Recommended VPN Services

Mullvad

Mullvad {% include badge.html color="info" text="EUR €60/y" %}

Mullvad.net is a fast and inexpensive VPN with a serious focus on transparency and security. They have been in operation since 2009. Mullvad is based in Sweden and does not have a free trial.

{% include badge.html color="success" text="35 Countries" %}

Mullvad has servers in 35 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.

We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.

{% include badge.html color="success" text="Independently Audited" %}

Mullvad's VPN clients have been audited by Cure53 and Assured AB in a pentest report published at cure53.de. The security researchers concluded:

Cure53 and Assured AB are happy with the results of the audit and the software leaves an overall positive impression. With security dedication of the in-house team at the Mullvad VPN compound, the testers have no doubts about the project being on the right track from a security standpoint.

In 2020 a second audit was announced and the final audit report was made available on Cure53's website:

The results of this May-June 2020 project targeting the Mullvad complex are quite positive. [...] The overall application ecosystem used by Mullvad leaves a sound and structured impression. The overall structure of the application makes it easy to roll out patches and fixes in a structured manner. More than anything, the findings spotted by Cure53 showcase the importance of constantly auditing and re-assessing the current leak vectors, in order to always ensure privacy of the end-users. With that being said, Mullvad does a great job protecting the end-user from common PII leaks and privacy related risks.

In 2021 an infrastructure audit was announced and the final audit report was made available on Cure53's website.

{% include badge.html color="success" text="Open Source Clients" %}

Mullvad provides the source code for their desktop and mobile clients in their GitHub organization.

{% include badge.html color="success" text="Accepts Bitcoin" %}

Mullvad in addition to accepting credit/debit cards and PayPal, accepts Bitcoin, Bitcoin Cash, and cash/local currency as anonymous forms of payment. They also accept Swish and bank wire transfers.

{% include badge.html color="success" text="WireGuard Support" %}

In addition to standard OpenVPN connections, Mullvad supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.

{% include badge.html color="success" text="IPv6 Support" %}

Mullvad supports the future of networking IPv6. Their network allows users to access services hosted on IPv6 as opposed to other providers who block IPv6 connections.

{% include badge.html color="success" text="Remote Port Forwarding" %}

Remote port forwarding is allowed for users who make one-time payments, and not allowed for accounts with a recurring/subscription-based payment method. This is to prevent Mullvad from being able to identify port users based on stored subscription information. See Port forwarding with Mullvad VPN for more information.

{% include badge.html color="success" text="Mobile Clients" %}

Mullvad has published App Store and Google Play clients, both supporting an easy-to use interface as opposed to requiring users to manual configure their WireGuard connections. The mobile client on Android is also available in F-Droid, which ensures that it is compiled with reproducible builds.

{% include badge.html color="info" text="Extra Functionality" %}

Mullvad is very transparent about which nodes they own or rent. They use ShadowSocks in their ShadowSocks + OpenVPN configuration, making them more resistant against firewalls with Deep Packet Inspection trying to block VPNs. Supposedly, China has to use a different method to block ShadowSocks servers. Mullvad's website is also accessible via Tor at o54hon2e2vj6c7m3aqqu6uyece65by3vgoxxhlqlsvkmacw6a7m7kiad.onion.

ProtonVPN

ProtonVPN {% include badge.html color="info" text="Free" %} {% include badge.html color="info" text="Basic USD $48/y" %} {% include badge.html color="secondary" text="Plus USD $96/y" %}

ProtonVPN.com is a strong contender in the VPN space, and they have been in operation since 2016. ProtonVPN is based in Switzerland and offers a limited free pricing tier, as well as premium options. They offer a further 14% discount for buying a 2 year subscription.

{% include badge.html color="success" text="44 Countries" %}

ProtonVPN has servers in 44 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.

We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.

{% include badge.html color="success" text="Independently Audited" %}

As of January 2020 ProtonVPN has undergone an independent audit by SEC Consult. SEC Consult found some medium and low risk vulnerabilities in ProtonVPN's Windows, Android, and iOS applications, all of which were "properly fixed" by ProtonVPN before the reports were published. None of the issues identified would have provided an attacker remote access to a user's device or traffic. You can view individual reports for each platform at protonvpn.com.

{% include badge.html color="success" text="Open Source Clients" %}

ProtonVPN provides the source code for their desktop and mobile clients in their GitHub organization.

{% include badge.html color="success" text="Accepts Bitcoin" %}

ProtonVPN does technically accept Bitcoin payments; however, you either need to have an existing account, or contact their support team in advance to register with Bitcoin.

{% include badge.html color="success" text="Mobile Clients" %}

In addition to providing standard OpenVPN configuration files, ProtonVPN has mobile clients for App Store and Google Play allowing for easy connections to their servers. The mobile client on Android is also available in F-Droid, which ensures that it is compiled with reproducible builds.

{% include badge.html color="warning" text="No Port Forwarding" %}

ProtonVPN does not currently support remote port forwarding, which may impact some applications. Especially Peer-to-Peer applications like Torrent clients.

{% include badge.html color="info" text="Extra Functionality" %}

ProtonVPN have their own servers and datacenters in Switzerland, Iceland and Sweden. They offer adblocking and known malware domains blocking with their DNS service. Additionally, ProtonVPN also offers "Tor" servers allowing you to easily connect to onion sites, but we still strongly recommend using the official Tor Browser for this purpose.

IVPN

IVPN {% include badge.html color="info" text="Standard USD $60/y" %} {% include badge.html color="secondary" text="Pro USD $100/y" %}

IVPN.net is another premium VPN provider, and they have been in operation since 2009. IVPN is based in Gibraltar.

{% include badge.html color="success" text="32 Countries" %}

IVPN has servers in 32 countries at the time of writing this page. Picking a VPN provider with a server nearest to you will reduce latency of the network traffic you send. This is because of a shorter route (less hops) to the destination.

We also think it's better for the security of the VPN provider's private keys if they use dedicated servers, instead of cheaper shared solutions (with other customers) such as virtual private servers.

{% include badge.html color="success" text="Independently Audited" %}

IVPN has undergone a no-logging audit from Cure53 which concluded in agreement with IVPN's no-logging claim. IVPN has also completed a comprehensive pentest report Cure53 in January 2020. IVPN has also said they plan to have annual reports in the future.

{% include badge.html color="success" text="Open Source Clients" %}

As of Feburary 2020 IVPN applications are now open source. Source code can be obtained from their GitHub organization.

{% include badge.html color="success" text="Accepts Bitcoin" %}

In addition to accepting credit/debit cards and PayPal, IVPN accepts Bitcoin, Monero and cash/local currency (on annual plans) as anonymous forms of payment.

{% include badge.html color="success" text="WireGuard Support" %}

In addition to standard OpenVPN connections, IVPN supports WireGuard. WireGuard is an experimental protocol with theoretically better security and higher reliability, although it is not currently recommended for production use.

{% include badge.html color="success" text="Remote Port Forwarding" %}

Remote port forwarding is possible with a Pro plan. Port forwarding can be activated via the client area. Port forwarding is only available on IVPN when using OpenVPN and is disabled on US servers.

{% include badge.html color="success" text="Mobile Clients" %}

In addition to providing standard OpenVPN configuration files, IVPN has mobile clients for App Store and Google Play allowing for easy connections to their servers. The mobile client on Android is also available in F-Droid, which ensures that it is compiled with reproducible builds.

{% include badge.html color="info" text="Extra Functionality" %}

IVPN clients support two factor authentication (Mullvad and ProtonVPN clients do not). IVPN also provides "AntiTracker" functionality, which blocks advertising networks and trackers from the network level.