When I go to the VPN section it only lists four VPNs as recommended. What happened to the rest of the list?
I was looking on mobile so that may have something to do with it but I’m not sure.
GitHub issue #1131 brought to our attention an issue with provider VPN.ht, whom we should not have been recommending. As a result, we decided to rebuild our VPN recommendation list from scratch. That issue is being tracked at #1139. We removed VPN.ht in PR #1141 and we removed many other providers (everyone besides IVPN, NordVPN, ProtonVPN, and Mullvad) in PR #1155.
If you are using a provider we recommended before, they weren’t removed because of any notable issues (besides VPN.ht), so there’s nothing to worry about necessarily. However, the only VPN providers recommended among our team members were ProtonVPN and especially Mullvad. We’ve also had good experiences with IVPN and NordVPN. Therefore, those four providers were the only ones we felt comfortable leaving on the site while we reinvestigate every provider.
What about PIA being recommended? It’s a verified no logs vpn, 2 courts cases proved it. Also their app was redesigned [Same UI on Windows MacOS,Linux], is user friendly, and works well on all platforms, especially Linux. Only minus is US jurisdiction, but 2 court cases proved that this con shouldn’t matter. Just a recommendation for a future relook review…
https://www.reddit.com/r/AirVPN/comments/d50mba/windows_10/
airvpn is not so good i’d stay away from them they are forcing javascript to be enabled to even view their site now
and if ya leave a forum post they disagree with they send ya a warning via email and turn your account page into a red banner so doesn’t sound like a company that cares about freedom
https://i.ibb.co/1MppGSp/091919airvpn.png
# -------
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Received: from airvpn.org (unknown [213.152.180.16]) (using TLSv1.2 with cipher
ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by
mail21i.protonmail.ch (Postfix) with ESMTPS id B8791149 for <[email protected]>;
Thu, 19 Sep 2019 12:11:35 +0000 (UTC)
Authentication-Results: mail21i.protonmail.ch; dmarc=none (p=none dis=none)
Authentication-Results: mail21i.protonmail.ch; spf=pass
Authentication-Results: mail21i.protonmail.ch; dkim=none
Subject: You have received a warning from a moderator
Mime-Version: 1.0
From: AirVPN <[email protected]>
Date: Thu, 19 Sep 2019 12:11:23 +0000
Auto-Submitted: auto-generated
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <[email protected]>
X-Spam-Status: No, score=3.0 required=4.0 tests=FROM_EXCESS_BASE64,
HTML_MESSAGE,RDNS_NONE,SPF_HELO_PASS,SPF_PASS autolearn=no autolearn_force=no
version=3.4.2
X-Spam-Level: ***
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on maili.protonmail.ch
X-Pm-Origin: external
X-Pm-Content-Encryption: on-delivery
X-Pm-Transfer-Encryption: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Hi requestbruh,
You have been warned by Staff for a comment made in a topic, javascript
Reason: Abusive Behaviour
Content: javascript
Penalty:
Given 1 points which will never expire.
Content moderated - Indefinitely
Restricted from posting - 3 months and 11 days
Note:
FUD spreading. If you had only given a look at the javascript you mention you would have avoided to spread nonsense.
javascript is required since 2011 in our web site and you wake up only now? 
— AirVPN
# ---------
my original post that your company edited and removed from a forum that has an section for inviting ‘feedback’ on your new site design was close to this:
‘forcing javascript now? really? what’s your email provider? what’s your browser?’
# ---------
first, my post is a critique, a ‘feedback’ post on your new site design, the ‘gripe’ is the simple fact your company is forcing customers and potential customers
to have javascript enabled in order for the site to even load, meaning nobody can review any content without first enabling javascript in their browser
as you stated the site has always required javascript but not to view the site itself, that’s the complaint, the feedback, that’s not FUD spreading sir/mam that’s
what your site is doing, anyone can hit the internet archive and look at the previous versions of the site to verify my statement
javascript has been required since 2011 for certain sections of the site but not to simply view the site or the forum
feel free to close my account out at any time ya want, i’m not gonna give my hard earned money to a vpn provider that censors their own forum and forces javascript
you are not the only vpn provider around the internet and straight up, at this point, i in no way shape or form trust you or your company
sincerely, rod leathers 091919
# ---------
tested this out on different airvpn servers and browsers same deal, forcing javascript on their customers you can not even look at their site now without enabling
javascript first, this is NOT ‘air to beathe the internet’ most of the internet doesn’t force javascript like they are doing now so my suggestion is avoid them and
go with some other vpn provider
screenshot:
https://i.ibb.co/vVDh6tL/092419airvpn.png
the html code:
so not only are they forcing javascript upon their customers they heavily censor their forum, you can not even ask about the javascript or you get a warning email from
them as shown above, and when you say anything about it basically they treat you bad so not a company i suggest anyone can trust with their traffic imho
#092519
airvpn censoring on their forum and reddit: https://i.ibb.co/7bYxgsV/092519airvpn.png
if you purchase a product that is aimed at privacy enhancement
and security your website and especially staff should encourage an environment that supports their own product, good or service.
rod leathers
Apart from mullvad, I find it interesting that the rest of the VPN’s you added back to the list all use proprietary vpn client apps.
Perhaps having open source vpn client apps should be another requirement you add to the privacytools.io vpn criteria.
It should be noted that IVPN has since considerably expanded their PoP to additional countries. they’ve 59 OpenVPN - 14 WireGuard servers.
Also AzireVPN while quite limited in VPN servers offers WireGuard and looks quite interesting on paper with an open source desktop client…and to me is much more privacy centric then NordVPN could ever dream of being.
Understood, thank you for this information.
http://vpnscam.com/tesonet-data-mining-company-owns-nordvpn-protonmail-protonvpn/
ProtonVPN no longer trustworthy?
I don’t think they should be added because of the possibility of a gag order. Additionally, they allow for the use of outdated (and cracked) encryption, like RSA-1024. I just read an article about it a few hours ago.
Also echoing what nitrohorse said, they’re massively dishonest. And any amount of dishonesty in a VPN is an instant dealbreaker. I’m personally amazed a US-based VPN is as popular as it is (should be another instant dealbreaker), but hey.
Open source apps are not a requirement to be listed in any category, because we believe in recommending the best tools for a specific situation, which open source tools can’t always fulfill.
Also, all 4 providers support OpenVPN.
I’ve heard some other people recommend AzireVPN as well. We’ll look at it again for sure.
We will look into that, although I don’t believe vpnscam.com is a trustworthy source.
Has there been a change in leadership at privacytools.io because I thought Open Source was a prerequisite for all the software you recommend.
Additionally, how can an app be verifiably privacy respecting if you can’t see what it’s source code does?
Are you suggesting people should entrust their privacy to blind faith in the developers who make the software?
No, and it’s never been a requirement, although we do generally prefer it.
Open source projects aren’t necessarily secure by virtue of being open source, and closed source projects aren’t necessarily insecure simply because they aren’t open source. But it all depends on the application and situation, so it’s difficult to make a generalized statement.
closed source projects aren’t necessarily insecure simply because they aren’t open source
I don’t think I’ve ever read/heard anyone make that specific argument regarding security.
Closed source is just a mystery box that requires blind trust; and given the fact that it has come to light that many companies have exploited users or violated their privacy through tracking, it’s not unreasonable to push for and/or recommend FOSS.