This comparative review discusses the 3 VPNs. All info taken from the net. Any incorrect info presented please highlight so that correction can be made.
ExpressVPN
PROS
PROS
PROS
ExpressVPN
PROS
- Mddle speeds across the board and good reliability throughout the VPN server network
- Most number of OpenVPN-enabled servers i.e. more than 2000 servers across 148 locations in 94 countries.
- No-log policy i.e. no activity and no connection logs. No IP address log, no time log, the VPN address assigned, any info on website or pages you are visiting (including via DNS requests or any of your traffic. The company, however, do records
- date when you connected to the service but not the time of the day
- your choice of server
- the version of the clients you have installed
- total amount of data transferred each day
- None of the above constitute a privacy risk. Other VPN providers will do likewise but not admitting it
- the VPN clients collect telemetry data (speed test info, connection failures, crash reports etc) but they are anonymized and can be disabled during the installation process or any time with a click
- Proven no leakage of user data when servers were seized in Turkey
- High-security applications with maximum encryption (passed all privacy/security tests). IPv6 WebRTC leak requires ExpressVPN’s browser add-on
- ExpressVPN uses an AES 256-bit cipher with a 4096-bit RSA key and SHA-512 HMAC authentication. Additionally, ExpressVPN utilizes Perfect Forward Secrecy negotiated through DH-2048 Diffie-Hellman key exchange. Uses own zero-knowledge 256-bit encrypted DNS servers.
- Allows user to choose own protocol from OpenVPN UDP/OpenVPN TCP/L2TP-IPSex/PPTP/SSTP for Windows client
- Users shared a static IP address
- Has a Firewall-based Kill Switch (Network Lock) which works perfectly
- Split-tunnelling feature
- Solid choice for torrenting
- Still works with Netflix using its VPN and Smart DNS (which offers no privacy and security)
- No bandwidth and no data cap
- Has Speed Test feature to show latency, download speed etc
- Has dedicated android app
- Has extension for browsers
- Uses a mix of bare metal and virtual servers
- Has “stealth servers” in Hong Kong to defeat censorship in China
- ExpressVPN offers 24/7 live chat support and a 30-day money-back guarantee
- Free android testing for 7 days
- If sign up using bitcoin and a burner(disposable) email account then user anonymity is there
- Some servers are “virtual” servers but these are used only for some remote locations
- No server-side malware/ad/tracker/social/phishing/botnet filtering. Therefore, needs better protection on the user side
- No multi-hops nor built-in TOR connection
- Second expensive in terms of subscription. 1-yr subscription costs US$99.84 + 3 free months (see www.bestvpn.com/review/expressvpn/)
- Offers only 3-simultaneous device connections
- No free Windows testing
- No IKEv2 protocol for Windows. Only OpenVPN UDP/TCP for android.
- Cannot change encryption standards.
PROS
- From offers can get cheapest subscription for 1-yr plan of US$12. Can get lifetime subscription for US$35.50 with promo codes.
- Fast with default IKEv2 protocol but overall test of servers with industry standard OpenVPN still slower than ExpressVPN
- Windscribe's default encryption is very strong, using a SHA-512 cipher for authentication and a 4096-bit RSA protocol for the "handshake" that sets up the secure connection. The browser extension uses TLS1.2, ECDHE_RSA with P-256 key exchange and AES_128_GCM cipher. All transferred data uses AES-256 encryption. Support for Perfect Forward Secrecy. It uses OpenVPN/IKEv2/IPsec/SOCKS5 protocols.
- No leaks detected (IP, DNS, WebRTC)
- Has R.O.B.E.R.T. server-side malware/ad/tracker/social/phishing/botnet filtering. Lesser protection needed on the user side. Windscribe have a whitelist feature on its extension
- Has self-configurable multi-hops. Need desktop and its extension to achieve that.
- More servers than Perfect Privacy VPN
- Has dedicated android app. But to get connected via IKEv2 needs the Strongswan app, or via OpenVPN with OpenVPN for Android
- Unlimited simultaneous device connections
- Can get free service of 10/50/60 GB per month
- Has a Firewall
- Has a Windscribe-dedicated Reddit forum
- Has 600 servers in 51 countries
- Supports torrent in some locations
- Supports Stealth/WSTunnel to bypass VPN blocking
- Windows client also supports setting up your system as a secure wireless hotspot (if your network adapter supports this) or a proxy gateway
- Still can connect to Netflix
- Has extension for browsers
- With Bitcoin can be anonymous as signing up requires username (fake) and password only
- Supports multi-hop for two(2) servers only
- Headquartered in Canada, a 5-eye country
- Does not own its own servers or IP addresses i.e. use rental VPS servers. Read https://vpn-anbieter-vergleich-test.de/windscribe/
- Multi-hop needs browser extension to accomplish that
- No TOR connection
- No Kill Switch. The Firewall is reported to be better so no Kill Switch.
- No proven court case of seized servers with no data leakage of users yet
- Cannot customize the settings of the encryption standards
- Contradictory ‘No-log’ policy. It does some logging
- Very much less servers available on mobile than desktop
- Has a server status page on its website but not showing bandwidth and latency
- No 24/7 live chat
PROS
- Although headquartered in Switzerland the “technical implementation” part is in Panama. Both countries are excellent for protection of privacy and data for the users.
- No-log policy
- Proven no leakage of user data when servers were seized in Netherlands
- Using all bare-metal servers for better speed, bandwidth and reliability. The servers also run in continuous RAM disk mode for additional user data protection.
- Has TrackStop filter on server-side for malware/ad/tracker/social. Lesser protection needed on the user side. Only drawback is no whitelist.
- Has self-configurable multi-hops up to four(4) servers in cascade
- Has server-side NeuroRouting for dynamically route traffic across multiple hops in the VPN network
- Has Stunnel Stealth VPN (obfuscation) Technology
- Has Firewall-based Kill Switch
- Has SSH tunnelling/Split tunnelling feature
- Absolutely no leak (IP, DNS, WebRTC)
- Full IPv6 support
- User can select between OpenVPN UDP and TCP, or L2TP/IPsec. OpenVPN encryption is securely implemented with an AES 256 CBC cipher, GMAC SHA1 for data Authorization, and a robust Handshake (RSA-4096). Perfect Forward Secrecy is provided with DHE-4096
- Socks5 and Squid proxies on all servers. All proxies can resolve .onion (TOR) addresses
- User can select encryption standard e.g. AES, Camellia etc
- Unlimited number of simultaneous connections with no bandwidth or traffic limit
- Can check server latencies and bandwidth in real-time on its website
- Has Warrant Canary
- Has a user forum
- No free testing but offers a full 7-day money-back guarantee, without any tricks or bandwidth clauses. This allows you to test everything out risk free
- The Swiss can (and will) cooperate with the 5-Eye Security Alliance if required
- Most expensive. 1-yr subscription for US$136.89
- No dedicated android app. Needs either built-in IPSec VPN Config/OpenVPN connect app/Strongswan VPN app
- No TOR connection
- No live chat
- No Netflix support
- 55+ servers in 23 countries
- Slowest speed amongst the three(3) VPNs
- Server switching may take up to thirty(30) seconds
- No IKEv2 protocol for Windows and android.
- Firewall and dns-leak protection in the Perfect Privacy VPN software is using the Windows Firewall to make sure that no dns-leak occurs and all your traffic is being sent only over the encrytpted tunnel. When using a third party personal firewall this functionality will not be working.
Last edited:
