VPN is an old concept in the world of computing and it allows you to set up a more or less safe communication method between two points through a public network. It enables you to better hide your internet traffic and also may help circumvent censorship and supports anonymization.
In case you choose a VPN provider you need to consider the following points:
- Your VPN provider shouldn’t keep any logs – especially no logs which would allow the matching of an IP-address and a time stamp to a VPN user.
- Your VPN provider should neither be a US company nor running US-based server. Also a strict no data sharing and an Email deletion policy should be in place.
- Your VPN provider should not run a system where the technical possibility to take down content is implemented (at what extent ever)
- Your VPN provider should have an Anonymous payment system (like Bitcoins) in place.
Out of the “infamous” Cryptoparty Handbook (in fact it’s very useful and most of the people bitching about it, are those who gives a shit helping the community for free) there are the following points to consider:
- Information that is required from you to register an account – the less that is needed the better. A truly privacy concerned VPN provider would only ask you for email address (make a temporary one!), username and password. More isn’t required unless the provider creates a user database which you probably don’t want to be a part of.
- Payment method to be used to pay for your subscription. Cash-transfer is probably the most privacy-prone method, since it does not link your bank account and your VPN network ID. Paypal can also be an acceptable option assuming that you can register and use a temporary account for every payment. Payment via a bank transfer or by a credit card can severely undermine your anonymity on and beyond the VPN.
- Avoid VPN providers that require you to install their own proprietary client software. There is a perfect open source solution for any platform, and having to run a “special” client is a clear sign of a phony service.
- Avoid using PPTP based VPNs, as several security vulnerabilities exist in that protocol. In fact, if two providers are otherwise equal, choose the one not offering PPTP if feasible.
- Look for a VPN provider that’s using OpenVPN – an open source, multi-platform VPN solution.
- Exit gateways in countries of your interest. Having a choice of several countries allows you to change your geo-political context and appears to come from a different part of the world. You need to be aware of legislation details and privacy laws in that particular country.
- Anonymity policy regarding your traffic – a safe VPN provider will have a non-disclosure policy. Personal information, such as username and times of connection, should not be logged either.
- Allowed protocols to use within VPN and protocols that are routed to the Internet. You probably want most of the protocols to be available
- Price vs. quality of the service and its reliability.
- Any known issues in regard to anonymity of the users the VPN provider might have had in the past. Look online, read forums and ask around. Don’t be tempted by unknown, new, cheap or dodgy offers.
In case you want to see, download and study the Cryptoparty handbook (Version 2013-08-21) is here.
There’s also a very useful article at TorrentFreak about “VPN Services That Take Your Anonymity Seriously, 2013 Edition” here.
I tested and used most of the available VPN provider by myself. At the very end I always prefer small, European based service providers, run by someone I met in person.
It’s all about trust, isn’t it? 😀