Do you use a VPN? You should, because the surveillance on the Internet is really getting out of control now. It's not just Governments now, but all major tech companies are gathering data on you and building an entire profile of you, for "advertising purposes", so you are like a fish in an aquarium being monitored constantly.

First of all you should immediately configure your Internet browser, which is most likely configured for maximum surveillance right now, as in keeping all cookies for maximum tracking, so that basically any website could track you with a large online presence (Google,Facebook, Twitter, Cloudfare, Akamai, you name it). You should also switch to Firefox if not using it already, since it's more privacy friendly:

• https://steemit.com/security/@profitgenerator/enhance-firefox-browsing-security-and-privacy

Best VPN List

Now I know there are many Top 10 or Top 5 lists on the Internet, but they are mostly corrupted by affiliate links, so they will promote only those VPN providers that make them the most money. In this list I am giving you really the best list based on several factors. I am not affiliated with any of them, so I don't really care about their marketing, I will just give you a very good list.

I have found a list of all major or popular VPN providers and I am going to filter it out based on my criteria of quality which includes:

• Location must be a privacy friendly jurisdiction (No 14 Eyes, and No censorship)
• High quality cryptography
• No logs
• Open source software, and no homemade cryptography nonsense
• Decent bandwidth, speed , usability, customer service and price

All of them are different priorities. Obviously the most important aspect is that it should work. Otherwise it’s pointless. And I know that most people don’t need extreme security maybe they just want to hide their browsing history from their spouse, ISP, or a website, not everyone is a James Bond, but that is not the point. If the security is weak, then basically anyone can de-anonymize you, so the VPN service then becomes useless or an outright scam if they market themselves as secure when in reality they are not.

And look most newbies get fooled by shiny website design, and the marketing slogans, but most VPN’s are in reality worthless, shady, scammy. So it’s really important to choose one that actually works.

I have a list of 180 websites, compiled from THAT ONE PRIVACY SITE, which is a very good resource that teaches you how to spot a GOOD VPN and what characteristics are important so that you yourself can verify it, and don’t have to rely on 3rd parties opinions.

1) Geographic Filter

Despite the best intentions of the VPN, if they reside in an oppressive jurisdiction, they will be coerced to reveal user data. I mean what the hell do you think they will do? Resist the Government? They will send tanks and helicopters after them. So they will obey any subpoena they get, often without notifying the suspected user, which is illegal for them to do.

There is no such thing as “No Logs”. That is a myth, if they say “No Logs” that might mean that they don’t keep more logs than legally required, but most jurisdictions require them to keep minimum logs, especially in the EU and North America.

If we filter the list for countries outside the surveillance system, out of the 180 VPN’s we are only left with 65. If we further filter it by only having those countries that have no known cases of censorship, since it’s logical to assume that just because they are not part of the USA/UK spy grid, that doesn’t mean that they don’t have draconian laws of their own. We are left with 64 providers.

Also there are many that have their locations undisclosed. Now this according to the website is a red flag, but I disagree. If a Government really wanted to setup a honeypot, they could just as easily set it up in a “green” country secretly. So it doesn’t have to be a red flag, they could actually be running their VPN anonymously, which might be positive.

However they could be run by normal criminals who are out there to record and sell your data. Now that is a risk. But if the software, the encryption model and the protocol is open source and safe, then this is a smaller risk. It’s your choice.

2) Cryptocurrency

Well it can’t be anonymous if they only accept debit cards or fiat payment processors since those are heavily KYC based. Of course if you are not a criminal then why should you care? Well you should, because if the VPN does disclose your personal data or sell it or leak it or if they get hacked, then all your browsing history will end up in the black market directly tied to your identity. You would not want that.

So cryptocurrency acceptance is very important. Besides isn’t it more convenient to pay in BTC or ETH instead of shitty fiat.

Only 46 VPN providers match this criteria.

3) Open Source Software + Protocol

OpenVPN is a strong software which is Open Source, that provides the framework for your connection. I don’t even bother with services that are not Open Source, since they can just put malware or spyware in the software despite advertising themselves as great. Only Open Source software, others are not tolerated.

Only 43 meet the criteria. Then we only want to accept protocols that are not proprietary, “home made”, which are either nonsense or could be a backdoor.

4) DNS Leak Protection

It is very important to have leak protection. This is a software issue mostly. It is when you access a website the DNS query goes through a different channel. If the DNS leak is not blocked, that means that at the exact time you connect to the IP of the target website through the secure channel, you send a DNS request to the DNS server you are connected too through the clear Internet.

This means that all your Internet connections will be parallelly logged by your ISP. So it really defeats the purpose of using a VPN if the DNS leak is not blocked. It must be.

Only 15 remain.

5) IPv6 Protection

Maybe people are saying that IPv6 is not privacy friendly due to including the Hardware ID in the protocol itself. I disagree, this issue can easily be patched in Linux OS’s, it’s only a problem in proprietary OS’s where the DHCP software is proprietary. Furthermore you can also disable IPv6 entirely, so this issue is really optional, and it’s not the fault of the VPN provider.

6) Encryption

I have left encryption to the last, because I actually think it’s not even that important from this perspective. All VPN providers by now have decent crypto algo, I have removed those that used “home made” protocols which is really stupid, but using public protocols that have already been tested, perhaps depreciated, but not broken entirely. Some of them use Blowfish which is an outdated algorithm, but not entirely useless.

Let me put it this way. If the Government wants your data, they will probably get it by infecting your PC with a spyware. It would be much more harder and impractical to break even Blowfish.

So if you really need good encryption then use AES-256, which the rest of them provide, but not all of them by default, so you have to select AES-256 specifically.

But other than that I don’t see the Encryption Protocol itself being the weakest link here, but if you disagree, then just use the other VPN providers.

7) Dispersion

Now there are providers that have low amount of servers or some of them have actually 0 listed here which I believe it works like they might own servers through subsidiaries, rent them via VPS, or other structure, which could be bad since the VPS could log, but I don’t really understand this so I am not going to rate them based on this.

However geographical dispersion is necessary. I think a good arbitrary threshold is 30 countries bare minimum. Because if you visit only 1 website, say you want to use Facebook through VPN, then Facebook could probably guess who you are if you have only 5 IP addresses and also browse the web on the clearnet where they have all sorts of FB cookies placed on your computer. So they can figure out your profile that way.

But having at least 30 countries in my opinion is a good distributed experience. Even if you just browse random websites, having this amount of dispersion is a good way to stay incognito.

We are only left with 10.

8) Ethics

There are also some allegations there about some of them being shady, untrustworthy, or having conflicting policies. I am not going to be the judge here, it will be your job to verify those claims. They might be true, or they might have been bad reviews written by envious competitors. I don’t know.

---

TOP 10 VPN’s

So after filtering out all the problematic points, we are left with 10 VPN providers that I think are good. They are not listed in order, and they might not all be good, you still have to check further, I have just narrowed down the list to 10.

Download list here: https://pastebin.com/MbU44diX

Just save that as .csv file and open it in Libre Calc or Microsoft Excel to view all parameters and sort them out by your wishes.

More filtering

I would actually like to be more rigorous and actually look for a VPN that doesn’t log DNS queries and timestamps either.

I also believe the Privacytools.io criteria is important, they are a trustworthy organization who know things better, plus I also have a few preferences like the Multihop protocol, so I have narrowed down the list to 2.

• https://nordvpn.com (Panama)
• https://proxy.sh (Seychelles)

• Neither of them claims to log anything, and both are in good jurisdictions, although NordVPN explicitly states it
• Both support Multihop, Obfsproxy and SOCKS
• Only NordVPN provides SSL tunnel
• NordVPN blocks IPv6 too
• Both of them have AES-256 tunnel encryption
• NordVPN has RSA-2046 while Proxy.sh has RSA-4096 handshake encryption
• 40+ Countries & more than 300 Servers
• NordVPN is 5.75$/month while Proxy.sh is 10$/month
• Both donate to privacy causes
• Proxy.sh doesn’t block any ports while NordVPN might block some.

---

Sources:

• https://pixabay.com
• https://thatoneprivacysite.net

---

Upvote, ReSteem &