An Easy-to-Use and Secure VPN for Most People | #linux | #linuxsecurity | #education | #technology | #infosec


Rating:

8/10

?

  • 1 – Absolute Hot Garbage
  • 2 – Sorta Lukewarm Garbage
  • 3 – Strongly Flawed Design
  • 4 – Some Pros, Lots Of Cons
  • 5 – Acceptably Imperfect
  • 6 – Good Enough to Buy On Sale
  • 7 – Great, But Not Best-In-Class
  • 8 – Fantastic, with Some Footnotes
  • 9 – Shut Up And Take My Money
  • 10 – Absolute Design Nirvana

Price:
$12.95/month

Justin Duino

ExpressVPN is probably the world’s best-known VPN service, with servers located in 94 countries. It promises to encrypt your browsing data on a huge number of devices, with fast speeds and no bandwidth limitations. But there’s more to a VPN service than servers and connection speeds.

Here’s What We Like

  • No logging policy & located in a “safe” jurisdiction
  • Simple setup & easy-to-use
  • Good performance & plentiful servers
  • Choice of protocols with first-class encryption

And What We Don’t

  • Pricier than rival VPNs
  • No double-hop encryption

What Makes a “Good” VPN on Paper?

There is a range of reasons you might want to use a VPN, but arguably the most important one is for security purposes. A VPN encrypts your browsing data so that not even your ISP (or any would-be snoopers) can see what data is being transferred. The weakest link in the chain is the VPN provider, which acts as your gateway to the internet.

ExpressVPN maintains a strict no-logs policy, which means nothing you browse is recorded outside of dates (not times) you’re connected, the server you’re using, which app and app version was used, and the total amount of data transferred. The company claims that the data is anonymized, and used only to troubleshoot, provide technical support, and identify issues with the network.

Another big question anyone should have of a VPN provider is in what jurisdiction the provider is based. Providers that are based in jurisdictions like the U.S. or New Zealand (or any of the Five Eyes) which routinely share data between agencies may be worth steering clear of, in the event that the provider is court-ordered to hand any data over. ExpressVPN is located in the so-called “safe” jurisdiction of the British Virgin Islands.

Other factors largely depend on where you are located and what you want to do. Having a server physically close to your location is great since the smaller the distance between you and ExpressVPN’s server, the faster your speed. Having enough capacity on those servers (and additional servers to ease the load) will also guarantee better performance.

ExpressVPN client for macOS

If you want to browse the internet as if you’re in a specific country, you’d better hope that your VPN of choice has servers located in that country. Since ExpressVPN is one of the largest (if not the largest) VPN providers on the planet, you’re getting a vast number of servers and locations to choose from.

You should probably check ExpressVPN’s server list to ensure your locale is well-served before you sign up.

On paper, ExpressVPN is a solid provider that logs minimal data, has servers all over the world, and by sheer size is likely to satisfy most of your needs. But it’s not all roses. While the company has enjoyed a good reputation over the years, it was acquired by a company now known as Kape Technologies in late 2021 for $936 million.

This parent company has been embroiled in controversy in the past thanks to links to the Crossrider malware and adware platform. The company has acquired several VPNs in the last few years including Private Internet Access (PIA), CyberGhost, and ZenMate VPN. Thankfully, ExpressVPN’s policies haven’t changed, and the company has committed to conducting future third-party audits and penetration tests to reassure its customers. Everything seems fine, for now.

Ease of Use and Connectivity

Jurisdictions, logging, and parent companies out of the way — what is ExpressVPN like to use? We tested the service on the latest version of macOS Monterey (12.3.1 at the time of writing) and an iPhone running iOS 15.3.1. Pleasingly, we found everything worked as advertised.

Note: ExpressVPN is available for Windows, Mac, Linux, Chromebook, Android, iPhone/iPad, Amazon Fire tablets, and a good number of routers, streaming platforms, and consoles.

Installation was a breeze using a .PKG file for Mac and the ExpressVPN app from the App Store on an iPhone. Once you’ve logged in, it’s a simple matter of approving the app to install profiles on either platform via a security prompt, after which you are presented with a connection window.

Install IKEv2 profile on macOS

Both the mobile and desktop apps look and behave very similarly, which makes it easy to know what you’re doing. A common design language means you won’t need to learn to use more than one interface, and the overall design is uncluttered and simple.

RELATED: What Is Apple’s Private Relay, and Is a VPN Better?

The ExpressVPN client managed to detect the nearest server on both platforms using its “smart location” feature, which happened to be about 50 miles (80 kilometers) away. One tap (or a click) and a connection was made almost instantly, which disabled iCloud Private Relay on both devices.

iCloud Private Relay disabled

Connecting to another server of your choice is also easy, and you can filter by country or city on both platforms. Connecting to a server on the other side of the world took around 10 seconds on a modest 10Mb connection, with the ability to save a list of favorites or see a list of “Recent” servers in the VPN Locations window.

By default, ExpressVPN will use an “Automatic” configuration. This decides which VPN protocol to use based on your network settings. The service supports a range of protocols, including Lightway UDP and TCP options, as well as OpenVPN UDP and TCP, and IKEv2. Unfortunately, the Mac app doesn’t report which protocol has been chosen when you pick the “Automatic” option.

Performance and Security

It’s hard to decisively say how well a VPN performs when there are so many variables involved. How far away you are from the network can make a huge difference to your speed, as can network congestion in your neighborhood, what other devices on your network are doing, and whether your ISP is delivering your promised speeds.

Testing ExpressVPN's Lightway protocol

This review was conducted on a rather slow 10Mb connection in semi-rural Queensland, Australia. The nearest server was located around an hour’s drive away in Brisbane. Without a VPN, we were hitting just under 9.9Mb/sec, with a ping of about 25ms. While connected to ExpressVPN via Lightway UDP, that dropped to around 8.2Mb/sec with a ping of 26.

OpenVPN performance was very similar, though we saw greater variety in results compared with the Lightway protocol. It’s hard to predict how these results would translate to the much-faster 100Mb connection we were using only a few months ago. In our experience, we were only losing a couple of megabits and our speed wasn’t significantly impacted.

Exploring different ExpressVPN protocol options

Anecdotally, we noticed a slight delay in web requests which is something often seen when using a VPN. The closer you are to the server, the less likely you are to notice this lag. This is why you should choose a provider that has servers close to you. Since ExpressVPN is such a large provider, the service has more servers available than smaller providers. This was the case here in Australia, where Melbourne and Sydney are usually the two prime locations on account of their population sizes.

ExpressVPN users are protected by an AES-256 cipher to encrypt traffic (with RSA-4096 key and SHA-512 HMAC authentication) when using OpenVPN and IKEv2, while the open source Lightway protocol uses AES-256 and ChaCha20 ciphers for encryption, with D/TLS 1.2 for authentication with servers. These ciphers are currently considered unbreakable, and performance even with the highest level of security remained steady even on our slow connection.

ExpressVPN iOS app

There’s also a network kill-switch built into the Mac app (which also appears on the Windows, Linux, and router implementations of the service). This protects your traffic by cutting all internet browsing activity if your connection drops. This setting is enabled by default on Mac, but isn’t available on iPhone and iPad yet (though Android users are covered).

More Than Just Security

VPNs are useful for more than just security purposes. One of the main reasons you might want to use a VPN is to appear to be in another country while browsing the internet. This allows you to access geo-restricted websites and services, though VPN detection has come a long way in the last few years.

One of the main reasons to do this is to access streaming services or country-specific catalogs, like BBC iPlayer or U.S. Netflix internationally. Our tests showed that not all U.K. servers allowed access to iPlayer, but it only took a few hops (to London’s Docklands server) before we were able to stream Match of the Day here in Australia.

ExpressVPN server locations browser

Similarly, Netflix was hit and miss depending on the server used. The New Jersey 2 server limited the Netflix catalog to only in-house productions (complaining that we were using a VPN when we tried to circumvent it), but connecting to the Seattle server worked as expected with the full catalog available.

ExpressVPN has no limits on torrenting over its service, thanks largely to its location in the British Virgin Islands. You can have five simultaneous connections to ExpressVPN on a single account, but if you need more, consider connecting your router to ExpressVPN (on compatible routers) to cover all devices on your local network.

There’s also a Threat Manager that blocks known trackers and malicious websites (off by default), which was available on both the Mac and iPhone apps we tested. This feature is dependent on the Lightway protocol being used, which may not be possible on all networks.

A Solid Choice of VPN

ExpressVPN gets a lot right with its reassuring no-logs policy, a remote base of operations, solid apps for both desktop and mobile, and performance that (in our testing) meets expectations.

Whether it’s the right choice for you largely depends on performance in your neck of the woods. You’ll get more for your money elsewhere since ExpressVPN tends to be a little more expensive than its rivals, and there are some additional features provided by other VPN services that ExpressVPN lacks.

This includes security features like double servers which require two separate hops for added security, dedicated torrenting and streaming servers, and potentially faster performance. There is no perfect VPN service, so you’ll have to decide which features are most important for you.

ExpressVPN has no free trial available, but the company does offer a 30-day money-back guarantee. If you’re serious about finding a VPN that works for you, we’d recommend signing up, safe in the knowledge you can get your money back if things aren’t up to your expectations.

Additionally, if the monthly cost is a little too steep, you can pay for a year up-front and save up to 35%. This plan also qualifies for the 30-day money-back guarantee.

ExpressVPN scored highly in our VPN roundup, and for good reason. If you’re looking for an alternative, check out our list of the best VPN services.

Rating:
8/10

Price:
$12.95/month

Here’s What We Like

  • No logging policy & located in a “safe” jurisdiction
  • Simple setup & easy-to-use
  • Good performance & plentiful servers
  • Choice of protocols with first-class encryption

And What We Don’t

  • Pricier than rival VPNs
  • No double-hop encryption



Source link