Though Proxy.sh meets many of our basic requirements, in our tests the company’s Safejumper application had constant errors when trying to connect. Given that we were looking for a simple, reliable VPN, this was a dealbreaker. We also found a story from 2013 with bizarre statements from the company about monitoring traffic on a specific server due to concerns about unlawful behavior of a user on the network. Though the transparency is impressive, the decision to actively monitor traffic is disconcerting. In a response given to TorrentFreak at the time, the company stated, “The situation also shows that the only solution we have to help law enforcement agencies find problematic use across our network, is to clearly install a logging capacity on it. As a result, we are able to either comply or shut down the servers we have in a particular location (it happened to us in Czech Republic few months ago).”
Users need to make sure the provider they select, offers maximum privacy and anonymity. As a result, there should be no DNS leaks. Below we conduct a leak test to ensure that you are not caught by government agencies or copyright infringement trolls in your country. We connected to a server in Singapore, and the DNS address claims the same. Nothing points to our original US location, which means you are completely secure when using Mullvad!
With hundreds of VPN services and clients available, it can be difficult to decide which one to use. We've extensively tested several popular VPN services that met three requirements: They had both desktop and mobile client software (with one exception), they had VPN servers in many countries, and they offered unlimited data use, at least in their paid versions.
Whereas most providers say they log nothing, that’s not always the case. Some record very little data like the day you subscribed, the amount of data you’ve consumed, and delete those logs when you end the session. Other providers log your IP address, the servers you used, and store those logs. If they’re based in the US, UK or any other country with data retention laws, they can be compelled to hand over that data to law enforcement.
A VPN client is software that runs on your device in order to securely connect it to a VPN server. All major platforms (Windows, macOS, Android, iOS, and Linux) come with a built-in VPN client that can be configured manually, although OpenVPN always requires a third party client to be installed. Most VPN services now offer custom clients and apps, which are the easiest way to use their service as they come pre-configured with all the correct settings. They also typically offer a range of funky and useful features that are not available by simply manually configuring the built-in VPN client. To clear up any confusion, a ''VPN client'' and a ''VPN app'' are exactly the same thing. Traditionally, the word client is used for desktop software and the word app for mobile software, but it is becoming increasingly common to talk about VPN apps on the desktop. The terms are interchangeable.
The remaining connection logs are deleted after 30 days to be exact. This means, nobody can target any user unless they hack the VPN service itself! Very few providers are actually honest about their logging policies and Buffered just happens to rank among them. This paves the path for an extremely transparent relationship between customers and the VPN product.

Since we last tested VPNs, we've given special attention to the privacy practices of VPN companies and not just the technology they provide. In our testing, we read through the privacy policies and discuss company practices with VPN service representatives. What we look for is a commitment to protect user information, and to take a hands-off approach to gathering user data.


We checked Google Searches and other metrics to learn that ZenMate exists as one of the most popular choices for most VPN users. As such, we obviously had to review the provider, which took us around 24-hours. We tested its performance for facets relating to privacy, P2P/Torrenting and streaming/unblocking. Overall, we would say that the Berlin-based provider is definitely upping its game, preparing to compete with other hit services.
CyberGhost is one of the better VPNs out there by virtue of having a number of helpful features, such as a killswitch, which will halt all traffic if the VPN tunnel is suspended for whatever reason, ad blockers and tracker blockers, and built-in shortcuts to sites and services which are either geo-locked or the likes of Twitter and Wikipedia, which are frequently censored by authoritarian goverments.

With endpoints in 18 countries, Kaspersky Secure Connection can be set up so that it connects automatically, connects to an endpoint in a certain country by default, or seeks to establish a connection whenever you connect to an insecure Wi-Fi hotspot. You don’t, however get an automatic killswitch, so if your VPN connection goes south, you won’t be automatically disconnected.


Tunnel endpoints must be authenticated before secure VPN tunnels can be established. User-created remote-access VPNs may use passwords, biometrics, two-factor authentication or other cryptographic methods. Network-to-network tunnels often use passwords or digital certificates. They permanently store the key to allow the tunnel to establish automatically, without intervention from the administrator.
Secure Shell (SSH) is a secure version of Telnet that you can use to log on and open a command line on a remote machine. You can also use SSH to establish an encrypted tunnel between two machines, effectively creating a VPN. Different versions of SSH use RSA or Digital Signature Algorithm (DSA) for secure key exchange and 3DES or Blowfish for data encryption. You can use a free program such as Stunnel (http://www.stunnel.org) along with a free version of SSH such as OpenSSH (http://www.openssh.org) to tunnel protocols such as Web and mail protocols through an encrypted SSH tunnel. All you need is a machine at either end running both these programs. SSH and Stunnel are an inexpensive way to implement a VPN, although setting up such a VPN requires a lot of configuration and might not scale to handle a large number of machines. An SSH VPN can, however, make a nice solution for connecting two servers that need to communicate securely, such as a Web server and a back-end database server.
Welcome to the CNET 2019 Directory of VPN providers. In this directory, we're taking a look at a few of the very best commercial VPN service providers on the Internet like CyberGhost, IPVanish, Hotspot Shield, Private Internet Access and others. Rather than looking at the wide range of free providers, which often have a lot of limits (and dubious loyalties), we are looking at those vendors who charge a few bucks a month, but put your interests first, rather than those of shadowy advertisers and sponsors. Our VPN rankings are based more than 20 factors including number of server locations, client software, dedicated and dynamic IP, bandwidth caps, security, logging, customer support and price. 
×