Most VPN Services are Terrible

Short version: I strongly do not recommend using any of these providers. You are, of course, free to use whatever you like. My TL;DR advice: Roll your own and use Algo or Streisand. For messaging & voice, use Signal. For increased anonymity, use Tor for desktop (though recognize that doing so may actually put you at greater risk), and Onion Browser for mobile.

This mini-rant came on the heels of an interesting twitter discussion:

Again I strongly do not recommend using any of these providers.

Provider / known "Secret" Key

Astril / way2stars  
EarthVPN / earthvpn
GFwVPN / gfwvpn  
GoldenFrog / thisisourkey  
IBVPN / ibVPNsharedPSK!  
IPVanish / ipvanish  
NordVPN  / nordvpn
PrivateInternetAccess (PIA) / mysafety  
PureVPN / 12345678  
SlickVPN / gogoVPN
TorGuard / torguard 
TigerVPN / tigerVPN
UnblockVPN / xunblock4me  
VPNReactor / VPNReactor 

Yes, I know. Many/most of these offer OpenVPN, or special clients for IPSec. But for all of the above, they are actively placing a significant portion of their user base (particularly those with older Androids and desktops) at risk by not using per-user PSKs. If your threat model is streaming BBC or helping your cousin geo-shift Hulu, go wild and plug into the Mad Max-esque Thunderdome commons and take your chances. If you're a dissident in Tehran or Riyadh, be extremely cautious of any of these providers.

Lastly, a VPN Hall of Shame honorary mention goes to* on general principle for blatant sexism and utter insincerity. Their privacy/legal policy section includes LGBT slurs and literally has your-mom jokes. But even ignoring that, as of this writing, there is virtually zero technical information provided, only YouTube videos apparently intended for 10 year-old boys.

Moral of the story: Don't believe everything you read on, say, TorrentFreak and PCMagazine. And (crucially) think about your threat model—are you guarding against amateur WiFi snoops at Starbucks or Marriott? Reducing identity monetization profiling by ISPs (ie ad tracking)? Minimizing exposure to government surveillance? Trying to be anonymous online? If the latter, a VPN won't help much.'s stance on VPN's, recommendations, and hidden incentives within the crypto/influencer space:

We do some affiliate marketing on this site.

Yes, it's true: we do not manufacture crypto hardware wallets, or program all the software we recommend that you try out.

And (occasionally) we even earn a tiny reward for those recommendations.

But NOT with premium VPN service.

NordVPN, PureVPN, and others offer very generous kickbacks to influencers. And your favorite youtube personalities will gladly refer you to their favorite service- probably because of these incentives.

We never have (and likely never will) recommend a premium VPN, no matter how tempting the affiliate incentive may be, because we do not believe they are secure enough.

We recommend only two categories of VPN:

  1. Virtual server platforms like Vultr- where you can set up, host, then delete your own VPN, privately & securely. (learn how in this article)
  2. Free VPN services like ProtonVPN that can be set up with a burner email address.

We think anyone who feels intimidated by more powerful tools like Algo, Streisand, or one-click OpenVPN should start with Proton.

Citations: Archive: Archive: Archive: Archive: Archive: Archive: Archive: Archive: Archive: Archive: (scroll down) Archive: Archive: and

* Archive: and and