VPN Comparison chart - real competitive analysis effort

[zhang888 1066]

Hello,

As you might have noticed, there is a list circulating on the privacy related forums

recently regarding VPN providers:

 

Old chart (The author of the chart did not provide any credible info regarding his tests)

 

</deprecated>

 

https://docs.google.com/spreadsheets/d/1FJTvWT5RHFSYuEoFVpAeQjuQPU4BVzbOigT0xebxTOw/edit?pref=2&pli=1#gid=0

 

<deprecated>

 

 

New chart:

 

https://www.comparitech.com/blog/vpn-privacy/best-vpns-privacy-and-anonymity/

 

 

 

While this list might be useful to avoid some providers, it lacks (imho) key values like if the

announced locations are real locations and not fake Whois+GeoIP tricks, if the servers are

actual bare-bone servers with real internet providers and not cheap shared bandwidth

resellers, and of course who is the team behind the VPN company and how they respond

to critical security issues, privacy questions and "hard" questions regarding their service.

 

I want to make it an open discussion, where the members that submit their thoughts

"Why provider X is better than Air", where me, or other members, can explain why most of

the times this is a lie.

Since most of those providers oversell cheap VPS servers, and have GeoIP tricks with

fake whois (HMA/PureVPN/Ivacy are a good example) to show you 50+ countries

where in fact it is mostly NL/US location where you can put fake data in the IP, and open a

ticket to Maxmind to update the location. And here you go, a fake country is ready for the

gullible users to fall in.

I would like to make a discussion where every member can post a "feature" where they think

another provider is better, but as I explained, most of them only false advertize it in most cases.

The only thing I cannot put up on this challenge is the price, however, being in the hosting industry

I do know how much Air pays for their leased servers - this is not a cheap thing to run at all.

There are about 100 providers in this list, I tried to find one that is at least honest about their infrastructure and their privacy policy, but I couldn't find anyone except Air. Now this is rather

bad news than good one - I wanted to see more, but a fact is a fact...

Feel free to throw competitive names here, in a nicely manner, and I will try as much as possible

to show you why some points you believe in - are not exactly the way there are on this list.

You can also try and point out some improvement points for Air, based on that list, and if they

are interesting I am sure Staff can comment about them.

 

Regards.

[NecroKatze 1]

I currently have two VPN subscriptions - AirVPN (of course) and OVPN.se.

 

In a way i see both as equally good but i find that OVPN's transparency so far has been great. They are honest about how much they are investing in each datacentre, how they prepare and configure their servers et cetera.

 

As an example - it is one thing to just disable the logs in the configuration but another to actually run the servers diskless, limit write rights with AppArmor and of course - make sure you have full control of the server yourself and not only rent a dedicated one.

 

Other than that i use both equally as much and seeing that OVPN only have two locations currently AirVPN has a bigger advantage of more locations.

[zhang888 1066]

In a way i see both as equally good but i find that OVPN's transparency so far has been great. They are honest about how much they are investing in each datacentre, how they prepare and configure their servers et cetera.

 

As an example - it is one thing to just disable the logs in the configuration but another to actually run the servers diskless, limit write rights with AppArmor and of course - make sure you have full control of the server yourself and not only rent a dedicated one.

 

I don't buy that, look at the ToS:

 

Illegal activities

Customers may not use our services to commit crimes. In the case of a crime being comitted, OVPN.se retains full rights to suspend the account in question without a refund.

 

If they have the ability to terminate accounts for "crimes", they do log and should be avoided. You are either a VPN provider or a court judge, but you can't be both.

These guys made it clear on which side they are.

[go558a83nk 362]

 

 

 

In a way i see both as equally good but i find that OVPN's transparency so far has been great. They are honest about how much they are investing in each datacentre, how they prepare and configure their servers et cetera.

 

As an example - it is one thing to just disable the logs in the configuration but another to actually run the servers diskless, limit write rights with AppArmor and of course - make sure you have full control of the server yourself and not only rent a dedicated one.

I don't buy that, look at the ToS:

 

 

>Illegal activities

Customers may not use our services to commit crimes. In the case of a crime being comitted, OVPN.se retains full rights to suspend the account in question without a refund.

If they have the ability to terminate accounts for "crimes", they do log and should be avoided. You are either a VPN provider or a court judge, but you can't be both.

These guys made it clear on which side they are.

 

I'm 99% sure Air takes the same position when it comes to certain crimes.  In the case of Air and probably ovpn.se the ban would be retroactive (edit: or is the word reactive?), not proactive, and most likely only after having been alerted by the proper authorities. 

[zhang888 1066]

As long as they didn't mention according to who and which authority a certain action would be considered illegal

(their jurisdiction? server's location jurisdiction? customer's jurisdiction?) this is nonsense and means they may

treat any single DMCA letter or portscan as "crime". Such providers should be avoided, and historically proved that

they do log all activity very proactively. (read the HMA,EarthVPN and other) cases from the past.

[go558a83nk 362]

https://airvpn.org/topic/7181-clarification-of-your-monitoring-policies/?p=29972

 

zhang888, perhaps you should read that post by Air Staff. 

[Clodo 176]

Around twelve days ago I wrote a comment about the list of this topic, almost the same things explained by zhang888.

 

Anyway, I think this guy (who maybe is related to privacytools.io, I'm not sure) has good and impartial intentions.

I like that, there are too many popular VPN comparison websites that don't really compare services: they collect affiliate and advertising income and then they rank services only on a revenue basis.

 

Maybe anyone here can be constructive and help him improve his spreadsheet.

Maybe if he receives some examples of fake geo IP address, he can add a column on that.

[NecroKatze 1]

 

In a way i see both as equally good but i find that OVPN's transparency so far has been great. They are honest about how much they are investing in each datacentre, how they prepare and configure their servers et cetera.

 

As an example - it is one thing to just disable the logs in the configuration but another to actually run the servers diskless, limit write rights with AppArmor and of course - make sure you have full control of the server yourself and not only rent a dedicated one.

I don't buy that, look at the ToS:

 

 

Illegal activities

Customers may not use our services to commit crimes. In the case of a crime being comitted, OVPN.se retains full rights to suspend the account in question without a refund.

If they have the ability to terminate accounts for "crimes", they do log and should be avoided. You are either a VPN provider or a court judge, but you can't be both.

These guys made it clear on which side they are.

I just had a conversation with their support and got a clear answer on why that part is there. It's mainly to cover so that people can't claim that they are encouraging crimes - but in reality no account can or will be suspended because it would be impossible for them to know.

 

It also covers more obvous things like peole paying with stolen credit cards etc...

[me.moo@posteo.me 80]

I just had a conversation with their support and got a clear answer on why that part is there. It's mainly to cover so that people can't claim that they are encouraging crimes - but in reality no account can or will be suspended because it would be impossible for them to know.

 

It also covers more obvous things like peole paying with stolen credit cards etc...

 

I can't see why it is required in the ToS for any reason. Air have it all covered already.

[NecroKatze 1]

 

I just had a conversation with their support and got a clear answer on why that part is there. It's mainly to cover so that people can't claim that they are encouraging crimes - but in reality no account can or will be suspended because it would be impossible for them to know.

 

It also covers more obvous things like peole paying with stolen credit cards etc...

I can't see why it is required in the ToS for any reason. Air have it all covered already.

Yes indeed, airvpn has it covered already - in the same way as OVPN does:

 

4) BY USING THE AIRVPN VPN SERVICE ("Service") YOU AGREE NOT TO:

  1. use the Service to violate, in any way, directly or indirectly, the European Convention for Human Rights. If you live in a country with laws which permit such violations, you nevertheless agree to respect the aforementioned Convention.

  2. use the Service to damage or cause risk to our business, reputation, employees, subscribers, facilities, or to any person;

  3. rent, lease, loan, sell, resell, sublicense, distribute or otherwise transfer the Service without our prior written authorization;

  4. remove, circumvent, disable, damage or otherwise interfere with security-related features of the Service or features that enforce limitations on the use of the Service;

  5. intentionally interfere with or damage operation of the Service, by any means, including uploading or otherwise disseminating on the Internet spam, viruses, adware, spyware, worms, or other malicious code; 

  6. use the Service to compromise security of, or to obtain (or try to obtain) unauthorized access to any device or system in the Internet (such attempts include port scans);

  7. use the Service with the direct or indirect purpose of inciting, aiding or abetting enforcement of copyright through means of any data collection and/or retention and/or any privacy violation.

 

5) TERMINATION OF SERVICE: 

  1. You agree that AirVPN operators, in their sole discretion, for any violation of the Terms of Service point 4), and without penalty, may terminate your use of the Service at any time. You agree that AirVPN operators and Air will not be liable to you or any third party for any such termination.

  2. You may terminate this Agreement at any time by discontinuing use of all parts of the Service. You agree that no reimbursement from AirVPN is due if you decide to terminate the Service before the natural expiration date, except under the cases in point 9.

Except for different and more specific reason i'd say they both say the same thing and even if neither OVPN nor AirVPN can actually see which user does what - they are at least not encouraging people to do... whatever.

[me.moo@posteo.me 80]

So why make a point of it

[Spyker 2]

VPN providers are about trust. If you don't trust anyone (and you shouldn't), simply build your own VPN server. Get a VPS at whatever location you want and start VPN, without worrying about logs. If you worry too much about being on a lone server, float around a couple of accounts on the internet to virtual acquaintances, and switch them from time to another.

[me.moo@posteo.me 80]

VPN providers are about trust. If you don't trust anyone (and you shouldn't), simply build your own VPN server. Get a VPS at whatever location you want and start VPN, without worrying about logs. If you worry too much about being on a lone server, float around a couple of accounts on the internet to virtual acquaintances, and switch them from time to another.

 

We know about trust else none of us would be here.

'Simply build your own VPN server' - what nuts is that, as if everyone knows how to do that or has the resources?

[LZ1 671]

Hello !

 

I've checked many VPN providers and I used this:

 

https://torrentfreak.com/vpn-anonymous-review-160220/

 

What do you think OP? AirVPN stood out because of their epic tech-speak haha.

 

I didn't know that stuff about PureVPN so thanks.

 

One question I have though: one of the providers in the above list (OVPN.se) mentions:

11. All our servers are locked in separate racks. We own all hardware and we’ve personally installed the hardware in all locations. Our servers run without any hard drives, which means that the operating system only exists in RAM. Additionally, we use a trimmed-down version of Debian in which we’ve removed about 80% of all packages, minimizing the risk of vulnerabilities.

Our servers also use the latest version of Tresor and grsecurity. Tresor stores the secret key inside the CPU register, making sure that no AES states ever touches the RAM memory. This means that it’s impossible for anyone to access sensitive data in the case of a Cold Boot Attack.

 

How smart is this? Does it make sense? And should AirVPN do the same or doesn't it make sense? Thank you.

 

But honestly, and I mean this honestly, if zhang888 is using a service that's pretty much the golden seal of approval lol, amirite?

[zhang888 1066]

I won't comment much about OVPN.se but I will shortly say that whoever lies on small details,

should not be trusted with bigger ones.

 

Just a few lies:

 

11. All our servers are locked in separate racks. We own all hardware and we’ve personally installed the hardware in all locations.

 

They rent most of their servers from Obenetwork, a good niche Swedish provider - AS197595.

I actually happen to "IRC know" the owner of this network, a friendly guy under the name P.

 

They (Obenetwork) do run their own, niche  small VPN service called AzireVPN from that network, it's not the

fastest one around but this is where those OVPN.se resellers get their servers. Note the locations, they

are exactly the same by the way, you just happen to buy a worse service from OVPN (probably overselling?)

if you wish to do so.

And no, Obenetwork does not currently provide cusom offers except those that are found here:

https://www.obenetwork.com/hosting/dedikerad

 

Next, to some more hard facts:

 

Our servers run without any hard drives, which means that the operating system only exists in RAM.

 

See #1.

So, the "no hard drives" theory just vanished in the Air, I guess.

 

Additionally, we use a trimmed-down version of Debian in which we’ve removed about 80% of all packages, minimizing the risk of vulnerabilities.

 

I wonder what exactly those geniuses "trimmed-down" from a netinstall minimal Debian installation that only has 20% of the

original packages in it right now. I hope they kept the kernel, libc and binutils however. This is half a joke, read next:

 

Our servers also use the latest version of Tresor and grsecurity

 

I wonder how they run Tresor, since it was only a theoretical patchset presented at 28C3 (an annual hacker's conference

in Germany) and was never integrated to the stable Kernel, see this thread for a reference:

https://www.reddit.com/r/linux/comments/3dmu7l/has_tresor_been_merged_implemented_in_the_main/

 

And of course, the Tresor project patches official website:

https://www1.cs.fau.de/tresor

 

So, those guys just run an unstable patches backported to the Debian kernel, of a project that has never

been security audited for vulnerabilities nor tested outside the original research goal.

 

But wait... They just said they run without hard drives. Why to make such extreme steps against cold

boot attacks, which they were allegedly never vulnerable to, in the first place? Since the lack of hard drives.

 

And they also mention to run Tresor together with grsecurity. I really doubt those 2 patches are inter-compatible,

but let's believe a random VPN provider they are for this matter.

 

Tresor stores the secret key inside the CPU register, making sure that no AES states ever touches the RAM memory.

 

I cannot comment on that part since it makes no sense at all. Anyone who ever touched the basics

of low level programming knows that this is complete nonsense.

 

I hope they will buy this book one day however, and learn that you don't store keys in the CPU

or whatever Hollywood meaning that was supposed to mean.

 

Hats off to these guys, almost a perfect clone of AirVPN's RRD graphs on the stats page, that's only

positive thing I could find.

[LZ1 671]

zhang888 was here.

[NecroKatze 1]

​

I won't comment much about OVPN.se but I will shortly say that whoever lies on small details,

should not be trusted with bigger ones.

 

Just a few lies:

 

11. All our servers are locked in separate racks. We own all hardware and we’ve personally installed the hardware in all locations.

 

They rent most of their servers from Obenetwork, a good niche Swedish provider - AS197595.

I actually happen to "IRC know" the owner of this network, a friendly guy under the name P.

 

They (Obenetwork) do run their own, niche  small VPN service called AzireVPN from that network, it's not the

fastest one around but this is where those OVPN.se resellers get their servers. Note the locations, they

are exactly the same by the way, you just happen to buy a worse service from OVPN (probably overselling?)

if you wish to do so.

And no, Obenetwork does not currently provide cusom offers except those that are found here:

https://www.obenetwork.com/hosting/dedikerad

 

Next, to some more hard facts:

 

>

Our servers run without any hard drives, which means that the operating system only exists in RAM.

 

See #1.

So, the "no hard drives" theory just vanished in the Air, I guess.

 

Additionally, we use a trimmed-down version of Debian in which we’ve removed about 80% of all packages, minimizing the risk of vulnerabilities.

 

I wonder what exactly those geniuses "trimmed-down" from a netinstall minimal Debian installation that only has 20% of the

original packages in it right now. I hope they kept the kernel, libc and binutils however. This is half a joke, read next:

 

Our servers also use the latest version of Tresor and grsecurity

 

I wonder how they run Tresor, since it was only a theoretical patchset presented at 28C3 (an annual hacker's conference

in Germany) and was never integrated to the stable Kernel, see this thread for a reference:

https://www.reddit.com/r/linux/comments/3dmu7l/has_tresor_been_merged_implemented_in_the_main/

 

And of course, the Tresor project patches official website:

https://www1.cs.fau.de/tresor

 

So, those guys just run an unstable patches backported to the Debian kernel, of a project that has never

been security audited for vulnerabilities nor tested outside the original research goal.

 

But wait... They just said they run without hard drives. Why to make such extreme steps against cold

boot attacks, which they were allegedly never vulnerable to, in the first place? Since the lack of hard drives.

 

And they also mention to run Tresor together with grsecurity. I really doubt those 2 patches are inter-compatible,

but let's believe a random VPN provider they are for this matter.

 

Tresor stores the secret key inside the CPU register, making sure that no AES states ever touches the RAM memory.

 

I cannot comment on that part since it makes no sense at all. Anyone who ever touched the basics

of low level programming knows that this is complete nonsense.

 

I hope they will buy this book one day however, and learn that you don't store keys in the CPU

or whatever Hollywood meaning that was supposed to mean.

 

Hats off to these guys, almost a perfect clone of AirVPN's RRD graphs on the stats page, that's only

positive thing I could find.

I'm not trying to bash one or the other, but let's keep the facts straight.

​

 If you think that Obenetwork only offers dedicated servers you have not looked to closely or even spoken to your friend "P" too much about his company. One button next to the "Dedicated Server" option you find co-location (yes, that means hosting your own server). https://www.obenetwork.com/hosting/co-location

​On this page you can find a nice text about "if you want your own rack or even a dedicated room please contact us for pricing".

​

​Why do you think that they would lie about this? That's just bure bullshitting from your part in that case.

​

​Just so you are aware. Different VPN providers are allowed to exist in the same datacenter and that does not mean OVPN is a reseller(i can't find any info on this other than your word...) I use both AirVPN and OVPN side by side and have never experienced any slower service or oversold servers. As a matter of fact, to be completely honest i get MUCH better speeds with OVPN rather than AirVPN. They both fill their purposes and are good at what they do - i am not trying to take sides here. If i wouldn't like AirVPN i wouldn't even be on this forum.

​

I feel that they are who they claim to be, just like i also feel that AirVPN are who they claim to be.

[zhang888 1066]

​

I'm not trying to bash one or the other, but let's keep the facts straight.

​

 If you think that Obenetwork only offers dedicated servers you have not looked to closely or even spoken to your friend "P" too much about his company. One button next to the "Dedicated Server" option you find co-location (yes, that means hosting your own server). https://www.obenetwork.com/hosting/co-location

​On this page you can find a nice text about "if you want your own rack or even a dedicated room please contact us for pricing".

​

​Why do you think that they would lie about this? That's just bure bullshitting from your part in that case.

 

Go ahead and submit them a ticket and ask if they have colocation or rent dedicated servers.

To your surprise, this is not a common practice at all for VPN providers to colocate their own servers,

due to many reasons, one of which is easier migration in case of unresolved network/abuse issues.

 

 

 

​

​Just so you are aware. Different VPN providers are allowed to exist in the same datacenter and that does not mean OVPN is a reseller(i can't find any info on this other than your word...) I use both AirVPN and OVPN side by side and have never experienced any slower service or oversold servers. As a matter of fact, to be completely honest i get MUCH better speeds with OVPN rather than AirVPN. They both fill their purposes and are good at what they do - i am not trying to take sides here. If i wouldn't like AirVPN i wouldn't even be on this forum.

​

I feel that they are who they claim to be, just like i also feel that AirVPN are who they claim to be.

 

The existence of many VPN providers just proves the point that this datacenter is common for housing VPN

companies, in where they rent servers. Examples for such datacenters are LeaseWeb, Voxility, etc.

A VPN provider that colocates hardware usually announces it's own portable ASN, for easier noc/abuse

management and cost reduction. There are a few large VPN providers who do that. This is not the case with OVPN.

 

The idea was not critisize any particular provider, but to critisize the way they do business by partial misleading

of their customers.  There's a big difference between a statement that has weak evidence versus a case where the

evidence contains forged elements. The latter requires a full explanation and should put the entire story at risk.

[Keksjdjdke 35]

Hello,

As you might have noticed, there is a list circulating on the privacy related forums

recently regarding VPN providers:

 

https://docs.google.com/spreadsheets/d/1FJTvWT5RHFSYuEoFVpAeQjuQPU4BVzbOigT0xebxTOw/edit?pref=2&pli=1#gid=0

 

 

 

While this list might be useful to avoid some providers, it lacks (imho) key values like if the

announced locations are real locations and not fake Whois+GeoIP tricks, if the servers are

actual bare-bone servers with real internet providers and not cheap shared bandwidth

resellers, and of course who is the team behind the VPN company and how they respond

to critical security issues, privacy questions and "hard" questions regarding their service.

 

I want to make it an open discussion, where the members that submit their thoughts

"Why provider X is better than Air", where me, or other members, can explain why most of

the times this is a lie.

Since most of those providers oversell cheap VPS servers, and have GeoIP tricks with

fake whois (HMA/PureVPN/Ivacy are a good example) to show you 50+ countries

where in fact it is mostly NL/US location where you can put fake data in the IP, and open a

ticket to Maxmind to update the location. And here you go, a fake country is ready for the

gullible users to fall in.

I would like to make a discussion where every member can post a "feature" where they think

another provider is better, but as I explained, most of them only false advertize it in most cases.

The only thing I cannot put up on this challenge is the price, however, being in the hosting industry

I do know how much Air pays for their leased servers - this is not a cheap thing to run at all.

There are about 100 providers in this list, I tried to find one that is at least honest about their infrastructure and their privacy policy, but I couldn't find anyone except Air. Now this is rather

bad news than good one - I wanted to see more, but a fact is a fact...

 

Feel free to throw competitive names here, in a nicely manner, and I will try as much as possible

to show you why some points you believe in - are not exactly the way there are on this list.

You can also try and point out some improvement points for Air, based on that list, and if they

are interesting I am sure Staff can comment about them.

 

Regards.

Here is the website version of this chart I found it much more useful. https://thatoneprivacysite.net/vpn-comparison-chart/

[q9z8d 3]

Hello!

I need 2 vpns for a project. I have decided that airvpn will be one of them. I am looking for maximum security/privacy. I don't want anyone (government/NSA included) to know anything about my online activities. I am deciding between the following for my second vpn:

 

- Mullvad

- PerfectPrivacy edit: fuck nazis this is off my list

- OVPN.se (zhang said they keep logs in another forum but idk what led zhang to believe this -- they have clear no-logging policies outlined: https://www.ovpn.se/en/blog/logs-not-at-ovpn/ I know that providers lie, but idk what would lead us to believe that they are lying)

 

 

I'm open to recommendations and would appreciate if ppl could explain some of the flaws in these services if they exist.

 

This is how ill be configuring the vpns:

 

I have a linux laptop with a VM running whonix. I will run a vpn before tor on whonix and then one outside of the vm with an ssl tunnel to hide tor from ISP. This means that traffic is hidden from malicious exit nodes on tor, plus all that vpn 1 sees is the tor exit node so it doesn't even know my real ip. Then the one on the outside of the VM will only see tor and it's sole purpose is to a) make more hops and block usage from isp (ssl tunnel in airvpn, stealth mode in torguard, etc). I know this will be really slow; that's not a concern. My primary concern is to avoid possible authorities who may or may not be interested in what I might or might not do.

traffic -> encrypted by vpn 1 ->encrypted by tor-> encrypted by vpn 2 -> isp -> decrypted by vpn 2 -> decrypted by tor -> decrypted by vpn 1 -> destination

 

i may have messed that up a bit but i think that's about right.

 

Thanks in advance

[LZ1 671]

Hello!

I need 2 vpns for a project. I have decided that airvpn will be one of them. I am looking for maximum security/privacy. I don't want anyone (government/NSA included) to know anything about my online activities. I am deciding between the following for my second vpn:

 

- Torguard

- PerfectPrivacy

- OVPN.se (zhang said they keep logs in another forum but idk what led zhang to believe this -- they have clear no-logging policies outlined: https://www.ovpn.se/en/blog/logs-not-at-ovpn/ I know that providers lie, but idk what would lead us to believe that they are lying)

 

 

I'm open to recommendations and would appreciate if ppl could explain some of the flaws in these services.

 

This is how ill be configuring the vpns:

 

I have a linux laptop with a VM running whonix. I will run a vpn before tor on whonix and then one outside of the vm with an ssl tunnel to hide tor from ISP. This means that traffic is hidden from malicious exit nodes on tor, plus all that vpn 1 sees is the tor exit node so it doesn't even know my real ip. Then the one on the outside of the VM will only see tor and it's sole purpose is to a) make more hops and block usage from isp (ssl tunnel in airvpn, stealth mode in torguard, etc). I know this will be really slow; that's not a concern. My primary concern is to avoid possible authorities who may or may not be interested in what I might or might not do.

traffic -> encrypted by vpn 1 ->encrypted by tor-> encrypted by vpn 2 -> isp -> decrypted by vpn 2 -> decrypted by tor -> decrypted by vpn 1 -> destination

 

i may have messed that up a bit but i think that's about right.

 

Thanks in advance

You just have to take a look at what their legal documents state and if it contradicts no-logging. In addition to their general reputation, hardware setup and so forth.

[q9z8d 3]

Hello!

I need 2 vpns for a project. I have decided that airvpn will be one of them. I am looking for maximum security/privacy. I don't want anyone (government/NSA included) to know anything about my online activities. I am deciding between the following for my second vpn:

 

- Mullvad

- PerfectPrivacy edit: fuck nazis this is off my list

- OVPN.se (zhang said they keep logs in another forum but idk what led zhang to believe this -- they have clear no-logging policies outlined: https://www.ovpn.se/en/blog/logs-not-at-ovpn/ I know that providers lie, but idk what would lead us to believe that they are lying)

 

 

I'm open to recommendations and would appreciate if ppl could explain some of the flaws in these services if they exist.

 

This is how ill be configuring the vpns:

 

I have a linux laptop with a VM running whonix. I will run a vpn before tor on whonix and then one outside of the vm with an ssl tunnel to hide tor from ISP. This means that traffic is hidden from malicious exit nodes on tor, plus all that vpn 1 sees is the tor exit node so it doesn't even know my real ip. Then the one on the outside of the VM will only see tor and it's sole purpose is to a) make more hops and block usage from isp (ssl tunnel in airvpn, stealth mode in torguard, etc). I know this will be really slow; that's not a concern. My primary concern is to avoid possible authorities who may or may not be interested in what I might or might not do.

traffic -> encrypted by vpn 1 ->encrypted by tor-> encrypted by vpn 2 -> isp -> decrypted by vpn 2 -> decrypted by tor -> decrypted by vpn 1 -> destination

 

i may have messed that up a bit but i think that's about right.

 

Thanks in advance

bump....

[Blade Runner 4]

I wouldn't make an important decision like choosing a VPN based on an online spreadsheet. People are either lazy or indifferent when they do not read ToS.  

[mmmxx 12]

there are too many popular VPN comparison websites that don't really compare services: they collect affiliate and advertising income and then they rank services only on a revenue basis.

 

 

now this for sure is the truth.

 

I once googled for hours to find impartial VPN reviews with no luck whatsoever. This goes to show how abysmaly poor a capitalist market really performs - contrary to what MSM economist claim again and again.

[LZ1 671]

 

there are too many popular VPN comparison websites that don't really compare services: they collect affiliate and advertising income and then they rank services only on a revenue basis.

 

 

now this for sure is the truth.

 

I once googled for hours to find impartial VPN reviews with no luck whatsoever. This goes to show how abysmaly poor a capitalist market really performs - contrary to what MSM economist claim again and again.

Well that's a bombastic entry isn't it?

 

Welcome to AirVPN!