The Hitchhiker’s Guide To VPNs

A Virtual Private Network (VPN) is one of the most common tools that provide increased online security and privacy.

VPNs provide you with security and privacy by hiding your location by hiding your real IP address from the sites that you visit, protecting you from surveillance by your ISP, encrypting your data and protecting you when you use public WiFi networks, and helping you circumvent censorship.
There are tons of VPN providers to choose from. You should focus on selecting a VPN provider that meets your security needs.
Some of the most important factors to consider when selecting a VPN include;

VPN Protocols Implemented

A VPN protocol determines how data is encrypted and treasured between your device and the VPN’s servers. VPN protocols are used to provide stable and secure connections.
Good VPN providers provide strong protocols such as WireGuard and OpenVPN.
WireGuard
WireGuard is the latest VPN protocol. It is open source and uses cryptography in its encryption, making it one of the fastest and most secure protocols available.
OpenVPN
The most popular protocol. It is open source and is made up of configurable authentication, handshake, and encryption parts. You can configure the encryption schemes of these parts to your ideal settings to meet your security needs.
OpenVPN can bypass most restrictions and firewalls.

Privacy

Reputable VPN providers should be able to provide you with their services without collecting unnecessary information that could put your privacy and security at risk.
They should for example not collect personal information during registration. They also must accept anonymous forms of payment i.e. cash or anonymous cryptocurrency such as monero.

Security

The main reason for using a VPN is to secure your online activities. Worthwhile VPN providers ensure their services implement the latest and most secure encryption schemes by default.
The ideal Encryption Schemes for OpenVPN are: SHA-256 for authentication; at least RSA-2048 for handshake; and
AES-256-GCM for data encryption.
They should also implement additional security features such as:

• • • Independent Third-party Audits

  Most VPNs are far from what their providers claim they are. The only way one can verify their claims is by reviewing reports of security audits conducted by reputable third-party firms.

• Reports from audits disclose security vulnerabilities that a VPN may have. The audits should be able to verify the no-logging claims made by most VPN providers.

• • • Killswitch Support

  A Killswitch automatically disconnects your internet connection when you lose connection to the VPN.

• • • Multihop Support

  Multihopping toutes your data through multiple servers. This increases the security of your data in case of a single server compromise.

• • Perfect Forward Secrecy (PFS) support

PFS is a process through which the encryption scheme frequently and automatically generates new encryption keys to provide increased security in case you get compromised.

Transparency

To be able to trust A VPN provider with your internet data, the provider should be open about their ownership and leadership.
Trustworthy providers should be transparent about how they handle government requests. They should also provide regular reports regarding government requests if they receive any.
Good VPN providers should also be transparent in their marketing. Transparency in marketing can be demonstrated by providing educational information on privacy and anonymity including on the limitations of VPNs and when use of Tor.

Additional Features

Other factors you could consider include adblocking, warrant canaries, ease of use, customer support, the number of allowed simultaneous connections, etc.

Recommended VPNs

Mullvad

Mullvad is a VPN provider based in Sweden that focuses on transparency and security. Mullvad has servers in 43 countries.

• • • • Independently Audited

    One of the most recent audits on the security of Mullvad’s VPN infrastructure was done by Assured AB between April and June 2022. The

  report

• was published in June.

• The audit found multiple security issues ranging from “low” to “medium” in their severity. Mullvad made improvements aimed at resolving the identified issues.

• The audit also found that Mullvad neither leaks nor logs its users’ data.

• • Atredis Partners also conducted a security audit of Mullvad’s VPN apps and released the

  report

• in October 2022.

Quote:The Report’s Key Conclusions
Overall, Atredis Partners found the Mullvad VPN clients to be well-architected from a security perspective, with limited attack surface that could be reached by an external malicious party, and important protection mechanisms were in place to prevent most unintended traffic leaks.
Atredis Partners detected a few edge cases where traffic could be accidentally leaked outside the VPN tunnel. These leaks were either patched quickly by the Mullvad team or were due to the operating system itself, in which case the Mullvad team updated documentation and submitted issues to the operating system vendor where appropriate.
As in any security assessment, some areas for improvement were noted, but overall Atredis
Partners would rate the Mullvad VPN clients as sound from a security perspective.

• • • Open-source

  The source code for all of Mullvad’s desktop and mobile clients is available on GitHub.

• • • Anonymous Accounts

  In addition to not collecting any personal information during account creation, Mullvad accepts and encourages its users to pay with Monero and cash/local currency as anonymous forms of payment.

• • • WireGuard and OpenVPN Support

  Mullvad supports both WireGuard and OpenVPN protocols. WireGuard is used by default or only protocol on Mullvad’s Android, iOS, macOS, and Linux apps. Windows users have to manually enable WireGuard.

• • • Kill switch

  Mullvad has a kill switch that stops all internet connections when you experience connection issues while using the VPN.

You can access Mullvad’s website via Tor through their onion address.

IVPN