CNN had me review a bunch of VPN services for their Underscored site. I looked at 11 different products. I don’t have to tell you why you should use a VPN. But no product can 100% handle the trade-off among three parameters: anonymity, or the ability to move online without anyone knowing who you are; privacy, or the ability to keep your own data to yourself; and security, or to prevent your computers and phones and other gear from being compromised by a criminal. You can’t do all three completely well unless you go back to pen and paper and the Pony Express. Using a VPN will help with all three aspects, and some are better than others at balancing all three.
My two favorites were Mullvad.net and IVPN.net. Both use a novel idea to ensure that they don’t know anything about you — when you download their software, you are assigned a random string of characters that you use to identify yourself. No email necessary. If you don’t want to use your credit card, you can pay via alt-coins too. Consider this a “single-factor” authentication. That means no password is required once you have entered your code, it is unlikely that anyone can guess this code or find it on the dark web (unless you reuse it, which you shouldn’t), and there is little chance anyone could connect it back to you even if they did manage to get a hold of the code in a breach.
Both vendors don’t have the largest server networks (that title is shared by Hotspot Shield, Private Internet Access, ExpressVPN and CyberGhost). But each of these are owned by corporate entities that play fast and loose with your private data (Aura and Kape Technologies). If you want to spend more time understanding the privacy issues, check out Yael Grauer’s excellent analysis for Consumer Reports Digital Lab here.
Not on my recommended list is the VPN that I have been using for the past several years — ProtonVPN (shown above). I am of two minds here. On the plus side, I have a fond spot in my nerd heart for Proton, the Swiss company that was an early proponent of encrypted email. But the VPN product is slower, more expensive, harder to use and more of an “OG” VPN that requires emails and credit cards to subscribe. Yael’s report also mentions some privacy difficulties with the service, as well as those well-advertised services mentioned above that have leaked data or aren’t as transparent as they claim to be.
If you leave home, you need to run some kind of VPN. Period.
Another good site to check out is G2.com, which has tons of verified and validated user reviews of thousands of products, including both corporate- and personal use-VPNs. You can do side by side feature comparisons, and ask questions of the community using a class of products. It’s pretty cool, as they can cast a wider net than the expert-driven review sites and avoid the poisoning that happens with open review sites or commercial sites like Amazon.
https://www.g2.com/categories/virtual-private-network-vpn
Always love the newsletter. Thanks David!
David Willis
You say “when you leave home you need a VPN”, but what about your local ISP gathering info on you, tracking your viewing habits, etc.?
Yes, well you should know what your ISP’s data tracking policy is and ensure that they aren’t. If you are ultra-paranoid, you could run a VPN 24/7.
Hi David,
Not quite the same subject, but what is the threat level with Kaspersky? Should we be immediately removing and replacing. What would you recommend instead?
Thanks,
Eric.
Stay put for the time being. Nothing conclusive from my POV. PC Mag wrote this analysis that recommends replacement. https://www.pcmag.com/opinions/should-you-buy-kaspersky-security-products