VPN Recommendation: Difference between revisions

From Irregularpedia
Jump to navigation Jump to search
VisualWikitext
Initial
 
Tag: 2017 source edit
 
(20 intermediate revisions by 2 users not shown)
Line 1: Line 1:
<span id="what-is-a-vpn"></span>
= What is a VPN =
= What is a VPN =


a tool that creates a private network connection across a public network connection, capable of providing privacy (obfuscation) and security (encryption) while on the public network (internet). VPN does not provide anonymity. Instead, The Onion Routing (TOR) is required to achieve anonymity.
A VPN (Virtual Private Network) is a tool that creates a private network connection across a public network, such as the Internet. It provides privacy (obfuscation) and security (encryption) while on the public network but does not guarantee anonymity. To achieve anonymity, The Onion Routing (TOR) is required.


<span id="privacy-policy-comparison"></span>
Beyond traditional VPNs, there are alternative tools like [https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/ '''Cloudflare Tunnels'''], [https://en.wikipedia.org/wiki/ZeroTier '''ZeroTier'''], [https://en.wikipedia.org/wiki/Tailscale '''Tailscale'''], and proprietary solutions like [https://en.wikipedia.org/wiki/ICloud#Private_Relay '''Apple Private Relay'''] and [https://en.wikipedia.org/wiki/1.1.1.1#WARP '''Cloudflare WARP''']. These tools offer unique features and integrations that can complement or replace VPNs depending on the use case.
=== Privacy Policy Comparison ===


As of 20230319
<blockquote>..  consider VPNs for what they are, a middleman. They have benefits. They also absolutely have associated risks. They are a tool in the box but not an end-all-be-all-be-all solution. They are far from it. We need to understand their use case when compared to various threat models.</blockquote><span id="vpn-and-alternatives"></span>
== VPNs and Alternatives ==


{| class="wikitable"
{| class="wikitable"
|-
|-
! Attribute from Privacy Policy
! Tool
! [https://mullvad.net/en/help/privacy-policy/ Mullvad VPN]
! Features
! [https://www.ivpn.net/privacy/ IVPN]
! Use Cases
! [https://protonvpn.com/privacy-policy Proton VPN]
! Notable Integrations
! [https://my.nordaccount.com/legal/privacy-policy/ Nord Security]
!
|-
|-
| Personal Data
| [https://mullvad.net/en/ Mullvad VPN]
| Payment info, support/problem report info.
| Privacy-focused, no email association, cash payment support.
| Account, payment, usage, crash logs, device perms.
| Obfuscation, secure browsing.
| Account creation, support/bug reports, etc.
| Integrates with Tailscale for private routing.<ref name="tailscale-mullvad">[https://tailscale.com/mullvad Mullvad VPN and Tailscale Integration]</ref>
| User-provided data, automatic data, third-party.
|
|-
|-
| Data Retention
| [https://ivpn.net IVPN]
| 40 days - statutory period, six months for support.
| Privacy-first, anonymous signups, supports cash payments.
| 90 days (mostly); accounting unlinked; logs/perms as needed
| Secure browsing, privacy-focused users.
| Retained for active accounts, deleted when closed.
| Supports multi-hop and WireGuard configurations.
| Varies by data type.
|
|-
|-
| Third-Parties
| [https://protonvpn.com ProtonVPN]
| E-mail service providers, payment suppliers.
| Swiss-based, strong privacy laws, free tier available.
| Braintree, PayPal
| Secure browsing, privacy-conscious users.
| Referrer platforms, routing technology.
| Integrates with ProtonMail for encrypted email.
| Payment processors, support, analytics, marketing.
|
|-
|-
| Transfer to Third Country
| [https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/ Cloudflare Tunnels]
| No, data stored in EU/EEA.
| Exposes local services securely via Cloudflare's network.
| None (EU Data Protection Directive compliant)
| Hosting services without public IP, bypassing firewalls.
| No, data stored in Switzerland.
| Works with Cloudflare Access for zero-trust security.
| Yes, with appropriate safeguards from Panama.
|
|-
|-
| Individual Rights
| [https://www.zerotier.com/ ZeroTier]
| Correction, deletion, limitation, complaint.
| Peer-to-peer virtual network with mesh routing.
| Access, rectification, erasure, revoke permissions
| IoT devices, gaming, remote access.
| Access, edit, delete, export, complaint.
| Supports IPv4/IPv6 networks and integrates with network controllers.
| Access, rectification, erasure, etc.
|
|-
|-
| Contact
| [https://tailscale.com/ Tailscale]
| support@mullvad.net
| Simplifies VPN configuration using WireGuard.
| sar@ivpn.net
| Secure remote access to private resources.
| Route de la Galaise 32, 1228 Plan-les-Ouates, Geneva, Switzerland.
| Mullvad VPN integration provides enhanced privacy by routing via Mullvad servers.<ref name="tailscale-mullvad" />
| privacy@nordsecurity.com
|
|-
|-
| Policy Updates
| [https://torproject.org/ TOR]
| Yes, updates are published on the website.
| Provides anonymity using layered encryption.
| Posted on the website, emailed to customers
| Accessing the dark web, bypassing censorship.
| Yes, notification of changes for enabled users.
| Integrates with browsers like Tor Browser.
| Yes, updates communicated on website.
|
|-
|-
| Cash
| [https://1.1.1.1/warp Cloudflare WARP]
| Yes
| Encrypts all DNS queries and some traffic, improving security.
| Yes
| Lightweight, better for speed and low-latency connections.
| Yes
| Cannot route all traffic like traditional VPNs.
| No
|
|-
|-
| $/Device/Month
| [https://support.apple.com/en-us/HT212529 Apple Private Relay]
| $1
| Masks user IP and DNS requests when using Safari.
| $1.42
| Privacy-focused for general browsing.
| $1
| Limited to Apple ecosystem and Safari browser.
| $2.4
|
|}
|}


<span id="recommended-vpn"></span>
=== Benefits of Alternatives ===
== Recommended VPN ==
* '''Cloudflare Tunnels''': Removes the need for exposing your IP by using a reverse proxy over HTTPS.
* '''ZeroTier''': Provides mesh networking, ideal for personal and small business use cases.
* '''Tailscale''': Combines WireGuard's security with ease of use, and with Mullvad integration, ensures privacy by routing traffic through Mullvad's VPN servers.<ref name="tailscale-mullvad" />
* '''Cloudflare WARP''': Lightweight and designed for DNS and basic traffic encryption; better for speed than traditional VPNs.
* '''Apple Private Relay''': Protects Safari users' IP addresses and DNS queries but does not act as a complete VPN.


Here are our top picks for VPNs that prioritize privacy and security:
<span id="vpn-vs-wireguard"></span>
== VPN vs WireGuard, Tailscale, and ZeroTier ==


<ul>
{| class="wikitable"
<li><span id="mullvadvpn"></span>
|-
=== [https://mullvad.net/en/ MullvadVPN] ===
! Feature
! Traditional VPN
! WireGuard
! Tailscale
! ZeroTier
|-
| '''Setup Complexity'''
| Moderate to high; may require manual configuration.
| Easy to moderate; simple setup for many clients.
| Easy; uses your identity provider for access control.
| Moderate; requires understanding of network rules.
|-
| '''Performance'''
| Lower due to older protocols.
| High; lightweight and efficient.
| High; uses WireGuard under the hood.
| High; optimized for P2P routing.
|-
| '''Privacy'''
| Good; depends on provider policies.
| Depends on implementation (e.g., Mullvad uses WireGuard).
| Good; Mullvad integration enhances privacy.<ref name="tailscale-mullvad" />
| Decentralized, privacy depends on configuration.
|-
| '''Flexibility'''
| Routes all internet traffic.
| Routes specific traffic as configured.
| Simplifies remote access to private resources.
| Allows custom virtual networks.
|-
| '''Use Case'''
| General-purpose secure browsing.
| Optimized for speed and secure connections.
| Simplifies secure remote access and sharing.
| Custom networks for IoT, gaming, or remote access.
|}


MullvadVPN is a privacy-focused VPN service with the following features:
<span id="privacy-policy-comparison"></span>
<ul>
== Privacy Policy Comparison ==
<li>No email association</li>
<li>No-logging policy and encrypted traffic</li>
<li>Transparent privacy policy</li>
<li>Legally proven privacy record</li>
<li>Accepts multiple payment options, including cash or crypto</li>
<li>Works with OpenVPN config files for obfuscation and router client</li>
<li>(14 eyes Jurisdiction)</li>
<li>MOST trouble using services or getting flagged</li>
<li>[[o54hon2e2vj6c7m3aqqu6uyece65by3vgoxxhlqlsvkmacw6a7m7kiad.onion|TOR .onion]]</li></ul>
</li>
<li><span id="ivpn"></span>
=== [https://ivpn.net iVPN] ===


iVPN is a reliable and privacy-focused VPN service that offers the following features:
<ul>
<li>No-logging policy and encrypted traffic</li>
<li>Transparent privacy policy</li>
<li>Supports multiple protocols, including OpenVPN, WireGuard, and L2TP/IPSec</li>
<li>Wide range of servers in over 50 countries</li>
<li>Accepts multiple payment options, including cash or crypto</li>
<li>Dedicated IP address available for an additional fee</li>
<li>Offers a 7-day money-back guarantee</li>
<li>Works with OpenVPN config files for obfuscation and router client</li></ul>
</li>
<li><span id="protonvpn"></span>
=== [https://protonvpn.com ProtonVPN] ===


ProtonVPN is another great option with a free tier available that does not require a billing address or phone number. It has the following features:
See a much more robust and updated [https://www.techlore.tech/vpn vpn comparison chart here (Techlore)]
<ul>
<li>Legally proven privacy record</li>
<li>Combined with [https://protonmail.com ProtonMail]</li>
<li>Free Tier does not always work with the ProtonVPN App, use pre-browsing checks.</li>
<li>Works with OpenVPN config files for obfuscation and router client</li></ul>
</li>
<li><span id="nordvpn"></span>
=== NordVPN ===


NordVPN is the most popular VPN with the following features:
{| class="wikitable sortable"
<ul>
|-
<li>Not to be trusted after their merger with surf shark.</li></ul>
! Provider
</li></ul>
! Personal Data
! Data Retention
! Third-Parties
! Payment Options
! Country of Data Storage
! Individual Rights
! Policy Updates
! $/Device/Month
|-
| [https://mullvad.net/en/help/privacy-policy/ Mullvad VPN]
| Payment info, support/problem report info.
| 40 days - statutory period, six months for support.
| E-mail service providers, payment suppliers.
| Cash, Cryptocurrency, Credit/Debit Card
| EU/EEA
| Correction, deletion, limitation, complaint.
| Published on the website.
| $1
|-
| [https://www.ivpn.net/privacy/ IVPN]
| Account, payment, usage, crash logs, device permissions.
| 90 days (mostly); accounting unlinked; logs as needed.
| Braintree, PayPal.
| Cash, Cryptocurrency, Credit/Debit Card
| EU (GDPR Compliant)
| Access, rectification, erasure, revoke permissions.
| Posted on the website, emailed to customers.
| $1.42
|-
| [https://protonvpn.com/privacy-policy Proton VPN]
| Account creation, support/bug reports.
| Retained for active accounts; deleted when closed.
| Referrer platforms, routing technology.
| Cash, Cryptocurrency, Credit/Debit Card
| Switzerland
| Access, edit, delete, export, complaint.
| Notification of changes for enabled users.
| $1
|-
| [https://my.nordaccount.com/legal/privacy-policy/ Nord Security]
| User-provided data, automatic data, third-party data.
| Varies by data type.
| Payment processors, support, analytics, marketing.
| Credit/Debit Card, PayPal, Cryptocurrency
| Panama
| Access, rectification, erasure, etc.
| Updates communicated on the website.
| $2.4
|}


<span id="vpn-security-mechanisms"></span>
== VPN Troubles ==
== VPN Security Mechanisms ==
=== Signs of a Bad VPN Provider ===
* They offer a free trial but require payment information.
* They are a Free VPN.
* History of selling user data.
* Search terms like "no logs" or "zero logs" in terms of service or privacy policies. [https://google.com/]
* Research the VPN provider's reputation [e.g., "provider name scam" ( fraud OR ripoff)] [https://search.irregularchat.com/search?q=%22KAPE%22%20%28%20fraud%20OR%20ripoff%29&language=en&time_range=&safesearch=1&categories=general Search URL].


The section discusses the VPN security mechanisms and highlights a potentially sketchy VPN provider - KAPE Technologies. KAPE Technologies, formerly Crossrider, is operated by Teddy Sagi and Koby Menachemi, associated with Unit 8200 of the Israel Defense Forces (IDF), the Israeli equivalent of the NSA or GCHQ. KAPE Technologies has made several acquisitions in the VPN industry, including: - CyberGhost VPN - Zenmate VPN - Private Internet Access (PIA) - ExpressVPN. - SurfShark
=== VPN Provider Risks ===
Some VPN providers, particularly those owned by KAPE Technologies, may pose risks to user privacy. KAPE Technologies owns:
* CyberGhost VPN
* Zenmate VPN
* Private Internet Access (PIA)
* ExpressVPN
* SurfShark


While VPN providers are expected to enhance online security and privacy, KAPE Technologies’ history and acquisitions raise red flags. For instance, CyberGhost VPN was purchased by KAPE Technologies for $10 million in 2017 and Private Internet Access for $127 million in 2019, raising concerns about their privacy policies and data collection practices. In 2021, KAPE Technologies purchased ExpressVPN for $936 million, which could indicate the value of customer data to the company.
KAPE's history and acquisitions raise privacy concerns. For instance:
* CyberGhost VPN was purchased by KAPE for $10 million in 2017.<ref name="kape-cyberghost">[https://www.crunchbase.com/acquisition/crossrider-acquires-cyberghost-srl--6d40ffd8 Crossrider Acquires CyberGhost SRL]</ref>
* Private Internet Access was bought for $127 million in 2019.<ref name="pia-purchase">[https://restoreprivacy.com/kape-technologies-owns-expressvpn-cyberghost-pia-zenmate-vpn-review-sites/ KAPE Technologies Owns ExpressVPN, CyberGhost, PIA, & Zenmate VPN Review Sites]</ref>
* ExpressVPN was acquired for $936 million in 2021.<ref name="expressvpn-acquisition">[https://www.bloomberg.com/news/articles/2021-09-13/kape-technologies-agrees-to-buy-expressvpn-for-936-million KAPE Technologies Agrees to Buy ExpressVPN for $936 Million]</ref>


Users should exercise caution when selecting a VPN provider and thoroughly research the provider’s ownership, history, and privacy policies. In most situations, STAY Clear of these VPNs. Choosing a VPN with a proven track record of transparency and privacy policies is critical in safeguarding online privacy and security.
[https://embed.kumu.io/9ced55e897e74fd807be51990b26b415#vpn-company-relationships/kape-vpns Kape VPN relationships]
Users should carefully evaluate VPN providers' transparency and privacy policies before choosing a service.


<span id="references"></span>
<span id="references"></span>
=== References: ===


'' [https://www.crunchbase.com/acquisition/crossrider-acquires-cyberghost-srl--6d40ffd8 Crossrider acquires CyberGhost SRL for $10M]
== References ==
'' [https://www.cnet.com/tech/services-and-software/what-is-kape-technologies-what-you-need-to-know-about-the-parent-company-of-cyberghost-vpn/ What is Kape Technologies? What you need to know about the parent company of CyberGhost VPN]
<references />
'' [https://restoreprivacy.com/kape-technologies-owns-expressvpn-cyberghost-pia-zenmate-vpn-review-sites/ Kape Technologies Owns ExpressVPN, CyberGhost, PIA, &amp; Zenmate VPN Review Sites]
 
'' [https://www.bloomberg.com/news/articles/2021-09-13/kape-technologies-agrees-to-buy-expressvpn-for-936-million Kape Technologies Agrees to Buy ExpressVPN for $936 Million]
[[Category:DFP]]
* [https://www.cnet.com/tech/services-and-software/nordvpn-and-surfshark-are-merging-continuing-vpn-consolidation-trend/ NordVPN and Surfshark are merging]
[[Category:Network]]

Latest revision as of 22:07, 4 December 2024

What is a VPN

A VPN (Virtual Private Network) is a tool that creates a private network connection across a public network, such as the Internet. It provides privacy (obfuscation) and security (encryption) while on the public network but does not guarantee anonymity. To achieve anonymity, The Onion Routing (TOR) is required.

Beyond traditional VPNs, there are alternative tools like Cloudflare Tunnels, ZeroTier, Tailscale, and proprietary solutions like Apple Private Relay and Cloudflare WARP. These tools offer unique features and integrations that can complement or replace VPNs depending on the use case.

.. consider VPNs for what they are, a middleman. They have benefits. They also absolutely have associated risks. They are a tool in the box but not an end-all-be-all-be-all solution. They are far from it. We need to understand their use case when compared to various threat models.

VPNs and Alternatives

Tool Features Use Cases Notable Integrations
Mullvad VPN Privacy-focused, no email association, cash payment support. Obfuscation, secure browsing. Integrates with Tailscale for private routing.[1]
IVPN Privacy-first, anonymous signups, supports cash payments. Secure browsing, privacy-focused users. Supports multi-hop and WireGuard configurations.
ProtonVPN Swiss-based, strong privacy laws, free tier available. Secure browsing, privacy-conscious users. Integrates with ProtonMail for encrypted email.
Cloudflare Tunnels Exposes local services securely via Cloudflare's network. Hosting services without public IP, bypassing firewalls. Works with Cloudflare Access for zero-trust security.
ZeroTier Peer-to-peer virtual network with mesh routing. IoT devices, gaming, remote access. Supports IPv4/IPv6 networks and integrates with network controllers.
Tailscale Simplifies VPN configuration using WireGuard. Secure remote access to private resources. Mullvad VPN integration provides enhanced privacy by routing via Mullvad servers.[1]
TOR Provides anonymity using layered encryption. Accessing the dark web, bypassing censorship. Integrates with browsers like Tor Browser.
Cloudflare WARP Encrypts all DNS queries and some traffic, improving security. Lightweight, better for speed and low-latency connections. Cannot route all traffic like traditional VPNs.
Apple Private Relay Masks user IP and DNS requests when using Safari. Privacy-focused for general browsing. Limited to Apple ecosystem and Safari browser.

Benefits of Alternatives

  • Cloudflare Tunnels: Removes the need for exposing your IP by using a reverse proxy over HTTPS.
  • ZeroTier: Provides mesh networking, ideal for personal and small business use cases.
  • Tailscale: Combines WireGuard's security with ease of use, and with Mullvad integration, ensures privacy by routing traffic through Mullvad's VPN servers.[1]
  • Cloudflare WARP: Lightweight and designed for DNS and basic traffic encryption; better for speed than traditional VPNs.
  • Apple Private Relay: Protects Safari users' IP addresses and DNS queries but does not act as a complete VPN.

VPN vs WireGuard, Tailscale, and ZeroTier

Feature Traditional VPN WireGuard Tailscale ZeroTier
Setup Complexity Moderate to high; may require manual configuration. Easy to moderate; simple setup for many clients. Easy; uses your identity provider for access control. Moderate; requires understanding of network rules.
Performance Lower due to older protocols. High; lightweight and efficient. High; uses WireGuard under the hood. High; optimized for P2P routing.
Privacy Good; depends on provider policies. Depends on implementation (e.g., Mullvad uses WireGuard). Good; Mullvad integration enhances privacy.[1] Decentralized, privacy depends on configuration.
Flexibility Routes all internet traffic. Routes specific traffic as configured. Simplifies remote access to private resources. Allows custom virtual networks.
Use Case General-purpose secure browsing. Optimized for speed and secure connections. Simplifies secure remote access and sharing. Custom networks for IoT, gaming, or remote access.

Privacy Policy Comparison

See a much more robust and updated vpn comparison chart here (Techlore)

Provider Personal Data Data Retention Third-Parties Payment Options Country of Data Storage Individual Rights Policy Updates $/Device/Month
Mullvad VPN Payment info, support/problem report info. 40 days - statutory period, six months for support. E-mail service providers, payment suppliers. Cash, Cryptocurrency, Credit/Debit Card EU/EEA Correction, deletion, limitation, complaint. Published on the website. $1
IVPN Account, payment, usage, crash logs, device permissions. 90 days (mostly); accounting unlinked; logs as needed. Braintree, PayPal. Cash, Cryptocurrency, Credit/Debit Card EU (GDPR Compliant) Access, rectification, erasure, revoke permissions. Posted on the website, emailed to customers. $1.42
Proton VPN Account creation, support/bug reports. Retained for active accounts; deleted when closed. Referrer platforms, routing technology. Cash, Cryptocurrency, Credit/Debit Card Switzerland Access, edit, delete, export, complaint. Notification of changes for enabled users. $1
Nord Security User-provided data, automatic data, third-party data. Varies by data type. Payment processors, support, analytics, marketing. Credit/Debit Card, PayPal, Cryptocurrency Panama Access, rectification, erasure, etc. Updates communicated on the website. $2.4

VPN Troubles

Signs of a Bad VPN Provider

  • They offer a free trial but require payment information.
  • They are a Free VPN.
  • History of selling user data.
  • Search terms like "no logs" or "zero logs" in terms of service or privacy policies. [1]
  • Research the VPN provider's reputation [e.g., "provider name scam" ( fraud OR ripoff)] Search URL.

VPN Provider Risks

Some VPN providers, particularly those owned by KAPE Technologies, may pose risks to user privacy. KAPE Technologies owns:

  • CyberGhost VPN
  • Zenmate VPN
  • Private Internet Access (PIA)
  • ExpressVPN
  • SurfShark

KAPE's history and acquisitions raise privacy concerns. For instance:

  • CyberGhost VPN was purchased by KAPE for $10 million in 2017.[2]
  • Private Internet Access was bought for $127 million in 2019.[3]
  • ExpressVPN was acquired for $936 million in 2021.[4]

Kape VPN relationships Users should carefully evaluate VPN providers' transparency and privacy policies before choosing a service.

References

  1. 1.0 1.1 1.2 1.3 Mullvad VPN and Tailscale Integration
  2. Crossrider Acquires CyberGhost SRL
  3. KAPE Technologies Owns ExpressVPN, CyberGhost, PIA, & Zenmate VPN Review Sites
  4. KAPE Technologies Agrees to Buy ExpressVPN for $936 Million
Retrieved from "https://irregularpedia.org/index.php?title=VPN_Recommendation&oldid=1471"