Company who's blog post this is ain't bad either if you're looking for a non-ecosystem VPN. Proton is trying to be Nord and create an ecosystem of products that store all your most private data, all under the umbrella of 1 company which defeats the whole point of a VPN who should have no data on you (not even an email).
I feel like it's Nord who's trying to be Proton but worse, no? Nord had just the VPN until recently, unlike Proton which was already trying to build an ecosystem (although they did speed up the new product drops significantly in the past few years). And unlike Nord, at least Proton actually has proper zero-access encryption and stuff, and they seem to know what they're talking about rather than just relying on influencer marketing.
Proton used to have mail, they they launched a VPN. Then cloud storage, then password manager, then docs + calendar, then wallet, now also AI and MFA app. They're following literally in Nord's footsteps, all Nord needs to do is launch a mail service and the circle is complete.
Proton is doing influencer marketing now too btw. Parallels are uncanny. All this while claiming to fight Google/big tech, but essentially offering the same products that store the same personal data.
Full disclosure, I run a commercial VPN service (Windscribe).
There are 2 paths you can take here:
1. Roll your own VPN server on a VPS at a less common cloud provider and use it. If you're tech savvy and know what you're doing, you can get this going in <1hr. Be mindful of the downsides of being the sole user of your custom VPN server you pay for: cloud providers log all TCP flows and traffic correlation is trivial. You do something "bad", your gov subpoenas the provider who hands over your personal info. If you used fake info, your TCP flows are still there, which means your ISP's IP is logged, and deanonymizing you after that is a piece of cake (no court order needed in many countries).
Do not go with a VPN service that is "mainstream" (advertised by a Youtuber) or one that has an affiliate program. Doing/having both of these things essentially requires a provider to resort so dishonest billing practices where your subscription renews at 2-5x of the original price. This is because VPNs that advertise or run affiliate programs don't make a profit on the initial purchase for that amazing deal thats 27 months with 4 months free or whatever the random numbers are, they pay all of this to an affiliate, sometimes more. Since commercial VPNs are not charities, they need ROI and that comes only when someone rebills. Since many people cancel their subscriptions immediately after purchase (to avoid the thing that follows) the rebill price is usually significantly more than the initial "amazing deal". This is why both Nord and Express have multiple class action lawsuits for dishonest billing practices - they have to do it, to get their bag (back). It's a race to the bottom of who can offer the most $ to affiliates, and shaft their customers as the inevitable result.
Billing quirks aside, a VPN you choose should offer multiple VPN protocols, and obfuscation techniques. There is no 1 magic protocol that just works everywhere, as every country does censorship differently, using different tools.
- Some do basic DNS filtering, in which case you don't need a VPN at all, just use an encrypted DNS protocol like DOH, from any provider (Cloudflare, Google, Control D[I also run this company], NextDNS, Adguard DNS)
- Then there is SNI filtering, where changing your DNS provider won't have any effect and you will have to use a VPN or a secure proxy (HTTPS forward proxy, or something fancier like shadowsocks or v2ray).
- Finally there is full protocol aware DPI that can be implemented with various degrees of aggressiveness that will perform all kinds of unholy traffic inspection on all TCP and UDP flows, for some or all IP subnets.
For this last type, having a variety of protocols and endpoints you can connect to is what's gonna define your chance of success to bypass restrictions. Beyond variety of protocols, some VPN providers (like Windscribe, and Mullvad) will mess with packets in order to bypass DPI engines, which works with variable degree of success and is very region/ISP specific. You can learn about some of these concepts in this very handy project: https://github.com/ValdikSS/GoodbyeDPI (we borrow some concepts from here, and have a few of our own).
Soooo... what are good VPNs that don't do shady stuff, keeps your privacy in mind, have a reasonably sized server footprint and have features that go beyond basic traffic proxying? There is IVPN, Mullvad, and maybe even Windscribe. All are audited, have open source clients and in case of Windscribe, also court proven to keep no logs (ask me about that 1 time I got criminally charged in Greece for actions of a Windscribe user).
If you have any questions, I'd be happy to answer them.
Your offering really only seems comparable in the sense that it doesn't cost money and is based in Canada.
I don't think it's bad to bring up alternatives, but if you're going to promote the company you're CEO of I think you could at least offer a little more by way of justification or explanation than just "try this instead". _Why_ should someone trust your company over a non-profit with a member-elected board and a strong commitment to transparency?
I run a commercial VPN service (Windscribe). Here are my thoughts on this.
At its core, a basic VPN is a trust shift service, nothing more. Do you trust your ISP less than an some anonymous shell company owned by Siberian forest dwellers? In many cases, the answer is no.
That being said, depending on where you are and if you choose the "right" VPN, the answer could be yes. Here are some reasons why you may want to use a good commercial VPN, which goes beyond just the ability to tunnel your traffic through a remote endpoint:
- You are in Russia, China, Iran or other countries with heavily censored Internet. Over 3 billion people live in such places, or nearly 50% of the world's population.
- If you don't live in such places, laws in certain US states criminalize certain behaviors. This will only get worse, even in "western democracies". Using a quality VPN service is much better than barebacking the Internet.
- You want your traffic to be "lost in the crowd", something you cannot achieve with your Digital Ocean droplet, no matter how well you configure it. Changing your IP does absolutely nothing, safe a few exceptions (piracy, or keeping an alter ego if your opsec is good)
- Additional features: server side DNS filtering / blocking. Yes you can use uBlock origin, but not on mobile, and not outside the browser. Yes you can run Pi-Hole, and setup WG tunnels to your homelab. 99% of people won't.
- Advanced features: Companion browser extensions that block ads, trackers, malicious domains, mess with your browser settings to reduce chances of fingerprinting. Yes you can install 5+ different extensions to do that. Most people won't.
TLDR; If you're an elite haxor, you can do everything yourself. You will spend time, and money doing so. Most people will not bother or not be able to do these things, and a quality commercial VPN service can check a lot of the boxes I mentioned above. Just avoid the ones that advertise heavily, those are marketing / snakeoil sales companies, as the author suggested.
Yeah apologies if it came across as if I was saying anything bad about yall's company.
I just meant that while your entry didn't list anything seriously concerning about your product, since I'm not familiar with it I can't really speak to whether there were omissions.
Contrary to popular belief, IP blocking isn't the most common way VPNs are blocked these days. Additionally, GFW isn't the same in all of China. Different networks, different cities, have different filtering policies and rule sets. Same as in Russia now.
VPNmentor, a VPN review site, was acquired by Kape "Technologies" for 150M.
PrivateInternetAccess, a major VPN service was acquired by the same company for 95M.
A VPN review site is worth more than most VPN services it promotes due to insane $CPA they pay to these types of sites, that masquerade as "security exports" while in reality ran by marketing people.
PS. I'm from the company who's blog post this is.