I made a spreadsheet comparing different open source VPN providers. I will be making a version 2.0 to add some requested changes.
Providers
Notes
- Please do not start a flame war about Proton.
- Please do not start a flame war about cryptocurrencies. Monero is the only cryptocurrency listed because of its privacy.
- The very left column is the category for each row, the middle section is the various VPN providers, and the right section is which VPNs are the best in each category.
- IVPN has two differing plans, which is why “Standard” and “Pro” are sometimes differentiated.
- For accounts, “Generated” means a random identifier is created for you to act as your account, “Required” means you must sign up yourself. Proton VPN allows guest use under specific conditions (e.g. installed from the Google Play Store), but otherwise requires an account.
- Switzerland is seen as more private than Sweden. Gibraltar is seen as privacy neutral.
- All prices are in United States Dollars. Tax is not included.
- Pricing is based on the price combination to achieve the exact time frame. For example, Proton VPN does not have a 3 year plan but you can achieve 3 years by combining a 2 year plan with a 1 year plan.
- The availability section is security based. Availability is framed around a GrapheneOS and secureblue setup.
- The Proton VPN Flatpak is unofficial, but based on the official code.
- Availability on secureblue is based on the
ujust install-vpncommand. Security features must be disabled on secureblue in order to use the GUI for IVPN and Mullvad VPN, but not for Proton VPN. Mozilla VPN and NymVPN are available as Flatpaks, which are safer than layering packages. - I wanted to include more categories, such as which programming languages they are written in, connection speed, and security, but that became far too difficult and complex, so I decided to omit those categories.
Takeaways
- NymVPN is very very new, but it’s off to a strong start. It wins in almost every category. I actually hadn’t heard of it until I started this project.
- If you want a free VPN, Proton VPN is the only one here that meets that requirement.
- If you want to pay week-by-week, IVPN is the only one that allows that.
- If you’re paying month-by-month on a budget, Mullvad VPN is the cheapest option.
- NymVPN is the cheapest plan for anything past 1 month.
- If you want to use Accrescent as your main app store, IVPN is the only VPN available there for now.
- If you want to pay for a bundle of apps, including a VPN, Proton sells more than just a VPN.
- Mozilla VPN is terrible. The only thing it has going for it is a verified Flatpak, but NymVPN also has that so it doesn’t even matter.
Maybe adding number of servers and country diversity
What about logging policies? Seems like that would be an important category to visit - which providers store logs or don’t etc. I’ve heard of some that use RAM-only logging that allegedly never gets stored on disk.
I have never heard of NymVPN
Most people haven’t, till they have.
What would happen if you tried to put I2P on there?
… I guess you’d have to go by the different outproxies… ?
ProtonVPN has started to become blocked on tons of websites. I have to switch servers all the time, to the point I won’t be able to keep a VPN connection up like I used to.
I’ve read Mullvad has worsened as well. There seems to be a general ban on VPN use (there was always some of course)
My last hope: non profits who offer VPN. They keep logs, don’t allow torrenting, and require a real name to subscribe. Very few server choices, if any.
I’m… fine with that. I just want privacy. No surveillance. And I trust the non profit. Plus I torrent on a VPS anyway
What I would like to see are local VPNs, with a small enough pool of users on each server to not get flagged. A rotation between servers from time to time. Compliant with the law of course (as long as the law doesn’t require total surveillance, evidently). The goal is to hide everyone’s activity from the providers and websites (yes, I know, fingerprinting)
But maybe there’s some other existing tool/service I’m not aware of?
Does using a VPS truly enhance safety while torrenting? Isn’t it still possible for downloads and uploads to be traced back to your identifiable IP address, especially considering that the VPS provider logs your IP and email details?
VPN on VPS (easy to do with gluetun)
Basically you use a container that’s a VPN connection and connect other containers to it.
Why is proton VPN excluded from the winners for open source, license, and based on, despite having the exact same values populated as the other 4 winners?
That’s another bug on my part. I’ll fix this in version 2.0 :)
I do not agree with placing switzerland over sweden in that location category
and i think a category should included, that tracks age of vpn or something like that, considering this is nymvpns biggest flaw… still hard to say how trustworthy it is + their software is less battle tested
(
and just for someone curiouse, it should be mentioned that nymvpn does use mullvad servers/ has a deal with mullvadsry i mixed that up obscura and mullvad had partnership, not nymvpn)I agee. Switzerland is close to be the worst country for privacy with the current revisions of the law.
I do not agree with placing switzerland over sweden in that location category
I’d be happy to hear your elaboration on this. From what I know, Switzerland is seen as the gold standard in terms of privacy.
and i think a category should included, that tracks age of vpn or something like that
The issue is that age doesn’t correlate with security. There could be an outdated, insecure VPN that’s been around for 10 years, or a modern, secure VPN that’s been around for 10 days. If I included it, there would be no “good” or “bad” values. Nevertheless, I will include this in version 2.0.
(and just for someone curiouse, it should be mentioned that nymvpn does use mullvad servers/ has a deal with mullvad)
I knew NymVPN used a small bit of Mullvad VPN’s code, but I didn’t know they used their servers. Could you link to this?
this is awkward i am sorry it seems like my memory failed me, for one it is was mullvad and obscura that have a deal, not nymvpn…
and then i also thought somehow that vpns are in sweden protected by the constitution, but it appears its more like normal laws. Which appear to be effective tho. But mainly i thought about that recently switzerland was proposing laws like this https://tuta.com/blog/switzerland-surveillance-plan (possible that laws like these get proposed in sweden aswell ofc) which makes it sound like the privacy stands of the goverment is not that strong anymore, but there are probably no effects really at the moment. I think i would rank sweden and switzerland equally i guess, i mean the famouse mullvad example kind of proofs that they are safe i think…
But like my research into the countries is not that deep, so if you really looked into this deeply and switzerland is really better for some reason, than i guess it is like this.
But i still think the age is important, like sure its completly possible that an old vpn suddenly gets infiltrated or idk what really, but since for vpns are mostly trust based, i think that the track record is the best option for this… and new vpns just dont have that long of a record (personally i would not use like a 1 month old vpn for example, whoever good it sounds)
or can nymvpn offer garantuees similar to tor?
FWIW took me less than 1h yesterday to setup WireGuard on 4 different devices :
- server with
wg-easyand thus easy to use Web UI (before 2-step auth) - peers
- BananiPi 3 F (RISC-V) headless via
nmcli - desktop on Debian via NetworkManaged
- mobile phone on /e/OS via the WireGuard client (with Ente Auth to login back on server as admin)
- BananiPi 3 F (RISC-V) headless via
… and it was the first time I used WireGuard.
So I’m trying to imply that one shouldn’t use commercial VPNs or benefit from their services, solely that setting up your own depending on your abilities and needs might not be as complex as you initially imagine.
PS: I did have experience with OpenVPN before and a running server already with Docker and nginx as reverse proxy.
I assume you’re talking about creating a VPN into your own personal network? Unless you have family or friends in a different country I fail see how you’re circumventing geo restrictions or gain anonymity on the internet.
Wrong assumption, you can install it on any other machine you have root access to, e.g. remote ssh. You can rent a server in another country and put your VPN server if that’s your need.
Don’t do this if you want to use a VPN to pirate stuff. It’s a fine suggestion for anything else, using a VPS w/self hosted VPN to provide a basic degree of anonymity.
I didn’t suggest it for any usage, solely that it’s easy to setup.
- server with
Does anyone have experience with the Mullvad, NymVPN, or AirVPN clients (if they exist) on Linux? I’m still mad Proton removed support for their Linux client and replaced it with an intern-level gnome-only taskbar applet. Also, do they support generating plain Wireguard configs?
I really like Mullvad. I can’t speak towards their app though I just export the configurations and import them to my distros networking settings so I can activate it more easily.
I don’t use the official client, but airvpn with pure wireguard works perfectly.
Yes, I use mullvad VPN on Linux. It works fine. You don’t need their client, of course, but it is good.
I can confirm that Mullvad VPN client works quite well on Linux.
The AirVPN client works well on Linux. They provide really good Linux support. https://airvpn.org/linux/
(if they exist) on Linux
secureblue is Linux.
Nice comparison. Thanks for sharing! Any reason NordVPN was excluded?
It isn’t open source.
However, their client software for Linux at least is:
I suggest adding AirVPN.
Are any of these good options for port forwarding? I’m currently using PIA and I’d rather not.
Proton VPN supports port forwarding. IVPN and Mullvad VPN do not. Mozilla VPN and NymVPN don’t explicitly state whether or not they do from what I found, so I’m not sure.
NymVPN doesn’t supports it. I asked their support. They have plans for the future.
If you are looking for reliable port forwarding consider Windscribe VPN.
Mozilla VPN is just mullvad so they do not
Oh boy, seems I missed something again. What’s wrong with PIA? I’ve been using them forever.
Oh, you know, the usual. Bought out by an Israeli spyware company.
I had the same dilemma after mullvad stopped allowing you to create port forwards. I switched to Proton which works fine but I’m curious what other options are out there. It can be hard to find the details about port forwarding, especially if it only works when using their app and not with openvpn/wireguard which is easier for running containers.
AirVPN lets you open 5 ports and allow p2p. Works with their app and openvpn/wireguard. I’ve been paying for it couple years now and I’m pretty happy with it
Nymvpn seams great! I’ve never heard of it either. I just hope it stays around and gets a name for itself.
Isn’t Mozilla VPN built on Mullvad? Also, why this instead of https://thatoneprivacysite.xyz/#detailed-vpn-comparison
Isn’t Mozilla VPN built on Mullvad?
Yes. That’s included in the comparison.
Also, why this instead of https://thatoneprivacysite.xyz/#detailed-vpn-comparison
They don’t include NymVPN.
This is great, thanks for sharing! You’ve got a few useful feedback points, let me add one more: does a provider have an onion address. This allows decoupling of payment from usage. Not a big thing, but good to know.
