John Hardy Fast VPN Guide

Win 6 months of Internet Freedom!



We're giving away a 6 month pass absolutely free!  Entry is very straight forward and there's no automatic opt-in if you don't want to be on our mailing list.

The contest is short and sweet (how we like it), so if you're interested be sure to get your entry in by midnight this Sunday (1st March 2015).

How to Hide Your IP Address


I am concerned for the security of our great Nation; not so much because of any threat from without, but because of the insidious forces working from within.

Douglas MacArthur

If you're concerned about privacy, you need a VPN

This is a quick guide to the benefits of VPN software. If you're already sold on the need for one, please find our review guide here, or our guide to free alternatives.


If you're uncomfortable with the thought of your information being freely available on the internet, including:

  • Your location
  • Websites you've visited
  • People you've contacted
  • Who you are

then you probably also know that your IP address can reveal them all.  So what can you do about it?


How to Hide Your IP Address

The most straight forward way to hide your IP address is to use a VPN Service - a Virtual Private Network.  Here are some of the biggest and best:



This is a guide to how to choose the best ones, and how to get the most out of them.


VPN Services: What do they do?

A virtual private network (VPN) encrypts all communication data while it's still on the originating computer, and decrypts it once it gets to the destination.  Practically speaking this means that all traffic is protected.

VPNs are sometimes referred to as 'tunnels', because they provide a route to the destination that's hidden from the world.

VPNs are highly effective at protecting user data on the open internet.  Even if intercepted, the data is encrypted and so cannot be used against the user.


Why is it important to hide your IP Address?

Recent revelations by The Guardian and New York Times newspapers have provided proof that:

  • GCHQ (UK Intelligence) captured images from 1.8m webcams in a 6 month period alone, during Operation Optic Nerve.
  • The NSA owns and operates a 1 million sq foot datacenter in Utah holding multiple exabytes of intercepted internet communications. 
The essential piece of data that's needed to track this information back to you as an individual is an IP address.  IP Addresses can easily be used to give detailed location information (down to city block level), and can link activities through time.

Using a VPN allows you to both hide your IP address, and hide the data you exchange with the internet.

But to do so securely you need to:

  1. Know that your VPN service is secure and discrete.  Here's how...
  2. Know that your VPN is configured properly.  Our reviews show you how...



Heartbleed Bug - Is your VPN Service Secure

Now that the sensationalism has died down a bit, I thought it would be useful to have a quick review of which VPN services definitely have patched against the Heartbleed bug, and which ones didn't need to.

Firstly, a quick recap in case anyone has missed what happened last month, or hasn't caught up on the details.

Heartbleed Bug and VPNs

The Heartbleed bug is a bug in the OpenSSL code which allows a remote attacker to read the entire contents of the memory of a http server secured using it. It does this by sending a "heartbeat" (hence this name) - a piece of data that's sent to the server to prove that it's working and accepting connections. By design it doesn't matter what the data is - it's just random. It's the fact that the server sends back an exact copy that's important and implies that it's working.

However, because of a flaw in how OpenSSL deals with this, a remote attacker can send a single byte to a http server, and ask for 64k bytes in return. Without asking (before the bug was patched), the server would send back what it was asked for - 64k. Only almost all of that was the contents of the memory, sent without being wiped and sent to anyone who asked.

At one point the bug, which impacted 17% of all secure servers everywhere, looked so bedded in that it would be simpler for core access to be turned off to the internet. Yes, that was one solution that was actually discussed - turn off everything until it was fixed.

Luckily, this wasn't needed. But to be sure, any unpatched code which relies on an old version of OpenSSL is wide open. Any script monkey can download the entire contents of its memory. This isn't NSA hard, this is "my grandmother" hard.

VPN Service Providers - Review of Heartbleed Patches 

 Part of what I'm trying to see here, as well as whether the Service providers have taken their job seriously and have patched against Heartbleed, is how serious they are about customer support.  To do this I'm going to send an identical email to each of the providers in the list, at the same point (today - 4 May.)  The email reads:

Hi, 

I'm aware that there's been a major bug exposed in OpenSSL. I've used your service in the past and would like to know if you've now patched against this, and what date you patched.  It's very important to me to know the exact date as I'm trying to understand for how long my personal data was vulnerable after the Heartbleed announcement.

Thanks for your help
John
As the replies come in I'll post the date I receive them, and any text they add to it in full.

Check back if you'd like to know the result.

Updated Kepard VPN Review




Kepard VPN

FAST VPN GUIDE REVIEW

Date of Review:  30 Apr 2014


Description

Kepard VPN is not the biggest VPN service out on the market but is a decent VPN service for its price.  The software has a good user interface, one which can easily compete with the bigger VPN services out there.  Mac and IPhone versions are not as good as the Windows and Android ones which have a better design and user interface.

Technical Data

User:
    Download: Windows, Linux, MacOS, Android, iOS
    User Support:  24x7x365
    Traffic Limit:  Not Limited
    Bandwidth:  Best speed available (not restricted, contended.)

Technical:
    Protocols: OpenVPN, L2TP, PPTP
    Encryption:  Up to 256 Bit Encryption   
   
Legal:
    Business Base: Offshore service provider

Sales Pitch:
    Allows torrents and P2P on NL servers
    Easy to use application
    Connect from two locations same time

Pricing

Kepard offers a one month pricing plan at $ 7.00 a month, 3 months at $19 and 12 months at $35. This gets you access to VPN servers in the US, UK, Germany, Canada and the Netherlands, connecting using OpenVPN, L2TP or PPTP protocols.  You can also connect to P2P torrents, as long as you are connected to the Netherlands server.

We did find a recent mention of a lower cost option for mobiles.  It was posted in this blog post, but hasn't yet been reflected in the main sign up page.

In Use

We put the Kepard VPN service through a one month anonymous trial, in various locations from airports to coffee shops, and at home over broadband connections.  The results were very encouraging. The initial set up is a pretty standard download and install, and it took seconds to connect from most sites.  While in use it was very smooth.  Quickly connecting to the VPN was through a single click, as was disconnecting.  The change between VPN server locations (often a weak spot for VPN Services) was very quick, although the switch in protocols sometimes took a couple of tries before it successfully reconnected.

A nice feature is the warning that pops up when the VPN connection is lost for whatever reason.  There is few things more dangerous to your personal information than thinking you're on a secure connection when you're not, so having a dialogue pop up front and center to warn you when the connection was lost was a real plus for this service.

Kepard VPN allows you to connect using two devices at once, on the same account.  This was useful on the move - often this reviewer uses both a phone and a laptop or tablet simultaneously.  A few of the larger VPN providers (such as HMA) restrict it to one which is limiting.

Finally, about half way through the month Kepard issued an update, which is always good to see.  This was pushed out smoothly, and did not cause any downtime or reconfiguration.

Support

 

The website looks good and is easy to navigate, but documentation and support isn't the best, only a short FAQ is available although there is more once logged in.  This isn't such a problem with the initial install as this went very smoothly on all devices, but as the interface does allow easy access to the configuration, there is always a chance that the defaults will be messed up by mistake.  Undoing this without better support would be tricky. 

Kepard also provides a blog site which has a lot of information about the software.  Don't get too excited about this though - when we looked it had last been updated 3 months ago.

Privacy & Security

Kepard do state very clearly that they hold logs for three days.  The significance of this will vary depending on your own views, but the stated log contents seem to be fairly innocuous; they list name, the details used to register the service, and the date and time of the connection, as the limit of the stored information.  Notably however, buried in the Terms and Conditions, Kepard also says that they keep the IP address of the device you're logging in from.  They also state that they will collaborate with the authorities if given a subpoena, but as this is a legitimate business they could hardly do otherwise.

Although it seems unlikely that this information would be much use, even if seized in the three day window, we would urge you to take your own view as always.  Although it takes resources and time to do so, this data can be aggregated with other wire tap data to provide a richer picture of what traffic is passing.

For the Encryption, the website stated that it has a 256-bit encryption but some comments left claim that it’s only 128-bit.

Conclusion

We really like this VPN service.  It's easy to use, and relatively cheap.  We also love the android version; even the windows client  is one of the best VPN clients on the market.

HidePad Review: A New VPN Service for Mobile Devices



Overview of HidePad

A new service has been set up that offers cheap, direct VPN security to mobile device users. Over the last few weeks I've been carrying out a 'mystery shopper' excercise, first by setting up HidePad on various devices then running it as my primary VPN service.  Here's what I found.

Installing HidePad

HidePad is billed specifically for iPad although it works on all devices. However, taking them at their word I decided to set it up first on an iPad mini.  

The installation is identical in many ways to the likes of HideMyAss - it uses the in-built iOS configuration tool to set various parameters, then allows users to log in to the service with a single click.

Although there wasn't much in the way of documentation, I found this part of the service straight-forward.  The setup page on their site gives ample pictures and walkthrough, and is less disconcerting than other VPN services which take over the device during installation.

All that is required for configuration is to enter your credentials and the service details from the sign up.  Start to finish I installed this in around 2 mins, standing on a train during the commute.


Also, it's worth saying that the PPTP connection (and L2TP) is just as capable of being set up on other devices. There's nothing particularly unusual about the way HidePad have set up the service, which is reassuring.  

Just to be sure I also installed a profile on a Google Nexus and Windows phone.  Although in both cases it needed to use the inbuilt setting area to set up, both worked fine.

Connecting to HidePad

Hidepad are adding more servers almost daily.  When I first looked at this service they had around 20; now it's closer to the 40 mark.  Given that the iOS devices are not good at changing between VPN Servers, this is more than ample.  The usual usecase is to install one profile with a server, use it for a while then change when you feel it prudent.

Security

The technology used is identical to the larger VPN services, and so in terms of security just as good at hiding your session data.  I also verified that the SSL version was Heartbleed safe, as this bug was announced during the trial - from my tests it appeared that HidePad were initially vulnerable, but moved quickly to remove the vulnerability.  All signs of a well run service.

Cost

The lowest cost option for HideVPN is $4.99 based on 36 months, with a sliding scale down to $8.99 for one month contract.  There is also a 60 day free trial, which is more than reasonable.  If it doesn't work for you and your location, then 60 days is more than enough to find out and ask for your subscription back.

Summary

HidePad is relatively new, but entirely capable.  One worth trying, not least because of the free trial.

How do you know your VPN is secure and discrete?

Trust, but Verify.
Russian Proverb

Know who's behind your VPN

Using a VPN Service allows you to surf safely, knowing that your location and data are hidden from view.  But it's not enough just to select one on cost, or simply because it's free.  The danger is you think you're protected when you're not. 


Why can't I just trust the VPN Service?

Although a VPN stops your traffic from being intercepted, there is one party who still has full access to your data and IP Address - your VPN Service provider.

This is because they are the ones who decrypt it just before it passes over to the website you're viewing.  At that point not only can they see your traffic, but potentially they can record it.

VPN Service Providers may store your IP in their log data

A VPN service that records everything wouldn't last long in the marketplace, but many do record some information in their logs.  This can:
  1. Help in running their service
  2. Be required by the law of the land in which they operate
It's vital when choosing an VPN therefore to understand whether and to what extent the service records 'log' data of what is happening on their servers.  This is often buried in their terms and conditions.

We've compiled a list of what various VPN Services do with their log data here.


VPN Service Location is Vital

Services based in the US can be compelled to turn over this information, and so the base location of the service is also of interest.  This isn't just the location of the firm - it also means the location of the server you're connecting to.  Some VPN Service providers allow you to connect to specific countries.  Some limit the countries they operate in to ones which appropriate privacy laws.  Some simply hope they're not subpenaed

Most VPN services of any size have more than one server, often if diverse locations.

How good is your end-point security?

VPN encryption ends with the VPN server.  Once unencrypted there, the data has the same level of vulnerability as it originally had.  It's therefore still important to take notice of the encryption and security put in place on the website you're visiting.  If that's unsecure, so will your data be.

How many IPs does the VPN Service have?

Finally, VPNs generally do not provide dedicated IPs (that would be defeating the point somewhat.)  Therefore, while you're surfing you could be sharing an IP with people dotting around the net.  This is normally not an issue, but you may consider it an additional risk.


Some Good VPNs to Consider

We've published a number of reviews of VPN Service providers, and have field tested many more.  Here are our top four as of April 2014:

  1. Kepard VPN
  2. Hide My Ass VPN
  3. Strong VPN
  4. Pure VPN


Web Proxies and How to Hide you IP Address

Website Proxy Services 

Some services provide proxy services through a website.  Using it as a portal, you enter the URL of the final destination website and the service fetches the data, and passes it back to you.  These services can be quite slow, but handy as they can be used whenever you have a web connection.

Configuring your browser or OS to use a Proxy

Many browsers and all Operating Systems available today allow for traffic to be routed through a proxy server.  Whereas a proxy service will utilise a network of proxies, do-it-yourself configuration tends to route traffic through one or a small list of servers.  This weakens the privacy provided, but is still useful in certain circumstances.  Often Google tracks the IPs of these servers and blocks them; you may find that you need to 'harvest' new proxies to use on a regular (if not daily) basis.

In addition, proxies configured in this way fall into three types:

Anonymous Proxy

This type of proxy server identifies itself as a proxy server. It is detectable (as a proxy), but provides reasonable anonymity for most users. 

Distorting Proxy

This type of proxy server identifies itself as a proxy server, but creates an "incorrect" originating IP address available through the "http" headers. 

High-Anonymity Proxy

This type of proxy server does not identify itself as a proxy server and does not make available the original IP address.

Back to Home

Why You Need to Hide Your IP Address

Your IP Address reveals your:
  • Country
  • City or Town
  • Mobile Network
  • Web pages you've visited
  • Identity
If of whatever reason you would prefer not to have this information available to hackers and governments alike, you need a Virtual Private Network (VPN).

This site has a guide to some of the best ones, including:
It also has guides on what a VPN is, and why you need one.

So if you are concerned about privacy, please read on...


What is an IP Address?

An IP address is exactly like your physical address - they're a vital part of the internet.  They're used to make sure that data reaches where it's meant to go.  Without them, the internet simply wouldn't be possible.

Why should I care about my IP Address?

Your IP address holds a lot of information about you.  It can pinpoint you to a specific country, region and city.  It can pinpoint you to a certain service provider.  It can be used to aggregate information about what you do on the internet, bringing together data gathered over days or weeks.  

In addition, an IP and MAC address (the hardware serial number of a computer) can be used with tools such as Wireshark to intercept data.  This includes VOIP, emails, passwords and chat.   

IP Addresses are used to pinpoint your identity.


Who uses IP Addresses to Identify Users?

IP addresses are commonly used by:
  • Web Analytics Companies
  • Advertisers targeting ads
  • Surveillance agencies, to pinpoint illegal activity
  • Hackers, to pinpoint targets

It's therefore now considered by many to be unwise to reveal your IP address while surfing at home, and close to reckless to do so on a public network.

How to hide your IP

Most commonly, a VPN service are used to provide anonymity.  A VPN is a server or network of servers that allows users to redirect all of their internet traffic through their connection.  The open web therefore only sees the traffic coming from the VPN server, and cannot trace it back to the user.

Here's the guide on how they do it, and what you need to look out for in choosing a VPN service.

BlackVPN Review

Black VPN

Review In Detail

It’s quite rare to find a VPN service that we can recommend to novices and techies alike, but BlackVPN gets the balance about right. One thing that adds real appeal to blackVPN is the care that’s clearly gone into some of the detail, such as the explanations of the technology that we found in the documentation.

Though there are also some little criticisms, maybe adding more support options such as live chat and a clarification with the 14-day warranty, this is a good, solid service.

Packages & Pricing

BlackVPN offer a wider choice of packages compared to other providers. It offers packages with a choice of time commitments such as specifically monthly, quarterly and annual. Asides from that, blackVPN also offers four different service options:

  • TV package - Provides access to servers in the USA and the UK and is aimed at those who wish to view streaming media from other countries.
  • Privacy package- Which costs the same, instead provides access to servers in countries such as Switzerland, Panama and Russia.
  • Global package- that includes access to all of the provider’s servers, and a final option of signing up for access to a single country for a lower fee.
  • Price-wise, the cost reduces based on your commitment period. For example, the “Privacy” package costs €7.50 per month on a monthly basis or €75 annually, saving subscribers two months of subscription charges. Total costs are all in the average range for services of this nature.

While blackVPN offer no free trial, the provider does widely advertise a 14-day money-back guarantee

Customer Service

BlackVPN handles customer service via a support ticketing system. There is also an online web form available for sales queries. When we tried this out by submitted a query, we received a response within 12 hours - that’s not bad compared to other services.

So far, there no other options for support available.

Security and Privacy

BlackVPN’s support section taught us almost everything we needed to know about the technical details of the service, with the exception of the encryption levels in use.  We needed to check these with the support department.

Other details were easy to ascertain.  The provider offers a choice of PPTP, L2TP/IPSec and OpenVPN protocols.  (BlackVPN provides a detailed explanation of the differences between them.)

Encryption, in the case of OpenVPN, is AES-256 with 2048-bit keys.

BlackVPN are also very clear about privacy. Fundamentally blackVPN is a “zero logging” service, which is good news for those concerned about online privacy.  The provider does, however, keep note of which users are assigned which IP addresses and state that they will follow up on any copyright violation notices.

Summary

Overall, BlackVPN is great service to use. This service support OpenVPN for Mac OS X 10.8. The performance ranged from above average to superb but it depends on what server you have. There's no loss of speed when it comes to browsing and downloading. It might not have the bells and whistles when it comes to a dedicated custom GUI connection program but for anyone with a small knowledge of computers or the ability to follow instructions the set up shouldn’t be too difficult because the documentation is detailed, which will help novices to understand it.  The only negative thing that you can find with this service is the lack of manual connection to US and Asian servers which might put off to those people living in those areas.


PureVPN Review

Pros
No need to judge which is the best server to connect to - the software works it out for you, making sure you always have the fastest connection.

Cons
Somewhat more confusing installation than the competition, although this has improved recently.  No OpenVPN standard.  A standard account is restricted to two simultaneous users.

Overall
A solid performance from a well established company.  PureVPN can be relied on.  Unlike some of the 'reseller' services which simply re-badge existing services, PureVPN have extensive experience in customer support, and the backing of a large customer base. 

Review In DetailAs a personal VPN service, pureVPN protects online activity so that users don't have to worry about who may be trying to track or read what they are doing online. It's easy to use, hides your online activity from eavesdroppers, and allows you to spoof your IP address to view content that is restricted in certain locations. PureVPN fits in well with the rest of the competition, but it also includes a few unique features and capabilities that may appeal to advanced users.

The market for VPN services is getting crowded, with several security companies rolling out offerings to complete with pure-play VPN providers.  For the most part, they all work the same, connecting the computer to a server in a specific geographic region and passing all online activity between a computer and a Website through an encrypted tunnel. Being able to use an IP address other than the one assigned by your Internet Service Provider makes it hard to trace online activity back to you. This can be useful to thwart government censors and snoops, as well as to access services that are geographically restricted. Depending on the service, users may have more or fewer server choices, but this is generally a turn-on-and-go type of software.
To use PureVPN, you need to have a paid account. PureVPN gives a lot of options, though, beginning with $9.95 a month, $24.95 per quarter, $44.95 for a 6-month subscription, and a $49.95 annual subscription. Unfortunately, if you have more than two devices, you will need to get multiple accounts, as PureVPN supports only two logins per account

There is also a corporate version, where businesses can pay on a per-seat basis—$275 for 25 users, $475 for 50 users and $925 for $100 users. PureVPN promises to set up a dedicated server for the business, for a non-shared connection.

InstallationRight from the start, pureVPN felt different. The second screen in the installation process asks for the user's location: "rest of the world" or "China." I picked the option "rest of the world" for the original installation. It turns out I'd just downloaded the tool to kick off the installation—the actual installer executable is downloaded after I specify my region. If you don't have .NET Framework 4.0 Client Profile installed, the installer prompts you to download and install that, too.

When I launched the tool after installing, it prompted me to go through the "Get Started" guide. Once complete, I was in the pureVPN interface, a single window with the status in the upper right corner and various menu options on the left side of the screen. The bulk of the interface was dominated by a graph tracking how many packets were being transmitted in real-time.

On my second installation, I chose China, and saw that it downloaded a different executable than the "rest of the world" installation. With the "China" version, you don't get to choose the servers to connect—the software handles it for you. The software is designed to bypass government censors
Overall, the installation process feels a little long, compared to similar services. Considering how we view VPN as a set-up-and-go tool, the time it took to get set up seemed a little excessive.

Getting StartedThe PureVPN interface has a login box towards the top of the screen, along with a drop down to select the protocol I was going to use to secure my VPN connection: PPTP, SSTP, and L2TP. PPTP is the most well-known and easiest one to work with. Many VPN services tend to offer PPTP or OpenVPN—which is why I was surprised OpenVPN was not one of the options offered.

The server drop down (in the "rest of the world" version) lists "fastest servers" across 21 countries, including Australia, Brazil, Canada, Costa Rica, Egypt, France, Germany, Hungary, Ireland, Luxembourg, Malaysia, Panama, the Netherlands, Romania, Russia, Singapore, Sweden, Switzerland, Turkey, the United Kingdom,  and the United States. Within the U.S., I could chose between servers in Atlanta, Chicago, Los Angeles, New York, Phoenix, Washington, Chicago, Miami, and Sayreville, NJ.

That's an impressive list, right there. I entered my login credentials, hit connect, and I was up and running. It's not as low-stress as Norton Hotspot Privacy or avast! Secure Line, but it's still pretty straightforward as VPN services go.

Once I was connected, I could see my connection status, my new IP address, and the duration of my session in a box on the upper right corner of the interface. I could also view the traffic chart, showing me how much bandwidth I was consuming during my session. It's a good way to be aware of my Internet usage, but considering PureVPN doesn't have bandwidth caps, I wasn't sure what its primary purpose other than just "fun facts."

Intelligent Server SelectionSome countries had multiple servers I could connect to, and I could pick which one to use via the Personalized Selection menu option. This was an interesting and quite appealing menu.

PureVPN lets users select a server manually (under the Browse All Servers tab) or let the service select one for them, using "Intelligence." Via a dropdown, the user would specify the primary reason for using the service, such as for watching TV, unblocking websites, VoIP, privacy concerns, or even just getting anonymity. The service would take into account real-time load on the server, the user's current geographic location, and the stated "purpose" to decide which server the user would benefit the most from. Pretty cool.


PerformanceWhile PureVPN was on, I watched some music videos on YouTube, played some music on Pandora, and uploaded large images to my Picasa account. I didn't notice any noticeable lag to make it harder to perform these tasks on their own. The bandwidth chart that comes with the software got quite colorful at times.

I tested pureVPN by connecting to various wireless networks in public spaces as well as private network, browsed the Web and online forums, and logged into various accounts such as Amazon and banking sites. I had Wireshark open the entire time to analyze all the network activity entering and leaving my computer.

To measure network speed, I ran the speed tests from SpeedTest.net. The tests are designed to measure download and upload speeds when connecting to servers in different cities. I connected to a server, and then looked for a server closest to that location on SpeedTest to run the tests. I ran the test twice with the VPN service turned off, and again when turned on, and picked the best measurements. The figures below are over a wired connection. Since the list was so long, I tested the servers in the U.S., Malaysia, the Netherlands, Germany, and Turkey.

PureVPN Performance

The best part about the service was how well it boosted performance when accessing international servers. Performance was in-line with many of the other paid services.

Compare Paid VPN Services

Nice Contender to WatchIn a market that is increasingly being overrun with VPN services, the team behind PureVPN has managed to add in some features that will appeal to advanced users, but its interface may be just a little too difficult for anyone just hoping for a get-up-and-go VPN service. The split tunneling is only in beta, but I would be interested to see how this capability would evolve in later versions. The lack of OpenVPN support and the harder-that-usual-setup will hurt pureVPN among less savvy users. The performance is solid and reliable.