I’m shopping for a VPN providers, and really struggling to find a detailed and non-biased breakdown of the various options. A number of years ago, I recall finding an extremely detailed VPN comparison spreadsheet that had 30+ columns, which were contained criteria by which the VPNs were judged both quantitatively and qualitatively. I can no longer find that table, so I suspect it has been removed, but I did find the less-comprehensive table, below:

https://docs.google.com/spreadsheets/d/1ijfqfLrJWLUVBfJZ_YalVpstWsjw-JGzkvMd6u2jqEk/edit?usp=sharing

In the thread posted by the owner of this sheet, a few commenters pointed out that the highest rated VPN providers in this table just happen to be the ones that advertise most aggressively and are well-known for buying positive reviews from tech blogs, which are pretty clearly designed to be misleading. I too am suspicious that this table can’t be trusted, however I really am not knowledgeable about VPNs, so before passing judgement, I figured I should consult those who know more about it. I also recognize that a strong marketing team and an excellent product aren’t mutually exclusive, however I think that generally applies more in markets where economies of scale play a significant role, as does mass-adoption, which fuels loads of well-informed, independent research (ex: the car market and phone market.) That obviously isn’t the case with the VPN markets… but I’m still sorta holding out hope.

If I end up excluding this table, I’m not sure where to turn at that point. Shilling is extremely pervasive in the VPN market, so it’s tough to trust any one person or any one thread. It’s also well established that a few of the large VPNs actually own a number of review blogs, so I can’t really trust blogs either.

I guess I’m here hoping to be told that my suspicions about this table are unfounded, and / or that another excellent, unbiased resource for comparative VPN info exists. Any help would be appreciated!

  • alt@lemmy.ml
    link
    fedilink
    arrow-up
    27
    arrow-down
    1
    ·
    edit-2
    1 year ago

    a few commenters pointed out that the highest rated VPN providers in this table just happen to be the ones that advertise most aggressively and are well-known for buying positive reviews from tech blogs, which are pretty clearly designed to be misleading

    Exactly. This is unfortunately common practice, so this breakdown can be dismissed as they’re obviously biased due to monetary motivations.

    Consider to read Privacy Guides’ take on the matter instead.

    (Perhaps personal) TL;DR would be that Mullvad VPN in combination with Mullvad Browser offers the most private internet browsing experience for people who don’t desire to connect to the Tor Network. Furthermore, Proton offers a suite of privacy-friendly services for mail, drive, password manager etc. Therefore, for the sake of trusting the least amount of parties for these services (at the cost of putting all eggs in one basket), one might consider Proton VPN instead; additionally it includes a free tier and some support to port forwarding (read: allows the use of torrent applications).

    • JDubbleu@programming.dev
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      I did a lot of research a few years ago and settled on ProtonVPN. I won’t say anything authoritative regarding privacy as I haven’t done any recent research, but I’ve been very happy with the service so far.

      I run a seedbox with all the traffic from qBittorrent tunneled through ProtonVPN and I’ve gotten up to 200 Mbps down through a few very healthy torrents before, and on dedicated speed tests I can pull down ~250 Mbps on my gigabit service. I’ve also never had it go down despite using the exact same server 24/7.

      Their documentation is also amazing and they generate connection configs for Wireguard and OpenVPN on their website using provided parameters making it dead simple to get started.

      • alt@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        Not much to say regarding their first paragraph.

        As for their second paragraph, perhaps they are rightfully sceptical regarding Privacy Guides. The body of topics they try to cover is substantial, though. And if TheAnonymouseJoker or whosoever disagrees with them, then they’re free to challenge their views.

        Privacy Guides isn’t any kind of Gospel or whatsoever that you’d have to agree with in its entirety. I do believe, however, that they’ve done a tremendous job at offering a one-stop shop for those that are conscious regarding their security and privacy. Everyone is free to choose and pick whatever they like from there or not.

        I would love to hear about other resources that do a similarly great job at providing at least decent information when it comes to security and privacy; FWIW thenewoil.org exists, however I don’t recall any VPN overview/guide/recommendations from them.

  • Mikelius@lemmy.ml
    link
    fedilink
    arrow-up
    14
    ·
    1 year ago

    I wish there were some descriptions per provider with the ratings. Mullvad gets constant tests by third party against their network and has proven many times they have a no log policy that’s working, yet they got a 4 out of 5…

    With only numbers and generic descriptions that don’t quite match the truth, feels like this sheet is a little misleading. Also, I find it ironic that it’s on Google sheets.

    • grubbylarry@lemmy.mlOP
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      General consensus seems to be that it should be ignored. Your point is well received too. Thank you!

  • random65837@lemmy.world
    link
    fedilink
    arrow-up
    11
    arrow-down
    1
    ·
    1 year ago

    You’re taking something simple and making it complicated. Go with known trusted VPNs that have a history of proving themselves. Mullvad, iVPN, Proton (most of their history is with the email, but that means something) they’re all priced pretty close, no need for insane scrutiny.

    Unless you’re buying kilos of fentanyl and automatic weapons off the dark web, don’t overthink it. Absent that, if your goal is simply hiding your IP and appearing in a different city somewhere, just grab a trusted one.

    • grubbylarry@lemmy.mlOP
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      1 year ago

      Thanks for the recommendations. Regarding it being easy and me making it difficult, I respectfully disagree, and would like to provide a bit perspective. If you’re here replying I suspect you’re at least a minor hobbyist, and I’m sure that privacy and security solution selections seems quite simple to you. I assure you, it isn’t easy for everyone.

      This particular market is literally overrun with intentionally deceptive and often very outdated information, which make it an absolute minefield for the uninitiated. I’m thankful I dove deep enough that I realized I needed to ask a question, because I may have ended up with one of the many much worse choices had I not asked.

      • grubbylarry@lemmy.mlOP
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Is the privacy guides link you posted a different site than the one which TheAnonymousJoker is recommending against?

        • alt@lemmy.ml
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          It’s the same folk, basically. TheAnonymouseJoker or whosoever is free to have their own opinions. Fact is that Privacy Guides is an open community that allows the discussion of these topics. If anyone doesn’t like their takes, they can either head to their Github page or to their own platform for a dialogue on the matter.

    • grubbylarry@lemmy.mlOP
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      Thanks, that is very helpful. For the record though, which PrivacyGuides are you saying I should avoid? Is it the site this comment mentions? https://lemmy.ml/comment/5985755

      I also see that the person who replied to your comment linked a didn’t Privacy Guides site.

  • AnEilifintChorcra@sopuli.xyz
    link
    fedilink
    arrow-up
    7
    arrow-down
    2
    ·
    1 year ago

    There seems to be a lot of discount codes and affiliate links which usually means payment from the providers to the person running the list. When money is involved, truth is often the first casualty, so I would take it with a grain of salt.

    https://www.techlore.tech/vpn.html has a pretty good list, its open source so anyone can create an issue/contribute on github https://github.com/techlore/website/tree/master/assets/vpn. They’re open about any affiliate links https://discuss.techlore.tech/pub/sponsors-affiliates and are pretty well regarded for an intro in to online privacy

    https://www.privacyguides.org/en/vpn/ is also a great resource with a much smaller and stricter list with regards to privacy and tends to be my go to when I’m looking for a new privacy respecting service. I think they have a community here but I don’t think its very active and they also have a subreddit which was pretty active the last time I was on it a few months ago

    • M500@lemmy.ml
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      So what if the vps hands your data to the feds and the feds are like hey, why was your vps torrenting Paul blart mall cop 2?

      What do you say to that?

      That’s my only concern with hosting my own vps.

      • random65837@lemmy.world
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        1 year ago

        That 100% correct, literally no different than just using your ISP at that point, zero control over the hardware and no ability to control the IP.

      • auth@lemmy.ml
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        1 year ago

        you think they cant issue a warrant against any VPN hosts?

        • M500@lemmy.ml
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Sure they could, but you are a a bit more anonymous and don’t keeps logs, then there may be nothing to hand over.

          Hosting your own vps directly ties internet traffic to you. They can see your ip is part of a swarm and see who owns it. If it’s owned by some guy, they can press you. If it’s owned by a company with a legal team, it’s much more difficult.

      • grubbylarry@lemmy.mlOP
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        NGL doing something like that is WAY above my pay grade anyway, but I still am interested in the answer to this question, because I’ve seen the advice to take the ‘self-operated’ approach before.

        • M500@lemmy.ml
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          It’s not too difficult to setup, but I think people don’t realize that even if your not breaking the law, you may still have to deal with charges and going to court for years before your found innocent. All while dealing with the stress of a jury possibly finding you guilty.

          Then you have prosecutors offering plea deals, so then you think do I stand my ground and risk X years in jail? Or do I plead guilty and just go to jail for 2 years?

    • random65837@lemmy.world
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      1 year ago

      And in doing so you have a never ending list of logs that you can’t control. Fine if you only want to hide location, but useless other than that. 1 LE request and every log will be in there hands in 5mins.

      • auth@lemmy.ml
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        I host the server, I dont have to keep any logs and I can pay with moneros

        • random65837@lemmy.world
          link
          fedilink
          arrow-up
          1
          arrow-down
          2
          ·
          edit-2
          1 year ago

          Gotcha, your own server makes it better clearly, but you originally said it was on a VPS.

          To be clear though just because I’m anal, you mean YOUR server? Not a VPS you pay somebody else to use? As in you can physically touch it if you want?

          • auth@lemmy.ml
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            edit-2
            1 year ago

            whats the difference in trusting a remote vpn provider or remote vps provider? from a privacy standpoint… btw my vps is hosted in russia and I cant touch it… can you touch the server that host your vpn???

            • HappyRedditRefugee@lemm.ee
              link
              fedilink
              arrow-up
              3
              ·
              1 year ago

              I’d argue that deanonimation would be easier.

              In a VPN you have hundreds of clients and also hundreds of outbound connections, tho not impossible is way harder to find out which connection is being piped to which client. On you own hosted VPS, if you have a dedicated ip is easier, all the traffic will be redirected to only one address, then one of your client.

              Even with a vps with a shared ip the number of clients mantaning open connections is probably way lower on average.

              • auth@lemmy.ml
                link
                fedilink
                arrow-up
                1
                arrow-down
                2
                ·
                1 year ago

                I don’t know what size my vps provider is compared to your VPN provider but I’m pretty sure they would tell the US government to fuck off if they asked for data… They are from Russia

                • HappyRedditRefugee@lemm.ee
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  1 year ago

                  You are missing the point, in this case the vector would not be someone requesting data but someone surveiling the VPS or VPN server’s traffic and drawing conclutions out of it

            • random65837@lemmy.world
              link
              fedilink
              arrow-up
              1
              arrow-down
              2
              ·
              1 year ago

              It’s a transfer of trust either way, point being you don’t have physical control over it, and therefore have no idea what’s actually happening on the other end, you’re not hosting it, they are, you’re just administering it.Russia is NO fan of privacy, arguably worse than the US, and now talking about banning all VPN use.

              My server is in my house physically. I’d never host my own VPN because I could never compete with what commercial ones in privacy respecting countries can do, let alone needing more outsourced servers for changing my location all over the place, which I do regularly.

              • auth@lemmy.ml
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                1 year ago

                If you don’t host your own VPN, what’s the difference

              • auth@lemmy.ml
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                1 year ago

                Russia may be worst, but I doubt that they will share data with the USA and I will never visit Russia.

    • Psychhim@mastodon.social
      cake
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      @authed @grubbylarry I also used to host my own openvpn and wireshark servers on a vps. But later I shut them down. The thing is, vps will definitely trade your data if Gov pressure is high. Remember, data protecting is not their first priority being a VPS provider, their main priority is giving infrastructure to customers. But with vpn providers, their core business model is based on protecting users privacy (I am not saying all really do that, but many are bound to follow swiss laws or such)

      • Psychhim@mastodon.social
        cake
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        @authed @grubbylarry Proton VPN free plan is even better than hosting vpn on a vps, because they atleast can claim of being protected by the Swiss law, so atleast they can protect your data by that. Whereas you can’t even sue your vps if they share your data with anybody, because nobody knows if they really did it. Additionally the problem of dedicated ip is there always.

      • auth@lemmy.ml
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        Do you really think that a VPN provider would resist requests from the US gov?

          • auth@lemmy.ml
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            edit-2
            1 year ago

            thats your opinion… I think they will honor a warrant any day… I.E.: Plz enable logs and let me look at them

            • random65837@lemmy.world
              link
              fedilink
              arrow-up
              1
              arrow-down
              2
              ·
              1 year ago

              Honoring a warrant doesn’t mean much, when there’s nothing to turn over than a connection IP and some timestamps, vs all the traffic that could be there otherwise. That’s been proven multiple times with zero knowledge VPN providers.

              They can’t make them starting doing things there system isn’t made to do just because they want them to, not how warrants work. Again, been proven many times over at this point. Knowing that you connected at a time, exited from a shared IP, with a bunch of nonsense in the middle keeps you pretty safe. That ignoring that’s even harder when that zero knowledge provider is ina country like Switzerland where it takes VERY direct reasons to have a judge approve a warrant in the first place, dragnets aren’t allowed there, and even then, nothing useful comes back.

              A country like Russia wouldn’t kick back info, but their spying is at China level, so you’ve already lost there.

  • SterbenDeathGun@lemmy.ml
    link
    fedilink
    arrow-up
    3
    arrow-down
    2
    ·
    1 year ago

    I have been using NprdVPN for 5 years. Speed is pretty good, and their zero-log policy have been proved by 3th party. They also use RAM only servers which is better.

    It may be a bit expensive though.

    • grubbylarry@lemmy.mlOP
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      1 year ago

      Is that July 20th, 2019, or July 19th, 2020? Regardless, I’m under the impression that the VPN world (or really the tech world in general) evolves waaay too quickly to rely on information that’s either 3 or 4 years old. Also, as I’m typing this, I also think I saw info that That One Privacy was acquired by a company that sells multiple VPN services, a few of which are included in that sheet if I’m remembering correctly.

      EDIT: Confirmed.

  • BurningRiver@beehaw.org
    link
    fedilink
    arrow-up
    2
    arrow-down
    2
    ·
    1 year ago

    I use PIA, it was recommended to me by a cybersec friend of mine. It’s dirt cheap as well. $79usd for like 3 years I think?

  • Corroded@leminal.space
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    2
    ·
    edit-2
    1 year ago

    It does seem a bit sporadic. Surfshark seems to be on top above other providers like Mullvad and ProtonVPN. It might have a bit to do with how it weights various criteria.

    What VPN is best for you really depends on what you value. A bunch of people left Mullvad for example because they no longer offer port forwarding which can complicate things like bit torrenting for example.

      • Imprint9816@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        I think between daiqo and the users at privacyguides the concerns you mention are well accounted for. To me, this from daiqo stood out as why AirVPN ends up being an easy choice for a lot of users.

        “Additionally, there are not that many alternatives left. Mullvad is obviously the gold standard and IVPN follows, but both don’t have port-forwarding anymore. OVPN got acquired by Pango. Proton is a good alternative but not so viable for macOS users. There are a bunch of others but you’ll always need to compromise much more than with AirVPN.”