NordVPN is actually the best VPN if we balance out the categories.

Author: RationalMadman

Posts

Total: 29
RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
SurfShark's advantage on Nord is that it offers unlimited devices, is much cheaper and enables efficient split-tunneling.

If you pick anything other than SurfShark or Nord, you are either paying too much or paying for trash. Find me one exception and I'll 'eat my hat'.

SurfShark says that it offers unlimited devices. It also says that it has an efficient whitelister (split tunneling) mechanism and that it camouflages your connection as HTTPS traffic to your ISP (which is extremely important if you're in an oppressed nation).

Transparency issue 1: Split-tunneling

The problem is lack of transparency and I am going to explain how/why. As soon as you enable split-tunneling with SurfShark, you are not fully camouflaging your connection because it demands Ikev2 Protocol (which they never explain, and your settings will say you're on OpenVPN with UDP but really you have IKev2 with maybe some layer of OpenVPN on top). This is especially true if using the Android or iOS when/if you have their 'whitelister' activated for some apps. It is spitting the connection but operating on a protocol designed for good configuration but less 'pure security' nonetheless I'd say sure, there's no leaks happening but the key is that the apps/programs you make 'whitelisted' will sense you're using a VPN due to how it splits. This means if you think you can just split it like that and the things using your real IP will go 'ah everything is fine' you are so wrong. If you play online poker, use any bank-related programs or something that basically your money and real-life depend on, you can technically be banned for doing this even though you white-listed it. That aside, to truly whitelist a program in Windows with SurfShark is so utterly more complex than they make out with their 'tick the game you want to whitelist' options. The Client you play on is one of many .exe files (Idk what mac has instead of .exe and never ever will care, Apple and me fell out of love a long time ago). If you go through all the .exe files, you often find 'tracker' especially for games that want to ban 2 people playing from the same IP or track cheating or ban-bypassing like that. If you are not running that through your real IP, you can get banned for it. It comes down to how lenient and understanding the tech team is and how recipient to them, the admins are, that determines the mercy given to you when you explain you didn't realise you weren't whitelisting it fully. Note, even when whitelisted fully, split tunneling cannot and will not ever fully work for things like that because it works by it understanding you're blocking tracking and other things with your VPN active and then going 'oh we are lucky to have your real IP anyway but how do we really know for sure?'. If you understand programming, you'll realise why NordVPN is much more honest for only enabling you to have split tunneling on Android and why the only true way to split-tunnel on computers is to have browser extensions with your VPN there and the rest of your computer completely 'exposed'. This registers to games and programs as completely acceptable as there is no way you're faking your IP to them, regardless of your VPN on the browser being active. You can split-tunnel on Android with NordVPN if you read their support guide on IKeV2 but it's not 'easy' to setup ('just a bit easier than medium' is what I'd rank it).

ExpressVPN has the exact same issues as SurfShark with regards to authenticating the split-tunnel but maybe they have a workaround or 'true split tunneling' mechanism, I haven't used their product to speak on it. They charge too much, as do Hotspot Shield. I don't trust any other VPN, because I know how to analyse the proper 'never turn you in' element of a VPN based not only on the wording of their T&C and Privacy Policy but physical things, audits, track record etc.


RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
Hotspot Shield and many VPNs (including ExpressVPN but it's secure regardless) do not mean 'no logs'. Only SurfShark and NordVPN have a pure understanding of 'no logs' and only SurfShark is so extreme that it leads to a security flaw in the 'unlimited device' promise.

HSS and ExpressVPN both promise no logs. The problem is that they, like many other VPNs that promise this, keep your logs during your session, delete the 'content of your browsing' afterwards (which you are completely needing to trust them to do) and then say 'we have no logs of anything' but they have logs of your IP addresses, duration of usage etc. ExpressVPN works around this by being very expensive and able to afford storing your sessions on Random Access Memory (RAM) that means it never has the servers to properly be seized by governments. Turkey seized their servers after the assassination and the following occured:

As we stated to Turkish authorities in January 2017, ExpressVPN does not and has never possessed any customer connection logs that would enable us to know which customer was using the specific IPs cited by the investigators. Furthermore, we were unable to see which customers accessed Gmail or Facebook during the time in question, as we do not keep activity logs. We believe that the investigators’ seizure and inspection of the VPN server in question confirmed these points.


Hotspot Shield is, other than VyprVPN, amongst the true "Original Gangsters" (OGs) in the VPN game, VyprVPN owns all its own servers and is very carefully wording its 'no logs policy' by avoiding admitting what it's keeping and using Switzerland laws not to reveal. HSS also uses sly wording but has only ever been proven to be recording the bare minimum required to give targetted ads to its free users (it's a very unusual VPN in that it offers itself free but then charges premium users more to make up the difference and be a 'hero' in some kind of genuine sense). I am almost entirely certain that if in fourteen years, HSS has never once been reported to turn anyone in but I admit it has no 'warrant canary' and is shockingly operating in Ukraine and Russia. I will honestly tell you that track record means a lot in the VPN world, so I don't distrust them due to this. I do, however, find the VPN is not worth the price and I know they are charging that much in order to handle the free users' load.

SurfShark has a simple flaw with regards to their 'pure no logging' attitude. They let you have unlimited devices to one account but don't let you log people out of devices even if you change your password, they justify this as them being true to their no-logs policy. I won't say more as I could be accused of revealing something that I agreed not to reveal as a user in some fineprint but that is a blatant flaw and one you could find out by talking to support as a non-user of the product. That alone increases the security threat to you since a whole array of people can continually impersonate you on their service doing god knows what and no matter how early or late you realise you can't trust them, you can't log them out of your account on their device. So, how does NordVPN who is also a diehard 'no logs' VPN in the genuine sense of the term, keep to its 'maximum 6 devices using the VPN at any time' policy? Well, that's classified, as in it's a copyrighted audit report that only users of the VPN can access and agree to reveal nothing of when seeing it so it's up to Nord to truly explain it but to put it simply; it's based on using a server solely used for the counting of devices, that is independent of the data transfer happening in one's session. That is obviously the only way this could be done and is how Hotspot Shield does it too, as does ExpressVPN.

Value for money and customer support

Some of the most expensive VPNs (other than ExpressVPN, which has fanastic support) do not offer true 24/7 live chat. You are often talking to a bot, not a person, and they cover these hours by automated 'please ask later' stuff and Idk what I didn't go ahead and test every single one as that's immoral to do if I'm never intending to use the product even if the support is good. Live chat support is not available on many VPNs even as a premium user. That is hilarious as they are often more expensive than SurfShark, which is the single cheapest and yet one of the single best. NordVPN is the best as an all-rounder and is weak in no category at all other than split-tunneling capacity on computers.

If you are in an oppressed nation and use NordVPN just take note that you need to use obfuscated servers (equivalent of SurfShark's camouflaging which is automatic and not opt-in or opt-out but only properly works if you have OpenVPN UDP and avoid split-tunneling, oh yeah and you have to choose their NoBorders option, which they never explain is actually their camouflage mode but I think it's because the support staff never realised this is the in-app name of the website-named 'camouflage mode'. Since it's automatically opted-in they say it's automatic with the product).

You will find that NordVPN and SurfShark are the options to go for if you are in an oppressed nation and using them behind a browser like TOR or Firefox with good privacy add-ons is your best bet at freeing your mind on the Internet.

RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
NordVPN completely deletes the device and usage data after your session, but the other 2 do not necessarily do so althought they perhaps stay 'true' to the policy as they keep it airtight within their company.
Dr.Franklin
Dr.Franklin's avatar
Debates: 32
Posts: 10,672
4
7
11
Dr.Franklin's avatar
Dr.Franklin
4
7
11
I agree
RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
NordVPN has great speeds if you pick a location close to you and don't make it obfuscated (but obfuscation is a must if you are in an oppressed nation, regarding Internet rights).

I may have been wrong about Split tunneling on Surfshark using IKEv2 but it still is much less open about what/how to use its functions, though for the money paid it is indeed brilliant. If knowing everything about your VPN matters less to you than having a lot for less money, go for SurfShark, if you like to know a lot and still have a fantastic deal that makes split tunneling awkward as hell to make work, go for NordVPN as in all other ways it equals and/or surpasses Surfshark while still having an absolutely brilliant price for the 3-year plan.
RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
Any other VPN is either based in a nation where logs are obligated to keep and can be demanded at any times (even if it says it keeps no 'personally identifiable' logs, it's keeping many logs that are required by law) or is based in a good enough nation and situation security-wise but simply is too expensive vs what it offers.

I know for a fact that if you're in an oppressed nation the camouflage mode ('NoBorders') of SurfShark and the Obfuscated servers of NordVPN (Nord works brilliantly with Onion Router, TOR Browser for computers and Orbot router + Orfox browser for Android... Don't use iOS if you seriously want to connect to TOR... This matters a lot. ExpressVPN is good at that but is a rip-off price wise. Also, in very oppressed nations, ExpressVPN addresses and DNS servers are usually one of the first targetted by authorities like China, because it's such a high-end one that they know a lot of data transfer will happen over. It takes them up to 5 days to recover from a proper China security hit and other nations that dislike VPN target it also, but tend to struggle if you use the stealth mechanism properly.

If you have the money to buy ExpressVPN and require high speed connection on top of Stealth/Obfucation then sure, go for it. NordVPN has fantastic enough speeds if you don't need obfuscation and the obfuscated speeds are great for general browsing, as is SurfShark. I prefer NordVPN because it gives you more clarity on how to opt in and opt out of that, as well as clearly explaining when obfuscation is not happening. SurfShark support seem to think it still is camouflaging when on P2P servers as well as the double-VPN... In fact SurfShark even offers Virtual Servers that it claims it's obfuscating you while connecting to... That is insecure to do and ridiculous to add on top.

393 days later

RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
-->
@vpnconnections
Your website has reviewed 3 VPNs; NordVPN, ExpressVPN and SurfShark.

I recommend all three, in that order.
SirAnonymous
SirAnonymous's avatar
Debates: 3
Posts: 4,140
3
7
10
SirAnonymous's avatar
SirAnonymous
3
7
10
-->
@RationalMadman
I thought I was watching one of those YouTube videos that starts with a minute-long ad for Nord VPN for a second there.
RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
-->
@SirAnonymous
Are you one of these people who thinks advertising is evil and goes for something like PIA instead?
SirAnonymous
SirAnonymous's avatar
Debates: 3
Posts: 4,140
3
7
10
SirAnonymous's avatar
SirAnonymous
3
7
10
-->
@RationalMadman
Not at all.

140 days later

Bringerofrain
Bringerofrain's avatar
Debates: 7
Posts: 516
3
4
7
Bringerofrain's avatar
Bringerofrain
3
4
7
Isn't Nord a United States based company, but vulnerable to subpoena's? 

I am in the United States so I look for VPN companies u likely to cooperate with the American government. I would also suggest VPNs unlikely to work with Chineses and russian governments as well. 
RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
-->
@Bringerofrain
Based in Panama.
Bringerofrain
Bringerofrain's avatar
Debates: 7
Posts: 516
3
4
7
Bringerofrain's avatar
Bringerofrain
3
4
7
-->
@RationalMadman
Wow nice. 

RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
-->
@Bringerofrain
One thing that ExpressVPN has (but soon NordVPN will equal them on this in another way) is complete invulnerbility to local leaders in very conservative nations suddenly snapping their fingers despite privacy laws. In Turkey,there was an understandable reason for the government to do this:


The reason Express has this 'edge' that enables/enabled it to operate in countries most VPNs would steer clear of is that they run their information on pure RAM discs, not genuine servers, there's nothing stored at all in the memory, what the government holds is an empty disc.

In the case of almost all other VPNs except for VyprVPN, the actual servers are not truly under the absolute control of the VPN provider, they are being rented. The reason that this doesn't truly matter is that it is quite simply implausible (not impossible) that the server-provider would keep physically replacing servers to feign having wiped the memory, since the renter is able to make sure things get deleted from servers after each use, but more importantly if the VPN provider is located in a nation such as British Virgin Isles or Panama, it means that very little can be done to obtain proof that a particular activity was done by any particular user.

Furthermore, NordVPN is moving towards completely owning its own servers just like VyprVPN, do note that VyprVPN does not at all promise no-logs in the way that NordVPN does, read the fine print and you will realise that in fact it is owned by Golden Frog, which while it is definitely dedicated to privacy and security, is based in Switzerland who have what we can call watertight privacy laws (whereas Panama and British Virgin Isles have airtight). There are absolutely loopholes in Switzerland's privacy laws that force it to hand over information if other EU nations or their allies (such as the US) can give a good enough reason to force the hand of Switzerland. While this is much more difficult than normal and not obligatory storage period of data is there, if you actually read the fine print of the 'logs' section in the terms, or whatever, of VyprVPN, it does not at all promise 0 logs, it promises to not ever sell them or hand them over and justifies that it is capable of resisting thanks to being based in Switzerland.

I am not saying Vypr is bad, it just lacks in a few departments (for instance, since it openly owns its servers and buys them all in the name of its company, Golden Frog, it is extremely easy to see you are using this VPN... The ISP will give it away, which means that for any purposes of 'unblocking sites and services' it is mediocre whereas in terms of encryption and such, it's top tier).

NordVPN does not yet own all its servers and will probably only own them all via the NordLynx protocol whereas the standard OpenVPN protocol is likely to remain on rented servers until it's rich enough to properly convert. Even then it won't invest in the physical disc storage system that ExpressVPN has, as opposed to server storage system of other VPNs. In practise, deleting server info is still totally secure, but the reason that using discs for temporary processing memory and running primarily via RAM is more secure, is because quite literally even if you wanted to, you couldn't hand over information thanks to the mechanics of what ExpressVPN has in place. The cost reflects this, it's double the cost of NordVPN on long-term plans and still much more, albeit not double, for shorter-term plans, almost entirely due to that one factor and how much it costs.

Read number 5 here:

NordVPN will end up equal to ExpressVPN but at the moment is approaching VyprVPNs status, it is taking time due to cost and logistics more so than technology.
Bringerofrain
Bringerofrain's avatar
Debates: 7
Posts: 516
3
4
7
Bringerofrain's avatar
Bringerofrain
3
4
7
-->
@RationalMadman
Well damn. I think you sold me. I usually go the free VPN route when in coffee shops or trying to watch german netflix, but I think you sold me on Nord VPN for my pirating needs, seeing as how the last stimulus package seemed to sneak some stuff in there about heavier punishments for piracy. 

RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
-->
@Bringerofrain
I never encouraged pirating anything in this thread.

I also didn't really advertise, it is simply objectively true that Nord is superior in the overall categories, they even have P2P servers that specialise in handling torrent traffic but do note that torrents are not inherently pirate software at all, to transfer ANY extremely large file legally requires torrenting unless you want to wait a huge amount of time.
RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
-->
@Bringerofrain
Free VPNs are terrible for the purpose you are describing, not only do they protect worse (except for Hotspot Shield which gives 500Mb free per day, genuinely) but they are obviously used by many people, meaning it's piss-easy for sites that you're trying to unblock, to know you're trying to do so, since many others will be doing the same from the same IP.
RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
-->
@Bringerofrain
VyprVPN is a zero log VPN Service. Golden Frog does not record or retain any user data when you use the VyprVPN Service.
I want you to notice what it says with 'user data' now compare it to NordVPN because user data doesn't mean it's deleting logs of what you, the user, did. It means it's deleting your username being linked to said activity after the session is over. You are smat enough to understand what thateams can happen prior to deleting it, as well as what that means may be kept permanent logs of, especially as they own all their servers unlike most other mainstream VPNs.


They have been audited, but so has Nord.



Pay attention to what they DO NOT explicitly say they aren't keeping logs of, it's things like this that separate most good VPN providers from Nord, in my opinion.


Instead NordVPN has been audited to prove it keeps no logs (only subscribed users can read the full audit, for whatever reason, and we agree to the terms and conditions of not pasting the contents of it or talking specifically about what's inside) I can tell you the audit fully explains the mechanics of their no logs and it is essentially a perfect no logs system.

As for the promise they give:
Requests for data. Any request for user data should follow an appropriate legal process to be recognized by the laws of the Republic of Panama. Being based in Panama allows us to keep no logs of users’ online activity (no IP addresses, browsing data, traffic information, etc.). This means that we are unable to link an individual user to a specific IP address, connection timestamp or other information that we do not collect. Therefore, even in cases we receive a rightfully served request, it might be impossible for us to identify a specific person or provide any identifying information related to that person. In cases where, following an appropriate legal process, we are able to identify a specific person, we will provide the limited data we process per our Privacy Policy. Depending on a specific case, this may include user’s email, payment information (date of purchase, payment method and available details), subscription period, password expiration date or a country the user chose when registering for the Services.
To read more about the details of their promise, see here:


580 days later

RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
I have researched and this is still the case. Almost exactly the same. In fact Nord has a speed edge it didn't before, now, thanks to the Nordlynx encryption method.

Nord also allows split-tunneling now but I do believe that it's better to 'totally encrypt' your raw connection, exceptions lead to issues potentially.

27 days later

Public-Choice
Public-Choice's avatar
Debates: 19
Posts: 1,065
3
4
8
Public-Choice's avatar
Public-Choice
3
4
8
Hideme is my pick. They are based in Malaysia which doesn't have any agreements with other governments and they don't record anything permanently and clear out their servers daily.


They also use AES-256 bit encryption.

The only one I know of that uses advanced encryption is ProxPN but they have atrocious reviews despite the 1048-bit encryption they used.

Though if Snowden is right the NSA can already crack every type of encryption available in a matter of minutes.
RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
-->
@Public-Choice
Snowden never said that.

Also, that extreme of encryption is actually unnecessary and slows the connection too much.

NordVPN has an encryption method called Nordlynx, almost just as secure and revolutionary speeds. Research Wireguard to understand what is utilises.

Also make sure you realise that your NSA worries and that VPN are not linked in reality.

Has it ever been audited?
RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
-->
@Public-Choice
Nordlynx took wireguard and made it so that it deletes user info every time, Hideme uses raw wireguard which is fast and reaource-light but it notes every time you connect and to which server etc.

Why does it not warn of that?

Malaysia is a borderline Sharia nation. Are you sure it has good data retention policy for the VPN to maintain its no logs? Does it delete logs instantly or every few days?
RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
-->
@Public-Choice
How is it at georestriction unlocking, speed of connecting etc?

353 days later

nicoletjunior0
nicoletjunior0's avatar
Debates: 0
Posts: 1
0
0
0
nicoletjunior0's avatar
nicoletjunior0
0
0
0
It's clear that you've delved deep into the technical aspects of VPN services and their impact on user psychology and online activities. User psychology plays a crucial role in choosing the right VPN service, as individuals often need to balance security and convenience, especially when split-tunneling is involved.
Your insights into SurfShark's split-tunneling and its potential implications for users engaging in sensitive activities, such as online poker or financial transactions, are indeed valuable. It highlights the importance of not only the VPN's features but also the clarity and ease of use for those features. Complexity in whitelisting programs can lead to user error and unintended consequences.
Your comparison with NordVPN's approach to split tunneling on Android and the use of browser extensions provides an interesting perspective on different VPN services' strategies and their implications for user experience.
ExpressVPN and Hotspot Shield also come under scrutiny here, illustrating the importance of trustworthiness, pricing, and the need for robust privacy policies in the VPN industry. Trust is a significant factor in users' decision-making processes, particularly when it comes to entrusting a service with their online activities.
Overall, your analysis sheds light on the intricate details of VPN services, revealing that user psychology and trust are essential considerations when choosing the right VPN for one's needs. Thanks for sharing your insights and experiences.

16 days later

FLRW
FLRW's avatar
Debates: 0
Posts: 6,550
3
4
8
FLRW's avatar
FLRW
3
4
8

The Opera Web Browser has free VPN.

113 days later

RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
-->
@FLRW
this doesn't encrypt at all
ebuc
ebuc's avatar
Debates: 0
Posts: 4,888
3
2
4
ebuc's avatar
ebuc
3
2
4
Yay, rational madman is back! Even tho they still have me blocked.

I been using free Proton VPN for month or so.  I like it.
RationalMadman
RationalMadman's avatar
Debates: 574
Posts: 19,931
10
11
11
RationalMadman's avatar
RationalMadman
10
11
11
-->
@ebuc
Liking it doesn't make it the best but ProtonVPN is superior to Opera's for sure.
ebuc
ebuc's avatar
Debates: 0
Posts: 4,888
3
2
4
ebuc's avatar
ebuc
3
2
4
Liking it doesn't make it the best but ProtonVPN is superior to Opera's for sure.
I agree on both your assessments.  Thats about normal for you and I. Yay! 

Glad your back. This place is just not the same without you. Even tho they still blocking me.