After making a post about comparing VPN providers, I received a lot of requested feedback. I’ve implemented most of the ideas I received.
Providers
- AirVPN
- IVPN
- Mozilla VPN
- Mullvad VPN
- NordVPN
- NymVPN
- Private Internet Access (abbreviated PIA)
- Proton VPN
- Surfshark VPN
- Tor (technically not a VPN)
- Windscribe
Notes
- I’m human. I make mistakes. I made multiple mistakes in my last post, and there may be some here. I’ve tried my best.
- Pricing is sometimes weird. For example, a 1 year plan for Private Internet Access is 37.19€ first year and then auto-renews annually at 46.73€. By the way, they misspelled “annually”. AirVPN has a 3 day pricing plan. For the instances when pricing is weird, I did what I felt was best on a case-by-case basis.
- Tor is not a VPN, but there are multiple apps that allow you to use it like a VPN. They’ve released an official Tor VPN app for Android, and there is a verified Flatpak called Carburetor which you can use to use Tor like a VPN on secureblue (Linux). It’s not unreasonable to add this to the list.
- Some projects use different licenses for different platforms. For example, NordVPN has an open source Linux client. However, to call NordVPN open source would be like calling a meat sandwich vegan because the bread is vegan.
- The age of a VPN isn’t a good indicator of how secure it is. There could be a trustworthy VPN that’s been around for 10 years but uses insecure, outdated code, and a new VPN that’s been around for 10 days but uses up-to-date, modern code.
- Some VPNs, like Surfshark VPN, operate in multiple countries. Legality may vary.
- All of the VPNs claim a “no log” policy, but there’s some I trust more than others to actually uphold that.
- Tor is special in the port forwarding category, because it depends on what you’re using port forwarding for. In some cases, Tor doesn’t need port forwarding.
- Tor technically doesn’t have a WireGuard profile, but you could (probably?) create one.
Takeaways
- If you don’t mind the speed cost, Tor is a really good option to protect your IP address.
- If you’re on a budget, NymVPN, Private Internet Access, and Surfshark VPN are generally the cheapest. If you’re paying month-by-month, Mullvad VPN still can’t be beat.
- If you want VPNs that go out of their way to collect as little information as possible, IVPN, Mullvad VPN, and NymVPN don’t require any personal information to use. And Tor, of course.
ODS file: https://files.catbox.moe/cly0o6.ods
You must log in or register to comment.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 113 users / day
- 519 users / week
- 1.44K users / month
- 4.49K users / 6 months
- 1 subscriber
- 4.3K Posts
- 109K Comments
- Modlog
Where does AzireVPN stand?
How does Obscura compare? @Charger8232@lemmy.ml They’re pretty innovative imo. Its cool that VPNs are doing new stuff, like Mullvad’s DAITA.
@Charger8232 as a NymVPN user I would add that I got 2 years of service paying in crypto for $50
Also this post is from Lemmy, so I retooted a Lemmy post
PIA isnt independent, its by a Israeli spyware company, that owns multiple VPN Review sites and VPN services . Remove it from the list.
I read from somewhere that mullvad is owned by two israeli guys. Dont remember the names, but I was told, that it’s written on a frontpage or smth.
No, don’t rrmove it from the list. Make a note acknowledging the issue so others see it
Whoa for real??
Yes. The owner/developer is Kape technologies, an Israeli spyware/adware company.
To quote from cnet
Whether or not PIA or ExpressVPN or the other providers owned by Kape fulfill this data scraping and ad-serving pipeline in my mind is irrelevant. Choosing to do business with them rewards bad actors when there are other VPN sellers who don’t have such a tainted lineage.
It is a bit weird that AirVPN has not been audited…
It’s not entirely a big deal to me.
I think I agree with the staff reply on this thread: https://airvpn.org/forums/topic/56799-audits/
Mullvad also ran some pretty quirky ads on our public transit. I hadn’t been that familiar with them, but it did heighten my awareness, and they seem pretty fine.
Tor isn’t a VPN. It’s a proxy.
OP this is a big improvement from your previous post. It’s an excellent starting point for folks who are looking to start using a VPN. There’s a lot of constructive criticism in here, which is good, but might be discouraging. Just know that this is already very useful for many people.
For anyone who considers getting the tor vpn android app “Tor VPN is beta software. Do not rely on it for anything other than testing. It may leak information and should not be relied on for anything sensitive” (it is a disclaimer from their website)
Thank you for adding the created date column and making sweden green
Why isn’t F-Droid included in the Availability section?
Could be wrong but I think it’s due to the security vulnerabilities present, its generally better to just use Google play store with an anonymous account.
Na… The likelyhood of installing some bad or fake app from google play store is much higher than on fdroid.
i think the security issues are not about fake apps, but about fdroid signing the builds themself, while their build infrastrcuture is described as insecure
The issue there AFAIK is that some app builds aren’t fully reproducible, because if they were the developer signature would still apply and be used. In the reproducible case the security of the build infra wouldn’t matter, because the same app would be produced the same regardless were they are build.
Without reproducible builds, you cannot really trust the software anyway, because the Dev could hook some hidden code only for the released binary app and sign that.
uhm no not really? I mean reproducible builds are used to cross verfiy that it is the same binary in this case, but like android has no mechanism to do that, this is not how it works.
that a build should be reproducible is more about your second point and doesnt really have anything to do with fdroid, as far as i know
Edit: these links should explain it all: https://discuss.grapheneos.org/d/21675-fdroid-security/2
https://f-droid.org/en/2025/09/29/google-developer-registration-decree.html
Would be nice to include boycat vpn
Since you do not seem to list self-hosting options, e.g. WireGuard or OpenVPN, then IMHO it’d be good to at least have a line on each about what’s the actual backend, e.g. does service X runs on WireGuard, OpenVPN, something else, something proprietary that has been audited by 3rd party if so whom and when.
Edit: suggested self-hosting (but not at home) WireGuard in the previous thread https://lemmy.ml/post/37270537/21536054
I think it’s worth noting NYMVpn uses a quite advanced mixnet for security which is different from other VPNs and theoretically more secure than even TOR. I say theoretically because it hasn’t yet been proven with large scale use.
https://nym.com/blog/what-is-a-mixnet
I see that Windscribe was included. Their price tier is always in promotion so I’d take that in consideration.
Also, they have app for Linux: https://windscribe.com/features/linux/
It is not in Electron like many others. It is native Linux.
ProtonVPN: only 8 years old: RED FLAG!
Well reddish flag at least, is there a rationale behind this? I mean 8 years is quite a long time.
I think it’s just a relative color scale from a spreadsheet… with the older being the greenest, the youngest the reddest, and the rest just fall in between. ProtonVPN just happens to be in between, it’s not as red as the others but also not as green as the ones that have been around for much longer.
So you also think the choices were not that good?
I mean what you are saying is that if there had been a 50 year old one, all the others should be red?
I’m just explaining the reason why it’s more reddish (but not as red as others). It’s something most spreadsheet software (this was clearly MS Excel) can do automatically with numbers for visual indication so we can more easily see the distribution, it does not mean 8 years old is bad.
If there’s a big unbalance in color it would just make it more visible that there’s a big unbalance in ages. Probably if that had happened more colors could have been added to the gradient, maybe maroon->red->yellow->green->blue->white. But I think it was not seen as necessary in this case (or the author was lazy, since these are one of the defaults I believe).
Who cares about why it happened? I mean it’s kind of obvious. No one questioned why excel shows a specific colour, but I did why the person making the spreadsheet did in fact use what you go to lengths to explaine, in a specific way. It’s like saying sorry your paycheck was halved because we have this software and today it divided your salary in half. Not saying that’s not ok or anything, but explaining how “dividing by 2 halves a number”.
I feel you explain something, while correct, had nothing to do with what I said.