be much easier, and accomplish the same thing to just not get an audit and make up excuses.

If the point of an audit was just for marketing then AirVPN would of already done something akin to PureVPN and their always-on audit by KPMG.

The audit is about upholding the values AirVPN claims to have by showing their customers that, like their peers, they can prove time and again they are who they say they are.
 

3 hours ago, ss11 said:

Allowing "random" root access any time on all servers for a third audit company opens the door for a lot more problems and threats, and in the end users left with nobody to blame.

Again, this is also ridiculous. There are legit auditors out there. Do you really believe that Mullvad and Proton are significantly more at risk then AirVPN is? The only risk comes to the costumers who have to provide an extra level of trust to VPN providers who are not willing to undergo an audit.
 

3 hours ago, ss11 said:

I am only saying AirVPN's stance on audits

Totally understand that but none of these excuses hold up at all under scrutiny.

Obviously audits are not the only way AirVPN can show it does what it says. Reputation matters, and AirVPN has had a great one for years and years. BUT.... It is concerning that they seem so against audits when the consensus, especially in the privacy and security community, is that regualr audits are a benefit.