On my last post I suggested we should be legitimately suspicious of our ISPs. One of my friends[1] asked, “Any thoughts on which VPN service to use?”
If you’re not technical, VPN stands for “Virtual Private Network.” In brief, a VPN service encrypts all your traffic, including your domain name lookups[2]. Your encrypted request goes to the VPN server, and the VPN server decrypts it and forwards it to the end server. Your ISP can’t see any of it.
So I reached out to a couple security expert friends. They recommended StrongVPN (https://strongvpn.com/) or ExpressVPN (https://www.expressvpn.com/). They suggested that either would suffice; both offer basic security including DNS. ExpressVPN is probably a little easier to use, but StrongVPN probably has a slight edge in security.
First, beware VPNs that are too cheap to be believable. That’s a hint they are selling data about you to make up the difference. Second, pick a VPN provider that will offer a variety of protocols so you can avoid the ISPs continually upgrading their ability to snoop.
I prefer StrongVPN because Express has been caught before with weak ciphers – and they have that problem again now (just look at their web site in SSL Labs for example). Overall I find Strong to be more professional.
That said, any VPN is better than no VPN. It’s probably a good idea to have one; setting one up has been on my todo list forever. I’ll be setting it up this weekend. Let me know if you’re interested and I’ll share how it went.
