59 comments

[ 4.5 ms ] story [ 118 ms ] thread
The old recommendation here used to be privateinternetaccess.com

I cancelled my subscription months ago. They stopped circumventing georestrictions a while ago even though it used to be marketed as having that feature. Support even fixed it a few times for me.

Nowadays I just use one of the vpn scripts on GitHub and a small vps somewhere.

TorGuard because they provide nodes in countries where I want to have my endpoint and they allow torrenting. Their technical support actually knows what OpenVPN and Linux/BSD is and they were able to help me with issues I had (unlike other VPN providers).
https://www.getcloak.com - works on my Mac and various iOS devices. Well designed, have been with them since the beginning with no issues.
I used Cloak but moved away because:

1) There was no real interest in expanding the list of exit points.

2) It seemed to protect only http/https traffic.

3) The whole operation felt like someone's "passive income" business (although, to be fair, the owner responded fairly quickly and honestly when I queried him about other stuff).

To be fair, their OSX client tries hard to be transparent. This approach falls apart in some cases (i.e. some captive portals), but feels very smooth when it all goes right.

Fwiw Cloak just sold: https://blog.getcloak.com/2016/04/28/cloak-joins-stackpath/

I don't know if it was a "passive income" business for them, but if it were, why would that be a reason to not use it?

It has a fantastic UX on both Mac OS X and iOS devices.

> why would that be a reason to not use it?

Mostly because you can't expect many new features or the product evolving particularly fast. Which is exactly the case for Cloak -- the feature-set was basically frozen for years. It's not a crime: if a product works fine, why mess with it? But I wanted new stuff and it didn't feel like I'd ever get it.

For general browsing from different devices I use Freedome by F-Secure. Just because it was convenient to get, works on different platforms (Windows, iOS, Android) and it's cheap. Also their bandwidth has proven enough for my needs on different exit points. The only downside is that now Netflix identifies it as a VPN, so I can't keep watching my series while I'm abroad.

For connecting my servers between them (and my laptop) as some sort of secure virtual network I use my own product https://wormhole.network - The servers are all in an overlay private network completely transparent to any application, so I can move servers to different providers, locations, etc and not have to change a single configuration line (nor configure any firewalls).

I used to use privateinternetaccess.com, but various issues with them led me to look for a new VPN provider. I eventually settled on ivpn.net as they have a good selection of exit points, their software is easy to use and I can use it across devices too. Their network speeds have been really good too.
For internet browsing, TunnelBear (via the Chrome plugin - technically a proxy rather than VPN), because it's free and I don't use it often (usually just for testing sites from a different IP address).

For my own network, OpenVPN because it's open source.

Witopia - https://www.witopia.net

It has a large set of exit points, which is what I use it for (at least until geoblocks die, which it will happen at some point). Being based in Virginia, they're probably an NSA front but I have nothing to hide ;) and at least you know it will work...

HideIPVPN and Avast SecureLine.

I use HideIPVPN for their European servers. And I use Avast on my phone to automatically get on VPN when I am on certain Wifi networks (it does SSID based connections).

NordVPN, outside of US jurisdiction and (claims to) does no logging.

The service used to be really spotty, but they really stepped it up lately.

Seconded. All my internet traffic has been going through NordVPN for more than a year now.

In the beginning, servers would go down often and you'd need to try a couple of server until you found one that actually worked. But that's changed now. They conveniently provide a list of OpenVPN config files to download, and using the service from a Linux router works really well.

Another vote for Nord. Started using it about 6 months ago and its great. Hundreds of exit nodes in many countries, no latency/bandwidth issues (other than what is to be expected proxying all your traffic).

Also works well on mobile.

VyperVPN has always been good to me and I've never read anything bad against it, anyone had bad experiences I should know about?
Used it while living in China and never had any problems with it. Love the native Apps (Mac, iOS) and the fast and reliable connection. I think it's worth the money.
AirVPN - https://airvpn.org/

  - claims to be "operated by activists and hacktivists"
  - uses OpenVPN
  - GPLv3 client for many platforms
  - accepts Bitcoin (or PayPal, Credit Cards, ...)
  - has an API
I usually SSH tunnel to my server at home or to my 5$/month Digital Ocean droplet.
Not a VPN since DO or well any US hosting company will hand over dox in a heartbeat. Most VPNs are about mixing connections and varying servers along with shortlived logs and being stubborn against subpoenas. Their market is mostly people who need to thwart geolocation for services like Netflix, security researchers aka whitehats (better to be safe than falsely accused of being malicious) and blackhats.
I think you need to look up a definition of a VPN.
I think you need to remove snideness from your remarks. It stinks like shit especially when you end up wrong. A bad way to do intelligent discourse...

Straight from wikipedia:

"Individual Internet users can use some VPNs to secure their wireless transactions, to circumvent geo-restrictions and censorship, and/or to connect to proxy servers for the purpose of protecting personal identity and location. But some Internet sites block access via known VPNs to prevent the circumvention of their geo-restrictions."

https://en.m.wikipedia.org/wiki/Virtual_private_network

You shouldn't ever assume malice, especially when there is none. My sentence is a suggestion that you should try to understand what a VPN is and what it is not because you don't seem to fully grasp the concept. Lack of knowledge is nothing to be ashamed of. Everyone is not an expert in every subject.

What makes a VPN has nothing to do with "shortlived logs", subpoenas, thwarting geolocation, or security researchers.

A VPN is simply a private network stretched over the internet. In fact that private network might not even be routable back out to the internet, the network could be purely an internal network.

A VPN connection to your home network is most certainly a VPN, and your assertion to the person that you were responding to telling him that what he is doing is not a VPN is incorrect.

Also, if you prefer intelligent discourse, you might want to refrain from such judgmental language.

This whole thread is asking for remote VPNs, not home software or setups. So I fail to see the relevance and your implication to correct my relevant comment in such a dissonant way. Minor correction OK. But to imply I need to look up what a VPN is, is silly.
I'll refer you to the headline:

Ask HN: Which VPN do you use and why?

First, all VPNs are remote. It doesn't matter if you are connecting to something you set up yourself or something hosted in a 3rd party facility.

You're seemingly implying some differentiation to the original question that exists only in your mind.

The parent responded to the asked question with what he uses.

You told him this was "not a VPN", which is just simply not true, and I was trying to be helpful by pointing out that you might need to get a better idea of what a VPN is before you go around telling people what is and what is not a VPN.

Clearly we just interpreted the semantics differently. I believe he would have asked "What VPN software do you use" if he wanted anything other than a remote VPN service for proxy uses.

SSHing to a DO box, really has none of the attributes you would purchase a remote VPN subscription for. That's what I meant.

Anyhow, we're on the same page. OP never replied so there's not going to be an answer for what he actually meant. Again, I strongly think he would have included the word software if he wasn't looking for a remote VPN service for proxy-like purposes.

I use the following OpenVPN docker container on my homeserver: https://github.com/kylemanna/docker-openvpn

I then send all of the logs to Loggly and get notified anytime someone connects to my OpenVPN server.

Same here. Simple.

I use it more for connecting to resources behind NAT then as an anonymizing proxy.

http://www.frostvpn.com/

When I signed up they had a 99 cent a month deal going on. I'm not really concerned about privacy. I just needed something to help with the connection to my dedicated server that runs Plex that is hosted with Hetzner.

Comcast here has poor peering to Hetzner and using a VPN solved the problem.

They have a lot of servers all over the world and they few times I have needed to open a ticket I got a reply in less than a hour.

I also have a Droplet on D.O. that can act as a VPN. I switch to that if I am doing anything sensitive.

IVPN - got a heap of recommendations on the last HN VPN discussion.
None. VPNs can't provide any meaningful privacy: https://gist.github.com/joepie91/5a9909939e6ce7d09e29

Okay, that's not entirely true; I do access a company VPN, but not for privacy purposes which is probably what's implied. I use Tor for that.

A lot of people use it to bypass geoblocking, just like the link advised to use vpn for, but I don't understand how come people trust random vpns with the http/plaintext data. Do I understand wrong how vpn/encryption works? It's just like telling random person every site and text you type with http.
I use BlackVPN[1], but mostly because they used to have a referral program and I ended up with several years of free service. They tend to be quite quick, have OK (but not exemplary security measures), and offer a nice range of servers for whatever your needs (geofencing, piracy, etc.).

[1] https://www.blackvpn.com/

I rolled my own OpenVPN server on digital ocean. I find that having 2 instances running, one over TCP port 443 and one on UDP over an arbitrary port works great in most scenarios.
Me too, although I've found that Netflix recently blocked their subnets. So even when I'm using it to be a little more secure on open wifi network, I can't stream.
They blocked it? How unfortunate, guess I have to cancel my subscription now :-/
Unfortunately. They might not have blocked every IP range (I assume that, given the number of customers and datacenters, DO has a large quantity of public IPs) but they've certainly blocked some of them.
PureVPN because they have lots of countries to connect to. Albeit some sites using a different geolookup library don't actually recognise them accurately.

Reason? My ISP modem basically dies when there's too many connections opened at once. So sometimes an innocent `npm install` would kill my internet for a minute...

You should check out the VPN comparison chart by "That One Privacy Guy" here: https://thatoneprivacysite.net/. There are many factors to consider, such as cipher suite, jurisdiction, and logging.

Even then, don't get your hopes up. It should be worth noting that VPNs can give a false sense of security (such as not logging). All they're doing is moving the goalpost from one end of the playing field to another. They're useful for getting into internal networks, and they're useful for bypassing outbound firewalls in restrictive networks, like public schools and libraries, or churches, but that's about it. See https://gist.github.com/joepie91/5a9909939e6ce7d09e29

If you want online privacy, you really should be using Tor. if you want anonymity, you should stay offline. Regardless, realize your VPN provider isn't going to go to jail for you.

A VPN is also very useful when you need to emerge in Internet from a specific country, or simply not the country you are in.
I've always liked https://mullvad.net/en/ (Swedish company, around since a number of years), especially from a privacy point of view. You never actually enter any personal information when creating an account - no name, no email, no password, no nothing; all you get is a random unique ID. They also claim to keep no logs, point being, "When Swedish law requires us to divulge information about our customers we make sure not to have that information stored, so that we have nothing to give out."

Various means of payment are accepted, including btc, and cash (of any(!) currency) sent by mail. OpenVPN, possible to choose from a number of countries, no limits on speed or data.

If there are other commercial VPN services that don't necessarily require you to give them any personal information (for account purposes), I'd be curious to know. Would be nice to have more alternatives.

Seconded. Mullvad is my current go-to.

I'm still essentially trusting everything they say about no logging (and trusting that it's not a honeypot) and the like but they seem to be the best I've found so far.

Hi, I'm Fredrik Strömberg, one of Mullvad's founders. I'm a frequent lurker on HN. Thank you both!

Like you said you can trust what we say regarding logging, but you are unable to verify it. Since that's true for all VPN services, may I suggest relying on track record and other signals instead?

Like rhblake said we don't ask for personal information. In fact, we were the first VPN service with that setup, and we were first with bitcoin and cash payments as well.

I'm tempted to provide a list of our security track record, but I have somewhere else to be, so my submission history will have to do :)

Good to hear from you!

Your track record. user reviews and endorsements are what made me choose and stick with Mullvad in the first place.

I definitely haven't been disappointed in any way.