Private Internet Access Reviews

My long intro to VPN will tell you about PIA.

Why do you need a VPN?
If you don't like the idea of your Internet Service Provider (ISP) and every government organization under the sun tracking your online activity, you should get a Virtual Private Network service (VPN). To explain very briefly: When you surf the web, the pages you go to are visible to the company you pay for internet access. They can (and in most countries do or even must) log where you go. And in many countries they are then compelled to give that information to the government. This is most often done on the excuse that it's for your own safety, to preserve good values in society or to track what the terrorist are doing. All of that is bullsh*t. It's the equivalent of having a government minder follow you around, record everything you read and who you talk to and when, and then tell you it's for your own good. If you don't like that, e.g. because it has terrible consequences for how a free society should look, then you need a VPN service.

What does a VPN do?
Orinarily you'll tell your computer to connect to a server somewhere that host a website you want to go to. As explained above, this is entirely visible to anyone that cares to look. A VPN gets around it by first connecting your computer to a VPN server (another computer). It's the VPN server that goes out on the net requesting webpages to give content to the VPN server on your behalf. The VPN then feeds the content to you. This way 1) all you ever connected to was the VPN server, 2) if multiple people are connected to that server, no one knows for whom which website that server is fetching (your browsing is anonymized). 3) The connection beween the VPN and your computer is encrypted, so it's very hard to tell what content you're asking for and getting. 4) the websites that give the VPN stuff to give to you only ever talk to the VPN, not to you (ie they receive the VPNs IP address, not your real one), so they don't know who you are either (more privacy!).

A bonus of using VPNs in this way is that the website you visit can be fed an IP address that isn't from the country you are really in. That can have various advantages. It can mean that by accessing search results by using a non-Chinese IP address from a non-Chinese VPN server, Chinese people can get around the Great Firewall of China, and finally learn things their government is hiding from them (this doesn't only apply to China, fo course). Another advantage is that you can, for example, pretend to be accessing the BBC's iPlayer from a UK IP address, even if you don't live in the UK. This means you can watch geographically-restricted content. In sum, you can get around barriers artificially placed on people by accident of where they live/which government they have. VPNs therefore, in principle, are democratizing the internet by allowing everyone to access knowledge they might not normally have access to, much like Wikipedia has done in a very different way.

VPNs are also commonly used by companies and universities to allow their staff to access content from their servers securely. For example, my university might have journal subscriptions which it pays for and which are crucial to my work. But if I'm in another country and try to download an article from that journal, it won't work, because the journal doesn't know I'm entitled to the download. I might then connect to my university's VPN service. My computer talks to the university server, the server goes to the journal on my behalf and gets that article. The journal is satisfied I am allowed this because all it sees is a request from my university.

Which VPN to choose?

(Edit, 2017-04-15): I have recently discovered one of the very few neutral and comprehensive attempts to list the relative privacy and security merits of commercial VPN providers, ThatOnePrivacySite.Net. It's rare, because many VPN review sites are biased affiliates of a particular company, including of Private Internet Access).

Here's where it gets tricky. There are absolute loads of VPN services out there and a giant proportion of them are either insecure or violate their customers' trust, e.g. by being bad guys themselves and logging all your data and then passing it onto others. Key things to consider when choosing a VPN:

  1. Absolutely pick a VPN service with a well-established, long-standing reputation.

  2. Pick a VPN service that makes loud and explicit noises about enhancing privacy.

  3. The most important thing is an explicit promise that they have a no-logging policy. That means they don't record where their users go online and therefore cannot give that information to third parties.

  4. Try to find out if they have a history of sticking to the no-logging policy. For example, Private Internet Access (PIA) had their servers in Russia confiscated, and guess what? No user data. This means that if you used PIA's Russian servers, the Russian government don't know what you used them for, or that it was even you. Which is how it should be, because it's none of their business. They're going after the VPN servers because it's a threat to the authoritarian system to have people browse internet content anonymously.

  5. Where is the VPN service based legally? This is difficult to untangle. There are lots of ins and outs. For example, the US is typically considered a privacy-hostile space to host internet services because of the National Security Letter system by which the NSA can legally force companies to provide user data without even telling the user they're doing it. However... in the US there is no law, to the best of my knowledge, that a VPN service can be compelled to log user data, which means they would have nothing to give to the NSA. The UK recently passed a law (the "snoopers charter" or "Investigatory Powers Act") that compels internet service providers (ISPs) to record everywhere their customers go online and store that information. Despite the positive aspects of what I wrote about PIA above, they are London-based. And it's unclear how this affects their ability to promise privacy. They say they still seek to maintain a no-log policy, but I'm not sure that's enough any more. Sorry, PIA.

On a related note: I'm not a legal expert, but the country whose privacy/internet laws I would most trust at the moment is Iceland, and after that probably Switzerland (see e.g. here). The reasons are long and complex, but in essence: Iceland has a long-standing tradition of protecting journalist's rights, and Switzerland has long-standing privacy laws that attract the most well-encrypted and privacy-conscious services (e.g. Protonmail and Tresorit) to have their servers there.

  1. Other considerations about security might be more technical (e.g. what levels of encryption the VPN service uses, how they derive key hashes, how they do key exchange). That's difficult to explain to "non-techies". (Sorry!) The chances are that if you find a service that fulfills the above criteria (points 1-5), you're likely to be secure enough - but that's a very, very rough (almost too rough a) guide to trust. Sorry if that doesn't help much.

I would avoid a service if there is any doubt at all and there's plenty of doubt about plenty of services. See here for an important note about this. Private Internet Access are listed there as an untrustworthy service and for good reason. But as it also says, your level of worry is different depending on whether you want to stream Hulu or get vital information out to human rights workers from inside Iran. (My advice: err on the side of caution. After all, you don't know that streaming Hulu from the wrong country won't be used against you by some inhumane legal mechanism in 20 years time.)

  1. Convenience. How many servers/countries can you connect to using this VPN? 3? 10? 50? Are you looking to connect to a specific country, e.g. the US or UK so you can watch location-restricted TV? Or because you want to leave comments on Wordpress blogs and always seem like you're coming from a specific country?

  2. Software. This is related to convenience. How easy is it to install the app? Is it just a Windows, Mac, Linux program you download and install? Or do you need more complex knowledge of how to use another client, like OpenVPN? (OpenVPN is harder to use, but open source and more trustworthy.) Also, is it more that you want something that works on mobile?

  3. Does the service require you to set up an account or payment method that links your account to your real identity? For max. anonymity, you shouldn't be forced to give your real name, telephone number, real IP address, Paypal account details or credit card... if you don't want to. You should be able to setup the account from a) not necessarily your computer, b) a fake name, c) pay with cryptocurrency (like Bitcoin or Monero)... if you choose to.


Here's a recommendation: AirVPN

Do I know for sure they've not been compromised or that they are naïve in their security? No. But they do have: 1) the level of promise of privacy many look for, including a no-log policy; 2) a detailed, technical account of how they implement their encryption; 3) support for Tor; 4) a good reputation; 5) many, many servers... 6) multi-platform support, 6) unusually, very detailed descriptions of what to expect from different servers (response times, number of users - all good for a transparent, trustworthy service), 7) accept bitcoin as payment; 8) are not based in the US/UK or other questionable jurisdiction (they are based in Italy).

Full disclosure: I am not employed by or involved with AirVPN. They don't pay me to say this or to do anything else (because they don't pay me). I'm just passing on the best advice I have to pass on.

Disclaimer: If you join AirVPN and do something online that leads you into trouble through your own or their negligence, I am not responsible. The choice for picking a good VPN service provider is yours. I also am not recommending them because I am their customer. But have I heard good things about them? Yes.


Please note that the Swiss-based, free and open-source, encrypted email provider Protonmail will soon release a VPN service. Given their reliability so far in this area, their support for Tor, they are likely do VPN well: see here.

[Edited by JohnFastman, April 15]

Cool article. I have been using IPVanish, and like it. Except only that the internet connection gets disrupted every now and then. Will research a bit more. thanks for posting.

[Edited by Venom88, March 15]

IPVanish are specifically named under one of the links I listed above as putting their users at risk. The reason is that they don't use per user PSKs. Read more here: https://gist.github.com/kennwhite/1f3bc4d889b02b35d8aa

Btw, devchatterjee, your website (http://devchatterjee.com/ ) isn't using a https (ie a TLS certificate). That means everyone can completely read and record the traffic passing between your site and your visitors. That's a privacy and security issue. You can easily fix that for free by using Let's Encrypt, which is an open source project.

Reply

Great

about Private Internet Access · ·

Needs more likes... great and reliable service. There's also a standalone linux client rather than having to setup with openvpn. https://www.privateinternetaccess.com/forum/discussion/1940/pia-vpn-app-linux-beta

Reply

Awesome

about Private Internet Access · · 1 Helpful

This is a truly great VPN service, with a great & easy piece of software which allows you to connect, as well as a working android app, which earns extra points in my book. No logging, nothing sneaky or morally reprehensible, no selling your info. Speeds are great, though where I live, they are usually not very high anyways, so it could be different for you. One of the coolest features, I find, is that you can use almost any gift card for other shops/businesses to pay for this. I think they take over 100 different ones. That's pretty damn cool, on many levels. It also allows you to anonymously pay for the service. They seem genuinely concerned with privacy overall, and their blog is even interesting & helpful to read. Good forum for support, great customer service & many servers to choose from. Really glad I asked a friend what they'd recommend, because I would have spent forever having to look for a new one after I realized what a crock Witopia was. I have been extremely satisfied with this. Oh and there's a killswitch built in for optionally having it disconnect your internet if the VPN cuts out or something, that way no data goes through if anything happens.

Also it takes really small amounts of resources. I hardly notice it when it's running. The price is another factor that really makes this a winner. I mean, I was thoroughly surprised at how low that was, especially when I'd seen so many other services charging sometimes even double what they do. Oh and they're torrent friendly. Pretty spiffy indeed.

Reply

Great so far!

about Private Internet Access · ·

I've used PIA for almost a year and found that it works great. Before writing this I was just looking to see if there were any competitors I might switch to, but after searching and not finding any real reason to switch, I'll be sticking with PIA. I use it for both Android and Mac. I set it up on my DD-WRT router, but the router's processing power was not fast enough to keep up with the encryption. So that's been disabled. There are so many free WIFI spots available today, PIA saves you from having to purchase a MIFI. The way I see it PIA saves you money.

[Edited by toddlacy, April 08]

Reply