Maintaining your privacy online has to rank as one of the most compelling factors when choosing to purchase a VPN, so when services violate that trust they’re better left alone.
UK-based HideMyAss made headlines in 2011 when it admitted to handing over traffic logs of Cody Kretsinger, a member of hacking collective LulzSec, to the FBI. This information subsequently lead to his arrest, despite the company’s official policy of not storing any logs pertaining to web traffic content.
Based on these troubling developments, our recommendation is to avoid using HideMyAss. That’s a shame because the company has been around since 1995, offers server locations in over 190 countries and is one of the few services to avoid the Netflix VPN ban.
Realistic alternatives to HideMyAss
In this section, we’ll take you through a list of VPNs that’ll give you an unrivaled browsing experience whilst also guaranteeing your privacy and anonymity. They’ve been ranked on the following factors:
- Speed and stability of connection
- No traffic logs
- Strong encryption parameters
- Large network of servers
ExpressVPN offers servers optimized for speed, stability, and security of the connection. There are over 1,500 servers spread across 94 countries so it’s unlikely that you’ll ever be frozen out or find it tough to maintain an adequate connection.
All servers use the OpenVPN protocol, 256-bit AES encryption, 4,096-bit RSA keys with perfect forward secrecy, and SHA512 authentication. ExpressVPN is capable of unlocking a bunch of geo-restricted content including Netflix, Hulu, BBC IPlayer, HBO Now, SkyGo, Foxtel, and more.
There’s a pretty stringent policy of not maintaining any user traffic logs except for some metadata pertaining to the date (not time) of connection, choice of server location, and total bandwidth used.
Unlike HideMyAss, ExpressVPN is incorporated in the British Virgin Islands which means it’s out of the reach of government authorities in the West and doesn’t need to automatically comply with data retention laws. It’s possible to pay via Bitcoin and torrenting is allowed on all servers.
READER DEAL: Get 3 months free here with the annual plan. The deal includes a 30 day money-back guarantee so you can try it risk free.
Read our full review of ExpressVPN here.
NordVPN has been around for over a decade, making it a relative veteran in the VPN industry. There’s a strict policy of not storing any user logs – with both traffic and session data excluded – thereby catapulting it into a different league.
Users are allowed to choose servers based on their browsing preference – there are selections available for streaming TV, ultra-secure privacy, anti-DDoS, and anonymity. With 982 servers spread across 58 countries, NordVPN is a particularly robust choice for the discerning user.
The standard is the OpenVPN protocol with 256-bit AES encrypted connections and 2,048-bit DH keys. DNS leak protection is enabled and users have an option of availing DNS servers too. There’s an internet kill switch which will temporarily halt all traffic to selected applications if the connection unexpectedly drops.
Extra security features include a double-hop VPN, which routes a connection through two VPNs instead of one, as well as Tor over VPN. The company is incorporated in Panama which means it doesn’t fall under the jurisdiction of US or UK laws. NordVPN also accepts Bitcoin as payment, thereby adding an additional layer of privacy and security. Torrenting is allowed.
The company says it has, in the past, received official requests for information. However, because of its zero-logs policy there simply was no data to hand over. In one case physical servers were confiscated but authorities weren’t able to recover any information.
Read our full review of NordVPN review here.
IPVanish is rated as a premium VPN service as it physically operates and manages its own servers as opposed to other companies who rent or use a combination of the two.
Users are offered 750 servers spread across 60 countries, making it a resilient choice. All servers use 256-bit encryption on the OpenVPN protocol by default, SHA512 authentication, and a DHE-RSA 2,048 key exchange with perfect forward secrecy. They perform particularly well when it comes to speed tests.
IPVanish has a zero-logs policy and does not store any information about its users, other than when an account is first registered. Bitcoin is an acceptable form of payment and torrenting is allowed on all servers.
Some users might worry at the fact that the company is incorporated in the US, but its no-logs policy should put these concerns to rest.
EXCLUSIVE DEAL: Save up to 60% on your IPVanish subscription. That comes with a 7-day money-back guarantee.
Read our full review of IPVanish review.
PureVPN is another VPN provider that follows a strict no-usage logs policy. All it does is record the timestamp when connected to a server and bandwidth used, which is fairly benign.
There are over 500 servers available to choose from and they’re spread across 121 countries. The service performs well when judged on the basis of speed and connectivity.
PureVPN is headquartered in Hong Kong, which means there are no mandatory data retention laws and it’s comfortably out of the reach of the FBI. It uses 256-bit AES encrypted L2TP/IPSec as the strongest protocol and also offers an option of OpenVPN, which has to be configured manually. There’s both DNS leak protection and an internet kill switch included.
Torrenting is permitted on all servers and users can pay via Bitcoin.
READER DEAL: Save 50% on Pure VPN’s 1-year plan here. That includes a 7 day money back guarantee, so you can try it risk free.
Read our full PureVPN review here.
StrongVPN is able to circumvent China’s Great Firewall censorship tool with ease – which points to robust system architecture and encryption protocols.
There are 684 servers in 24 countries and the most secure connections use 256-bit AES encryption, MODP 8192 keys, and SHA512 authentication. The company keeps no traffic or session logs of any kind.
It’s also another VPN provider that owns all of its own servers, giving it full control over the traffic passing through them and making it difficult for surveillance agencies to pry.
StrongVPN is incorporated in the US, but the no-logs policy should ease concerns. Bitcoin is an acceptable form of payment and torrenting is allowed.
READER OFFER: Savings of over 40% with StrongVPN’s 1-year deal here. Try it risk free. Includes a 30 day money back guarantee.
Read our full review of StrongVPN review here here.
Free VPN options
It is possible to ditch the credit card altogether and opt for a completely free VPN, but we don’t advise you to go down that route. Such options are in the business of making money too – after all, they need to pay for server space, technical support, and other overheads.
Monetization usually comes via aggressively tracking your browsing history, inserting cookies, and selling that data to third-party advertisers. You’ll also be bombarded with pesky ads and flashing windows urging you to download obscure apps. The threat of a malware infection is very high, which can lead to data loss and take several hours to fix.
Such VPN services are highly insecure, don’t offer a large range of server locations, and are definitely not optimized for speed. Expect frequent connection drops and tiny data caps – which means you’ll be automatically logged out if you stream video for a couple of hours or download a single torrent file.
Further reasons to distrust HideMyAss
Other than the Cody Kretsinger case, HideMyAss has also been linked to the arrest of former US district judge Chris Dupuy.
Dupuy allegedly posted incriminating photos of two women he was formerly involved with – running fake adverts promoting them as hookers. He tried to mask this behavior via a paid version of HideMyAss.
But that tactic backfired. After the women started receiving mysterious phone calls, they immediately reported the matter to local authorities and put the finger of blame on Dupuy. Law enforcement agencies worked backward to trace the source of this activity and pinpointed an IP address in Venezuela, Colombia. After more digging and clear cooperation with HideMyAss, they identified the culprit.
We don’t condone the behavior of Chris Dupuy – it’s illegal and downright nasty – but if a company vows to protect your privacy and keep it out of the reach of the government – then they have a moral obligation to do so.
HideMyAss says on its site that the only data logs it retains on customers are:
Username Timestamp when you connect and disconnect to our VPN service The amount of data transmitted (upload and download) during the session The IP address used by you to connect to our VPN The IP address of the individual VPN server used by you
Clearly, there’s something amiss here.
What makes matters worse is that HideMyAss is headquartered in the UK, which is now subject to the ‘Investigatory Powers Bill’, also known as the Snoopers Charter.
There are five key elements of this bill:
- ISPs are bound to keep records of every subscriber’s web history for up to 12 months – with the data accessible to several government agencies.
- The GCQH can utilize bulk data collection on the personal assets of people now accused of wrongdoing, but whose data was gathered from a large number of devices in a targeted area.
- Companies must decrypt data on demand.
- Companies must notify the government before new security features are launched.
- Intelligence agencies like the GCQH may hack into the devices of citizens.
Given HideMyAss’ poor track record, it’s unlikely that using this VPN will truly mask your behavior. Hence you should assume you’re at risk.
If you’re looking for an alternative, check out our review of the VPNs that protect you from the Snoopers Charter.