#Security Your Internet

#Security Your Internet

6 best VPNs for BBC iPlayer that still work in 2018

Posted: 04 Jan 2018 10:05 AM PST

This article explains how to access BBC iPlayer abroad with a VPN and the best VPNs to use as not all will work.

bbc iplayer only in UK

BBC iPlayer lets viewers watch some of the best free and legal content on the web, ranging from TV shows and movies to live sports. Much of that content, however, can only be streamed on devices with a UK IP address. Due to content licensing restrictions, certain videos are restricted by geography.

The simple solution is to employ a VPN to unblock BBC iPlayer which will allow you to watch as normal from the USA or anywhere else abroad. Short for virtual private network, a VPN encrypts a device’s internet traffic before routing it through an intermediary server in a location of the user’s choosing. In the case of BBC iPlayer, the user just needs to pick a server in the UK.

But this workaround is getting less effective by the day as BBC iPlayer starts cracking down on the circumvention software. The site has followed in the footsteps of Netflix when it comes to banning VPN users. For this reason, it’s important to subscribe to a VPN that bypasses iPlayer’s firewall and will actively work to fix the problem if it gets blocked.

Often times only some servers from a specific VPN provider can accomplish this, so if one server is blocked for you then just try another or ask customer service which ones work.

We’ve curated the following list of the best VPNs for BBC iPlayer based on the following criteria:

  • Servers in the UK (the more the merrier!)
  • Not blocked by iPlayer as of time of writing (we’ll update this regularly)
  • Fast speeds
  • Fast and competent customer service

1. ExpressVPN
ExpressVPN pricing

ExpressVPN operates servers in six locations across the UK alone. We bypassed the geo-block to watch an episode of Blue Planet II with no issues. ExpressVPN is probably the most reliable when it comes to speed, consistently scoring among the fastest. It offers a 30-day money-back guarantee and claims thousands of customers use their service to watch iPlayer. Live chat support is available on the website 24 hours per day, so be sure to ping them in the event you have any issues.

ExpressVPN logs no identifying information and uses best-in-class security standards. It operates servers in over 90 countries, each optimized for maximum speed. If you want to watch iPlayer on a device that doesn’t natively support VPNs, ExpressVPN makes its own router firmware which customers can either download install free of charge or purchase with a pre-flashed router on the website.

Apps are available for Windows, MacOS, iOS, Android, Linux, and certain wifi routers.

READER DEAL: 3 months free and a 49% saving on ExpressVPN’s annual plan.

Read our full review of ExpressVPN here.

2. NordVPN
NordVPN 2 year plan

NordVPN operates a whopping 30 servers in the UK, and one of them is even optimized for “ultra fast TV.” Check the NordVPN website’s official knowledge base to find out which servers currently unblock BBC iPlayer. Live chat support can be contacted 24/7.

Speeds are decent and should allow you to stream in HD in most cases. Security is excellent thanks to strong encryption and a strict zero-logs policy. Servers are available in over 60 countries. NordVPN allows up to six simultaneous connections on a single subscription, making it a great option for a small household or office.

Apps are available for Windows, MacOS, iOS, and Android.

SAVE 72%: Nord have extended their popular deal which cuts 77% off the monthly cost. 

Read our full NordVPN review here.

3. IPVanish
IPVanish discounted plans

IPVanish boasts 47 servers in five locations across the UK and possibly the most locations of any VPN worldwide. It works well with BBC iPlayer and speeds are quick enough to keep buffer pauses at bay. Our only complaint is the lack of live customer support. Instead, customers must send an email. You can expect a replay within four hours.

IPVanish operates over 1,000 servers worldwide in total. It’s a favorite among Kodi users thanks to its remote-control friendly interface and easily downloadable APK file. It’s also the only worthwhile VPN available on the Amazon Fire TV app store.

Apps are available for Windows, MacOS, iOS, and Android.

EXCLUSIVE DEAL: Save up to 60% on IPVanish plans here.

Read our full review of IPVanish here.

4. CyberGhost Pro
cyberghost banner

CyberGhost Pro recently amped up its premium service on a number of fronts, including a slew of new servers and brand new unblocking capabilities for a number of streaming sites including Netflix US and BBC iPlayer. The Windows and Android apps even allow you to choose a server based on which streaming service you want to unblock, so there’s no need for trial and error or contacting customer service to figure out which server to use. Live chat is available during European working hours, though.

CyberGhost Pro uses great encryption standards and keeps to a no-logs policy. The apps come with a series of optional features such as malware blocking and anti-tracking. It scored well in our speed tests, so you should have no problem streaming the latest season of Peaky Blinders in HD.

Apps are available for Windows, MacOS, iOS, and Android. There is currently a whopping 74% off the price of the 2-year plan here.

Read our full CyberGhost Pro review.

5. VyprVPN
VyprVPN iPlayer

VyprVPN owns all of its own servers, including one in London. That’s not as much as the other VPNs on this list, but you can still expect excellent speeds for high quality video. Ripper Street streamed without missing a beat in our test. Both 24/7 live chat support and a ticket submissions system are available in case of trouble.

Robust encryption standards keep your activity hidden from prying eyes. VyprVPN doesn’t record your online activity, but it does log your real IP address, which might put off the most privacy conscious among us. For a bit extra, you can add the proprietary Chameleon protocol to your subscription, which adds a layer of obfuscation to make it more difficult for your ISP and hackers to identify whether you’re using a VPN.

Apps are available for Windows, MacOS, iOS, and Android.

Money-back guarantee: VyprVPN have a promotion with a 30 day money-back guarantee here.

Read our full VyprVPN review here.

6. PrivateVPNprivatevpn banner

PrivateVPN is a relative newcomer to the VPN space that has thus far impressed us with its excellent unblocking capabilities. It makes short work of BBC iPlayer’s VPN firewall, and also works with other streaming sites like Netflix and Hulu. Round-the-clock live chat support is at your disposal.

Speeds are excellent despite the comparatively small network of servers. Security doesn’t fall short, either, sporting 256-bit and 128-bit encryption options guarded with perfect forward secrecy. PrivateVPN stores no logs.

You can connect up to six devices on a single plan. Apps are available for Windows, MacOS, iOS, and Android.

GREAT VALUE: PrivateVPN is giving our readers 5 months extra free when you buy the annual plan, which is also discounted by 67%.

VPNs to avoid using with BBC iPlayer


This UK-based provider has given up details on customers leading to their arrest in the past. A VPN with poor logging policies located in the same country where the BBC is headquartered is probably best avoided.

Read our HideMyAss VPN review here.

Private Internet Access

Customers have complained about BBC iPlayer blocking Private Internet Access servers. PIA has said it does not officially support circumventing geolocks.

Read our full PIA VPN review here.

BBC iPlayer not working? Try this

Note that we can’t guarantee these VPNs will work on anything other than a web browser. Apps for iOS, Android, streaming media boxes, smart TVs, and game consoles can force a device onto your internet service provider’s DNS servers instead of the VPN’s. One way to get around this is to set up the VPN on your home wifi router or a virtual router instead of using the VPN app. Check out our tutorials on how to configure VPN-enabled virtual routers using both PC laptops and Macbooks.

Even after you connect with a VPN, BBC iPlayer might have stored your previous “location” in a cookie that’s still active. If you still see a warning that the content is not available in your location, you might need to clear your cookies. You can do this either in your browser settings or using an extension like EditThisCookie.

Sometimes when using a VPN, the BBC iPlayer page might not load at all and instead return an error page. If this is happening to you, you might need to flush your DNS cache. On Windows, type “cmd” into your search bar and open Command Prompt. Type in the following command and hit enter: ipconfig /flushdns. For Mac users, find the instructions for your version of OSX here.

Finally, clear any cached data that might allow iPlayer to see your real location. You can clean out your entire browser cache in the settings, but usually it’s enough to hold CTRL and hit F5 to perform a “hard” refresh.

What if I don’t have a UK TV license?

When watching BBC iPlayer, you might get a notification informing you that a UK TV license is required to watch any program on the site. When prompted, many sources report you can simply click “I have a TV license”.

BBC apparently depends on the honor system to keep viewers honest and does not require actual proof that the user has a TV license. This message was added to iPlayer’s terms of service in September 2016.

On January 1, BBC iPlayer says it will start prompting users for a valid UK post code. We’re not certain of how this mechanism will work, suffice to say it’s not very hard to Google a valid post code and copy/paste it into the input field.

Can I watch Planet Earth II on BBC iPlayer?

Yes, Planet Earth II and Blue Planet 2 are both on BBC iPlayer and available for free. It’s even in HD! Just make sure you have one of the VPNs above if you’re outside of the country. You’ll need plenty of bandwidth to watch the wildlife in stunning high definition.

The post 6 best VPNs for BBC iPlayer that still work in 2018 appeared first on Comparitech.

The best VPNs for Linux in 2018 (and the worst)

Posted: 04 Jan 2018 03:12 AM PST

ubuntuUbuntu, Fedora, OpenSUSE, and Mint users often get the short end of the stick when it comes to software, and VPN services are no different. Let’s be honest: Linux users are low on the priority list for most companies and developers. That’s why we set out to find the best VPN providers who have taken the time to give Linux fans some attention.

To connect to a VPN on Linux, OpenVPN, OpenConnect, and Network Manager are all popular options. But even better is a VPN provider with a plug-and-play native client. They require far less configuration and tend to come with more features and perks than their generic peers. That’s why every VPN we recommend in this list offers a slick app especially for you.

1. ExpressVPN

ExpressVPN Linux

ExpressVPN released its official Linux app in April 2016. It runs using a command-line interface rather than the desktop GUI available on Windows and Mac, but it’s still far easier than downloading and managing config files for each server. The server list is always kept up to date, and users can easily switch between UDP and TCP over the OpenVPN protocol. ExpressVPN costs a little more than some rivals, but it does offer a 30-day money back guarantee and clocked much faster speeds in our testing. ExpressVPN works on Ubuntu, Debian, Fedora, and CentOS.

ExpressVPN tops our list as it scores well in all key areas including privacy, speed and customer support. It is also the only VPN on this list that has consistently worked to unblock all content we have tested, including Netflix, Hulu, BBC iPlayer and HBO.

Update: ExpressVPN have made some notable improvements by allowing up to 3 simultaneous devices and introducing a kill switch.

DEAL ALERT: ExpressVPN is now more affordable after putting together an offer of 3 months extra free with their 12 month package here, this a 49% discount on the monthly plan. The 30-day money-back guarantee still applies so you can try it risk free and get a full refund for any reason.

Read our full review of ExpressVPN.

2. Private Internet Access

PIA logo

Private Internet Access (PIA) is one of our best reviewed VPN to date but does lose some points for not unblocking content such as Netflix and other geo-restricted content. It’s not pretty, but it’s remarkably affordable, lets you connect five simultaneous devices, offers acceptable (if not great) speeds, and is as secure as they come. PIA is one of the most popular premium VPNs among Linux users, and deservedly so. OpenVPN encrypted with 256-bit AES is the default protocol, but this can be tweaked to your heart’s content. PIA will work on both Debian and Fedora distros, but Fedora and OpenSUSE users will find the process a bit more complicated.

At the time of writing PIA is available for as little a $3.33 per month.

Read our full review of Private Internet Access.

3. AirVPN

AirVPN offers native Linux apps for Debian/Ubuntu and openSUSE/Fedora. These can be used through either the command line or a GUI. You won’t find more comprehensive security settings on a VPN client. AirVPN lets users activate a kill switch, connect using OpenVPN over SSH and SSL, and forward traffic through a number of alternative ports. Prices are mid-range.

Stay tuned for our full review of AirVPN.

4. Buffered

buffered logo

Based in Hungary, this relative newcomer offers three simultaneous connections, a no-logging policy, and a 30-day money back guarantee. Like ExpressVPN, it’s a bit on the expensive side. One cool perk is that the client can search for open ports on password-protected networks, allowing you to bypass those annoying login pages at hotels and airports. Servers are limited to 16 countries, but speeds are fast. Buffered works across most Linux distros.

Read our full Buffered review.

5. Mullvad

mullvad logo

Mullvad’s open-source Debian/Ubuntu client comes with an internet kill switch, DNS and IPv6 leak protection, and IPv6 routing. It keeps no logs–not even connection logs, so it’s airtight when it comes to security. It allows three simultaneous connections. Port forwarding is available for evading firewalls. The server selection is limited, but it’s quite affordable. Mullvad currently only offers a Debian/Ubuntu package.

Stay tuned for our full review of Mullvad.

VPNs that Linux users should avoid

Several tutorials out there will show you how to install OpenVPN. That’s great, because OpenVPN is probably the best VPN protocol on the market. However, OpenVPN is just a protocol and a client. It is not a VPN service in and of itself. You will still require a server or servers to connect to, and this is where many people run into privacy issues.

All of the above paid services we’ve listed above have zero-log policies, meaning they don’t monitor or record how you use the VPN. This means a hacker can’t breach the provider’s servers and find dirt on you, the company can’t sell your info to third parties, and law enforcement can’t coerce the company into giving up private info about customers.

With free VPNs, the reality is often very different. A company isn’t going to waste money hosting and maintaining a VPN server without expecting something in return. That’s why it’s very important to read up on a company’s privacy and logging policies before you connect.

Furthermore, stay away from VPN services that only offer a PPTP connection. PPTP is fast and simple to set up, but it contains several security vulnerabilities.


This free VPN service only uses PPTP connections, so it’s clearly not secure. The privacy policy is one sentence long and even that has typos in it. Granted, the one sentence claims the service doesn’t keep any traffic logs, but we’d hardly call that a policy.


Searching for a free VPN for Linux on Google might lead you to SecurityKISS. The company stores connection logs and IP addresses of users, a practice which privacy advocates frown upon. In the free version, your usage is capped at 300MB per day. In the paid version … well it doesn’t really matter because there are at least a half dozen better options.


Another mediocre VPN service that somehow weaseled its way into search results, USAIP’s latest Linux client only uses PPTP. It also doesn’t provide its own DNS servers or default to Google’s, which means your ISP can still monitor your activity. On top of that, it doesn’t disclose its logging policy.

A note on OpenVPN

Even if a VPN provider doesn’t make a dedicated native client for your Linux distro, almost all of them will provide configuration files that work with OpenVPN. All you need to do is download a config file for each server you want to connect to. This can get tedious if you like to have a lot of options, but it’s perfectly feasible.

OpenVPN is great, but the generic client isn’t as packed with features like DNS leak prevention and internet kill switches. Again, you can find scripts and packages that will take care of these for you, but we prefer the convenience of clients with all this stuff built in.

How to install and connect to OpenVPN on Linux

Here we’ll show you how to install the OpenVPN client on Ubuntu. Other distros, such as Mint and CentOS, should work similarly, but the commands might vary slightly.

  1. Open a terminal
  2. Type sudo apt-get install -y openvpn and hit Enter (depending on your distro, this might be sudo yum install openvpn)
  3. Type your admin password and hit Enter
  4. Type y and hit Enter to accept all dependencies and complete the installation.
  5. If you’re using Ubuntu 14.04 or earlier, type sudo apt-get install network-manager network-manager-openvpn network-manager-openvpn-gnome and hit Enter
  6. If you’re using Ubuntu 14.04 or earlier, type sudo apt-get install openvpn easy-rsa

Once OpenVPN is installed, you need config files. Usually you can download .ovpn config files from your VPN provider’s website. Each config file is associated with a particular server and location so grab a few of them for each location you want to connect to. Make sure to have backups in case a server goes down.

To connect via command line, which should work across most distros:

  1. With OpenVPN installed, type sudo openvpn –config in the terminal and hit Enter
  2. Drag and drop the .ovpn config file for the server you want to connect to into the terminal. The correct path will be automatically captured.
  3. Hit Enter and wait for the “Initialization Sequence Completed” message. You are now connected to the VPN. You can minimize the terminal window, but closing it will disconnect you from the VPN.

This is just one way to connect. You can also try the Ubuntu Network Manager or the OpenVPN GUI. These may require CA certificates and/or private keys from your VPN, so make sure those are available from the provider’s website.

How to make a VPN kill switch in Linux

In the event that the VPN connection unexpectedly drops, the computer will continue to send and receive traffic sent over your ISP’s unprotected network, possibly without you even noticing. To prevent this behavior, you can make yourself a simple kill switch that halts all internet traffic until the VPN connection is restored. We'll show you how to write some easy rules using iptables and the Ubuntu Ultimate Firewall (UFW) application.

First, create a startvpn.sh script that puts firewall rules in place. These firewall rules only allow traffic over the VPN's tun0 network interface, and they only allow traffic over that interface to go to your VPN's server.

$ cat startvpn.sh  sudo ufw default deny outgoing  sudo ufw default deny incoming  sudo ufw allow out on tun0 from any to any  sudo ufw allow out from any to # <-- note this is the IP from the "remote" field of your configuration file  sudo ufw enable  sudo ufw status  sudo openvpn client.conf &

Network traffic cannot pass over any other network interface with these firewall rules in place. When your VPN drops, it removes the tun0 interface from your system so there is no allowed interface left for traffic to pass, and the internet connection dies.

When the VPN session ends, we need to remove the rules to allow normal network traffic over our actual network interfaces. The simplest method is to disable UFW altogether. If you have existing UFW rules running normally, then you'll want to craft a more elegant tear down script instead. This one removes the firewall rules and then kills openvpn with a script called stopvpn.sh

$ cat stopvpn.sh  sudo ufw disable  sudo ufw status  sudo kill `ps -ef | grep openvpn | awk '{print $2}'`

If you use some other means to connect to your VPN, you can eliminate the last two lines of each script. In such a configuration, you will have to remember to manually run the startvpn.sh script prior to starting your VPN using some other method. Once your VPN session ends, remembering to run the stopvpn.sh script isn’t hard; you'll probably notice the lack of internet connectivity until you run it.

Which Linux distro is best for privacy?

If you’re concerned about privacy, switching from MacOS or Windows to any open-source Linux distro is already a step in the right direction. Apple and Microsoft both collect personal data from users on their respective operating systems. Both companies are known to cooperate with law enforcement and intelligence agencies like the NSA. Microsoft uses customers’ data to sell ads. Both OSes are closed source, meaning the public cannot peak at the source code to see where vulnerabilities or backdoors lie.

Linux, on the other hand, is open source and frequently audited by the security community. While Ubuntu once flirted with Amazon to monetize users, it and other distros are generally not out to make a buck by selling your data to third parties.

Not all Linux distros are created equally, however, and some are more secure than others. If you’re looking for a distro that functions as a day-to-day desktop replacement but is also built with privacy and security in mind, we recommend Ubuntu Privacy Remix. UPR is a Debian-based Ubuntu build that stores all user data on encrypted removable media, such as an external hard drive. The “non-manipulatable” OS is supposedly immune to malware infection.

You’ll still need a VPN to encrypt your internet connection. Most of the apps from the VPN providers above should work fine on UPR.

If UPR isn’t enough and you want to use your computer with complete anonymity, we recommend TAILS. Short for The Amnesiac Incognito Live System, TAILS is a Linux distro built by the same people who created the Tor network. TAILS is a live OS designed to be installed on and run from a USB drive or CD. It’s a hardened version of Linux that routes all internet traffic through the Tor network. It leaves no trace of ever being used after removing it from the device.

Making your own VPN

If you don’t trust commercial VPN providers or you just prefer a DIY solution, you could always roll your own VPN. You’ll need to set up your own server. Common options are virtual private cloud services like Amazon Web Services and Digital Ocean. A variety of tools at your disposal that will assist you in getting a homegrown VPN up and running:

  • OpenVPN
  • Streisand
  • Algo
  • SoftEther
  • StrongSwan

Each has its own pros and cons in terms of protocol, security, features, and ease of use. We’ve got a great tutorial on how to set up OpenVPN with a Linux client and Amazon EC2 Linux instance.

But even though rolling your VPN gives you full control over almost every aspect of how the VPN operates, there are some drawbacks. First, it’s much more difficult than using pre-existing servers and pre-configured apps. Secondly, if you’re using a cloud service like AWS or Digital Ocean, your data still passes through the hands of a third party. Third, you only get a single server and location to connect to.

Finally, and perhaps most importantly, rolling your own VPN likely means that only you and perhaps a handful of acquaintances will be using it. That makes it much easier to trace activity back to a specific person. Commercial VPNs, on the other hand, typically assign users shared IP addresses. Dozens and even hundreds of users can be pooled together under a single IP, effectively anonymizing traffic after it leaves the VPN server.

The post The best VPNs for Linux in 2018 (and the worst) appeared first on Comparitech.

Best VPN for US citizens to avoid the NSA and FBI

Posted: 02 Jan 2018 07:30 AM PST

american flag
The aim of many VPN users throughout much of the world is to tunnel into the United States by providing a US IP address. The US is, after all, the source of the world’s most popular entertainment, and much of it is only accessible online to those living there.

But US citizens also need VPNs, whether it be to unblock content or improve privacy. The needs of an American VPN user is probably a bit different than someone in a foreign country.

Americans are directly in the line of sight of intelligence agencies like the FBI and NSA. American corporations like Google and Apple monitor and gather information on users in the United States. As Edward Snowden revealed to the world, corporate and government espionage are often one and the same.

While those government agencies and private companies are global and spy on everyone, Americans fall under the direct jurisdiction of their authority, whereas users in other countries at least have a legal border between them.

Americans using VPNs, then, require greater security and less access to foreign content. Below we’ve chosen our favorite VPN providers that achieve this equilibrium based on the following criteria:

  • The provider is not based in the United States
  • No traffic logs are stored on the provider’s servers
  • Strong encryption, 128-bit AES or greater, is used by default
  • Shared IP addresses are used to preserve anonymity
  • Bonus points for anonymous payment methods, such as Bitcoin

1. ExpressVPN
expressvpn android 2

ExpressVPN uses AES 256-bit encryption with the OpenVPN protocol by default. No traffic logs are kept that show the content of user activity, but some metadata is recorded. The company is incorporated in the British Virgin Islands, beyond the jurisdiction of the US government (and UK government, in case you were wondering). All servers use shared IPs, so you share an IP address with hundreds of other users. The company accepts payment in Bitcoin in addition to credit card and PayPal. Apps are available for Windows, MacOS, Android, iOS, Linux (command line), and certain routers.

ExpressVPN has a 30 day money-back guarantee so you can try it risk free. They have also offered our readers 3 months extra free here with 12 month plans.

Read our full ExpressVPN Review.

2. NordVPN
nordvpn android app

NordVPN is a Panama-based VPN provider with a reputation for security. That includes double-hop servers that route your traffic through two VPNs and a Tor over VPN option that sends traffic through the Tor network upon exiting the VPN server. Most IPs are shared but some dedicated IP servers are also available if needed. The OpenVPN protocol uses 256-bit encryption standard. NordVPN accepts Bitcoin payments, and it’s one of the best values any VPN provider offers. Apps are available for Windows, MacOS, Android, and iOS.

Read our full NordVPN review or get 52% of their 12 month plan here.

3. AirVPN

If you can live with the ugly interface and poor usability AirVPN has no equal when it comes to security. Only the OpenVPN protocol is supported. For added privacy, OpenVPN encapsulated in SSH and SSL are on offer. DNS leak protection, DNS routing, a kill switch, and port forwarding can all be tweaked in the settings. Zero logs are recorded. The company is based in Italy. The app is targeted at more advanced users, but it shouldn’t be too difficult for a novice to get a grasp of. AirVPN accepts bitcoin. Apps are available for Windows, MacOS, Android, iOS, and Linux.

Stay tuned for our full review of AirVPN.

4. PureVPN
PureVPN logo

PureVPN, a Hong Kong-based provider, does not keep any traffic or metadata logs save for a timestamp for when the user connects and how much bandwidth they use. A huge range of servers are available, all of which use shared IP addresses. OpenVPN is not supported in PureVPN’s apps, but it can be manually configured using a third-party app. Otherwise, we recommend L2TP or SSTP, both of which utilize 128-bit encryption. PureVPN accepts bitcoin as payment. Apps are available for Windows, MacOS, Android, and iOS.

At the time of writing PureVPN is running some great seasonal deals.

Read our full PureVPN Review.

5. Buffered
buffered servers and connected

Hungary-based Buffered doesn’t keep traffic logs, but it does record the user’s IP address, time connected, and connection duration. DNS leak protection works well, but there’s no kill switch. 256-bit encrypted OpenVPN connections are standard. The desktop app is novice friendly, but mobile users will have to opt for a third-party app until the company eventually releases Android and iOS versions. All server IP addresses are shared. Unfortunately, Buffered does not accept Bitcoin. Apps are available for Windows and MacOS.

Like ExpressVPN, Buffered offer a 30 day money-back guarantee. Read our full Buffered review.

Good VPNs that are based in the US

Due to privacy concerns, we filtered out several VPNs from this list because they are based in the United States. That doesn’t make them bad VPNs by any means, but the fact that the NSA or FBI could come knocking on their doors doesn’t inspire confidence, even if they advertise a no-logging policy.

If US intelligence agencies aren’t a concern for you, there are several other US-based VPNs worth considering:

Other than being based in the US, these VPNs meet all of our other criteria. If you trust them not to store any usage logs, then they shouldn’t have any information to give to law enforcement and intelligence agencies in the first place.

VPNs that Americans should avoid


Hola is a peer-to-peer VPN that allows other members to utilize your unused bandwidth. It does not operate its own servers. This is a privacy problem, especially because Hola isn’t very transparent about it. The company allegedly took advantage of all its users’ network power to create a botnet and attack websites in the past. Because internet service providers often impose data caps in the US, and because of blatant privacy issues, we recommend avoiding Hola.


HideMyAss is based in the UK. Because the US is good buddies with the UK, it’s not a good option for those hoping to avoid national intelligence agencies. HideMyAss infamously gave up user logs to British authorities that led to the arrest of a LulzSec hacker. HMA says it never logs the contents of its users’ internet traffic, but it does store detailed metadata logs that include users’ real IP addresses, which was enough for law enforcement to eventually jail LulzSec hacker Cody Kretsinger following his involvement in a cyber attack on Sony Pictures.

“Free” VPNs

Several free VPN services will try to entice you after a quick app store or Google search, but be wary of them. First off, they are typically slow, cap your data, and limit bandwidth to save resources. Secondly, they have poor logging policies and security. Finally, many free VPNs make money by injecting advertisements into users’ browsers, which actually decreases your privacy.

Blackout restrictions

Even though Americans typically have the best pick of content, they are faced with one persistent form of geo-blocking: blackouts.

Blackouts restrictions usually apply to live streaming video, especially sports. Even if you have a subscription to a legal online streaming service, such as MLB.tv for baseball, local teams are often unwatchable online. That’s because the broadcast rights to local games are often bought up by regional TV stations, and online streaming services are barred from competing.

VPNs circumvent this problem. By simply connecting to another location in the United States where the particular event is not blacked out, the stream can be unblocked. Just make sure you’re using one of our recommended VPNs to ensure you have enough data and bandwidth to get decent quality video without constant buffering.

Check out our detailed tutorials on how to bypass blackout restrictions for MLB baseball, NHL hockey, and NFL football with a VPN and Kodi, a free home theater software.

Detroit 2-8-09” by Michael Kumm licensed under CC BY 2.0

The post Best VPN for US citizens to avoid the NSA and FBI appeared first on Comparitech.

What’s the Best VPN for China? 5 that still work in 2018 (and some that don’t)

Posted: 31 Dec 2017 11:16 AM PST

great wall of china
Last updated: December 31, 2017

China’s advanced online censorship system, known as the Great Firewall, has made it a hotspot for VPN users. Both expats and native Chinese use VPNs to circumvent blocked sites and apps like Facebook, Google services, Tinder, western news media, Netflix, and even Comparitech.

For many expats in China, VPNs are a daily necessity, and reliability trumps all other factors. The Great Firewall occasionally takes aims at VPN services, blocking their servers and throttling bandwidth. The VPNs that persist in the face of repeated efforts to stifle them find favor among foreigners.

Using a VPN is not technically illegal in China–in my three years of living there I’ve never heard of a single person being arrested for using one. The goal of the authorities is to censor, not to punish.

Our main considerations when curating this list include factors we believe are of utmost importance to VPN users in China. The top priorities are reliability, customer support, speed, and range of servers (especially in Asia). Keep in mind that all VPNs get blocked by the GFW from time to time. A quick look through comments on Beijing or Shanghai expat forums will reveal that none are perfect. But these are the VPNs that have proven themselves against a well-armed adversary.

Tip: Many VPN websites are blocked in China, even though the VPN itself will work, so it is best to sign-up to your chosen VPN before visiting China if you are not currently residing there.

1. ExpressVPN
expressvpn location picker

ExpressVPN is possibly the most popular VPN in China, particularly since Astrill’s ability to evade the Great Firewall has been patchy since early 2017. Express is not the cheapest VPN on this list, but it remains popular among users in China for good reason. It has a huge range of server locations, excellent and consistent speeds, allows three simultaneous connections, offers 24/7 live chat support and claims 99.9% uptime. The ExpressVPN app works across all major desktop and mobile platforms and is very simple to use. That includes Windows, MacOS, iOS, Android, Linux (command line), and compatible routers. Torrenting is allowed on all servers, and Express usually has a handful of servers that work with Netflix. If you’re only visiting China for a short period, consider the 30-day money-back guarantee.

READER DEAL: ExpressVPN have put together an offer that gives our readers 3 months extra free with 12 month plans here (30-day money back guarantee still applies so you can try it risk free).

Read our full review of ExpressVPN here.

2. NordVPNnordvpn ios

NordVPN recently announced it now works from China, which is good news especially for Beijingers and Shanghaiists who want a lot of simultaneous connections for a low price. NordVPN offers great bang for your buck, offering six simultaneous connections on one inexpensive subscription. It can also unblock streaming sites like Netflix US and Hulu, which block most other VPN connections. Torrenting is tolerated, and servers are available in more than 60 countries. NordPVN keeps zero logs of user activity and maintains strong encryption standards. Some servers are specialized with speed and security optimizations like anti-DDoS, ultra-fast streaming, double VPN, and Tor over VPN.

Both desktop apps–Windows and MacOS–work in China. Android users should opt for the beta version of the newest app. Unfortunately, NordVPN’s iOS app cannot evade the Great Firewall at this time.

Read our full NordVPN review.

Deal alert: Our readers can save a huge 72% on NordVPN’s 2 year deal here.

 3. Astrill

When I lived in China, I mostly used Astrill. Individual plans are available if you only use one device, or get a family plan for a few dollars more and connect every laptop and phone in the house. The app is great, allowing users to either connect to a simple HTTP proxy in a couple seconds or opt for a full VPN connection. Download speeds are solid enough to stream video if you pick a server without a heavy load. Subscribers get many locations to choose from. The live phone and chat support teams are experienced dealing with customers in China. Prices are mid-range with a lot of optional add-ons. A free seven-day free trial is available upon signing up. Update, October 5, 2016: We’ve had reports that Astrill is no longer consistently the effective solution it once was as a workaround to Chinese online censorship. We recommend you opt for one of the other VPNs in this list.

3. StrongVPN
strong vpn client

StrongVPN is another long-time favorite among expats and travellers in China. It offers over a dozen server locations in the United States alone, although other countries are more limited. We aren’t huge fans of the desktop app and there’s no OpenVPN option, but the L2TP and SSTP protocols work well enough. Speed and uptime are reliable and the company is small enough to sometimes be overlooked by censors while the bigger companies get hammered. Prices are mid-range, about the same as Astrill but with fewer paid extras. Each subscription comes with a 5-day money-back guarantee. The support team is available 24/7/365 but can only be reached via an online form. Apps are available for Windows, MacOS, iOS, and Android. Update, Decemeber 31, 2017: StrongVPN has a 41% discount on it’s annual plan as standard, there is a further 15% discount available here by following the link and applying the coupon code ‘SAVE15’ at checkout.

Update: StrongVPN has informed us that OpenVPN is available on certain locations, including the San Francisco servers.

4. VyprVPN
vyprvpn ios

VyprVPN is one of the few tier-1 VPN networks with support for users in China, meaning it owns all of its own servers and doesn’t rent them. That equates to fast, consistent speeds and excellent uptime. The Pro version includes a proprietary “Chameleon” protocol that masks VPN traffic to make it less susceptible to the Great Firewall’s deep packet inspection technology. It’s on the expensive side, but residents of China will be happy to know the company accepts payments from Alipay, a popular payment gateway in the country similar to PayPal. VyprVPN offers a decent number of locations. Live chat support is available. Our only complaint is with some of VyprVPN’s less-than-private logging policies, so frequent torrenters and Popcorn Time VPN users might want to look elsewhere. Apps are available for Windows, MacOS, iOS, and Android.

Check out our full review of VyprVPN here and try it with a 30 day money-back guarantee here.

5. Buffered
buffered servers and connected

Hungary-based Buffered offers a super simple app for Windows and MacOS that the company claims can get past the Great Firewall. Unfortunately, no mobile apps are available yet, but iOS and Android devices can still be set up manually using an OpenVPN app.  Up to five devices can be connected simultaneously on a single account, making Buffered a solid option for a family or group of housemates. Speed is reliable and connections rarely drop. The company operates servers in 37 countries, including several in the Asia Pacific region. Apps are available for Windows and MacOS.  Update, December 24 2017: We’ve had several reports that Buffered is no longer consistently working in China so recommend you opt for one of the other VPNs in this list.

Read our full review of Buffered or take advantage of their 30 day money-back guarantee to try it risk free here.

VPNs to avoid in China

Private Internet Access

While we praised PIA overall in our review, the company admits it has trouble maintaining connections in and out of China.


Users report poor quality, slow connections from China on HideMyAss. The company is also notorious for substandard logging policies that have gotten users in trouble with authorities in the past.

VPN Gate

This free university-run peer-to-peer network of volunteer VPN nodes was created as an experiment and as a way to circumvent censorship. I used it for a while in Beijing a couple years ago, but it has since stopped working.

VPN not working in China? Try this:

Even if you have a good VPN in China, they occasionally get blocked. There are a few steps you can take to get up and running again:

  • Change your server
  • Change your VPN protocol
  • Port forward to port 433 (SSL)

The SSTP protocol for Windows uses port 433 by default, making it a good option for VPNs that support it including ExpressVPN and StrongVPN. Because blocking port 443 altogether would disrupt the internet–every website that uses HTTPS would be inaccessible–it’s highly unlikely that China would block all traffic on port 443.

Non-VPN methods to evading the Great Firewall

VPNs are the tried-and-true method for bypassing the GFW, but there are a few other methods that work with limited success.

  • Lantern, a free peer-to-peer internet circumvention software, has grown quite popular. It uses a volunteer peer-to-peer tunneling network with exit points outside of China.
  • Tor reportedly works with a bit of advanced configuration, however it won’t work out of the box. Tor exit points are fairly easy for the Great Firewall to identify and block. You’ll need to set up bridges.
  • Some SOCKS proxy applications such as Shadowsocks apparently work, but don’t expect great speeds or privacy. There’s also Surge for iOS, but it’s built for developers so don’t expect a very intuitive UI.

VPNs into China

If you’re outside China looking in and need a VPN with servers on the mainland, your options are pretty limited:

  • PureVPN is our top recommendation, with servers in Beijing, Shanghai and Guangdong. Users inside of China report mixed results for tunneling past the GFW, though.
  • EarthVPN and Astrill both have at least one server running in China.
  • FlyVPN and SenVPN run a few servers each in China, but Comparitech has not tested these and cannot vouch for them at this time.
  • HideMyAss has a server in China, but we would only recommend it as an absolute last resort.

For more information on using a VPN to tunnel into the mainland, check out our tutorial on how to watch Youku from outside China.

Blocked sites and apps in China

This is not by any means an exhaustive list, but you can unblock the following websites and apps by using a VPN in China:

  • All Google services (Gmail, Translate, Search, Drive, Play Store, etc)
  • Facebook
  • Youtube
  • Twitter
  • News media
  • Instagram
  • Tinder
  • Snapchat
  • Dropbox
  • Github
  • Vimeo
  • Soundcloud
  • Flickr
  • Skype
  • WhatsApp

October 2017 update: WhatsApp is now fully blocked in China. After brief service disruptions during which users were unable to send photos and videos, China has now completely blocked the world’s most popular messaging app including normal text messages. The block coincides with the 19th National Congress of the Chinese Communist Party. Censorship is often ramped up prior to such events.

A VPN will unblock all of the sites and apps listed here, including WhatsApp.

What is the Great Firewall?

The Great Firewall is the unofficial nickname for China’s advanced internet censorship system. Officially called the Golden Shield project, state-owned internet service providers restrict all internet traffic to and from China to just a handful of access points.

This gives authorities the means to monitor and restrict access to content outside the country. The Great Firewall utilizes a combination of methods to censor the web including IP blocking, DNS tampering, keyword filtering, deep packet inspection, URL filtering, and manual enforcement.

IP blocking is a simple matter of blacklisting the IP address of a server hosting a website. DNS tampering involves modifying the entry of a DNS cache so that a URL–such as www.comparitech.com–is resolved into the wrong IP address. Keyword filtering mechanisms scan search queries, messages, and web page requests for sensitive words and phrases. ISPs can prevent unwanted communication by hijacking DNS requests containing sensitive keywords and injecting altered DNS replies. Deep packet inspection, or packet filtering, can scan internet traffic for sensitive keywords or determine if a packet has been encrypted using a VPN protocol. Manual enforcement involves using China’s 50,000-strong internet police force to find and block IP addresses and URLs.

To handle all of the internet traffic between the world’s most populous country to the outside world, complex intrusion detection systems (IDS) create copies of packets and pass them to filtering devices so that traffic flow isn't interrupted.

Most websites blocked by the Great Firewall remain blocked permanently, but some are only blocked temporarily. Because it is implemented on all the major access points for internet traffic in and out of the country, the Great Firewall can throttle international traffic to a crawl. This often happens after a government scandal, during anti-government protests, and every year around June 4, the anniversary of the 1989 Tiananmen Square massacre.

Furthermore, websites that are blocked in one province might not be blocked in another province. This indicates internet censorship often begins at a lower level of government, and isn’t uniform nationwide. Tibet and Xinjiang, two western Chinese provinces known for insurrection and rebellion, have extremely limited internet access for only a few hours per day.

Are VPNs legal in China? (January 2017 update)

Yes, using a VPN is still legal in China.

Lately we’ve seen a lot of poorly-worded headlines suggesting otherwise. In January 2017, a Chinese government ministry issued a notice announcing a campaign to crack down on VPN and special cable services throughout the country until March 31, 2018.

The notice does not say using a VPN is a crime. I cannot stress this enough, because this important point has been repeatedly misinterpreted by western media.

The notice says that VPN providers cannot legally operate in China without government approval. It does not affect VPN users in any legal way, so far as we can tell. It might result in VPN servers getting blocked more often, however, so expect more frequent downtime in the coming months.

No sane VPN provider maintains an official presence in China. Most do not have offices, employees, or servers on the mainland. That means they operate outside of the jurisdiction of Chinese authorities and do not require approval from the Chinese government to legally operate. Still, they might well be targeted for censorship by the Great Firewall if the government follows through on its threat.

There is no precedent on record of anyone being arrested, fined, or detained for using a VPN. Because VPN use in China is so widespread, especially among academics and expatriates, this is unlikely to change.

Will China block all VPNs by 2018?

In July 2017, a Bloomberg report citing anonymous sources said the Chinese government has ordered the country’s three major internet and mobile carriers–China Mobile, China Telecom, and China Unicom–to block individual access to VPNs by February 1, 2018. If true and enforced, the crackdown would block all access to VPN services used to circumvent the Great Firewall.

Update: China’s Ministry of Industry and Information Technology has called the Bloomberg article “false,” and says this year it has only blocked unauthorized VPNs used to conduct illegal business.

Even if Bloomberg’s sources are reliable, it wouldn’t be the first time we’ve seen such rhetoric espoused by Chinese authorities. In truth, China already blacklists the IP addresses and domains of known VPN servers outside the country at infrequent intervals. In the past, these actions have caused some VPNs like Astrill to be almost completely shut down for users on the mainland. Most, however, only suffer temporary downtime until they’ve had a chance to update their software and server addresses.

While there’s always a chance that this could be “the big one” that blocks any and all VPNs indefinitely, we reckon it’s more likely to cause partial, temporary outages across the board. So don’t fret quite yet. The odds are that VPN users inside China will still be able to bypass the Great Firewall, although some might have to endure some service outages or change providers.

All of the VPNs we recommend in this list have been operating in China for a long time. They have learned how to evade blocks and other obstacles thrown at them by the Great Firewall. We don’t see that coming to an end any time soon.

When is your VPN likely to get blocked in China?

The Great Firewall can block VPN servers at any time, but blocks tend to happen in waves. Blocking a single server’s IP address isn’t very effective because users can simply switch to a different server. So China tends to gather a list of several VPN servers and block them all at once.

This often happens around events that draw a large amount of political attention to China. One consistent example is every year on or around June 4, the anniversary of the 1989 Tiananmen Square massacre, a dark stain on the Chinese Communist Party’s reputation of which every mention is scrubbed from the country’s internet.

During large government meetings and summits, such as the recent Belt and Road Summit in May. To quell political dissent leading up to and during these events, it’s common for many websites, VPN servers, and other content and services to be added to the Great Firewall’s blacklist.

Sometimes the new restrictions are permanent, and other times they are temporary. But VPN providers are usually able to resume normal operations within a few days.

Google Play and Android in China

Google Play, like all other Google services, is blocked in China. That means you might not be able to access the Android version of your VPN provider’s app.

Instead of Google Play, Android users in China are forced to use third-party app stores. There are tons of them, but they probably don’t have the app you’re looking for, either. Recently, China ordered domestic app stores to remove VPN apps from their listings, but even before that the chances of finding your VPN app were minimal.

If you have an Android device and plan on going to China, we strongly recommend you get your VPN app and subscription before your trip. If you’re already behind the firewall, check your provider’s website to see if they have an APK file available for direct download. An APK file is the installer for an Android app. You will need to allow apps from unknown sources in your device’s settings to be able to install using an APK. Also note that if you install an APK file, the app will not automatically update.

Be wary of APK files from third-party app stores and download sites that aren’t either Google Play or the VPN’s official website. APKs downloaded from third parties are often modified to carry malware and other nasty stuff.

If you’re in China and you have a VPN on your desktop or laptop but not your Android phone, you can try sideloading the app. There are many ways to do this, but the simplest is to download the APK file onto your computer, then move it into your Android device’s Downloads folder via USB cable. Then you can easily access the APK on your phone and install it.

iOS and the App Store in China

Unlike Google, Apple has been allowed to operate its own app store within China. But to do so, it must abide by Chinese laws and regulations. That means when Chinese authorities request for an app to be removed from the App Store, Apple must remove it if it wants to maintain a presence in the country.

In late July 2017, the realities of this arrangement hit home with VPN users. Apple has removed several VPN apps from the Chinese version of the App Store, including ExpressVPN and VyprVPN, among others. This comes on the heels of a regulatory notice earlier in the year announcing a crackdown on VPN services operating within China without a license.

Regrettably, Apple is now complicit in censorship VPN apps that allow access to blocked content in China. China has enlisted Apple in ensuring that users searching for VPN apps on the App Store will not be able to find them.

If you set up your iCloud and/or iTunes Connect in another country, you will still be able to find, download, and update VPN apps. They should continue to work even if you are inside China.

If you set up your iPhone or iPad from within China and connected it to the Chinese App Store, however, you will likely be unable to find or download the VPN you need. The solution to this is to change the location of your Apple accounts. To do this, however, you will need a form of payment native to another country. If you don’t have this, you can try purchasing an iTunes gift card from another country and using that as a payment method.

Great Wall of China” by Keith Roper licensed under CC BY 2.0

The post What’s the Best VPN for China? 5 that still work in 2018 (and some that don’t) appeared first on Comparitech.

Netflix proxy error Fix – Here are 9 VPNs that still work in 2018

Posted: 31 Dec 2017 02:27 AM PST

Netflix VPNs working in 2017
Last updated December 31, 2017.

If you’ve been left frustrated by the dreaded Netflix proxy error message then your not alone and thankfully there is a workaround. Ever since Netflix implemented its overseas VPN ban–preventing customers from accessing its US, UK, and Canadian show catalogs from abroad–VPN providers and users alike have been scrambling for a solution.

When connected to most VPNs, Netflix gives the following error, accompanied by error code m7111-1331-5059:

"Whoops, something went wrong.Streaming error.You seem to be using an unblocker or proxy. Please turn off any of these services and try again."

The battle between Netflix, customers, and VPN providers rages on and viable alternatives are still very much in flux. VPN providers are engaged in a game of cat-and-mouse with Netflix. A server that works today may get blocked tomorrow, while a new servers and IPs are constantly being added.

That said, we’ve come up with a list of VPN providers that offer some means of bypassing Netlix’s proxy error message. Many of them require contacting customer service for a fix. Some only work when watching in a web browser, and not with the native Netflix app. Here are our top picks for the best VPNs for Netflix last tested and confirmed and working on December 31, 2017:

1. ExpressVPN

ExpressVPN works with Netflix

  • Unblocks US Netflix in web browser: Yes
  • Unblocks US Netflix App: Yes

Our preferred option. Speeds are fast, stable, and every subscription comes with a 30-day money-back guarantee so you can try it risk free. ExpressVPN does indeed bypass the Netflix ban on a couple server locations . These servers may change over time and we don't want to draw undue attention to them, suffice to say they do stream video from US Netflix in good quality from out of country. We recommend subscribers hop on the 24/7 live chat support available on the ExpressVPN website and ask what servers to use. We got a response in about two minutes! Best of all, ExpressVPN is one of the few providers on this list that consistently works with the Netflix iOS and Android apps. That means you can watch US Netflix on an iPhone, iPad, Android smartphone, or Android tablet.

Read our full review of ExpressVPN.

BEST FOR NETFLIX: Get 3 months free on ExpressVPN’s annual plan & save 49%


2. NordVPNnordvpn android app

  • Unblocks US Netflix in browser: Yes
  • Unblocks US Netflix app: Yes

NordVPN has informed us it offers Netflix-optimized servers that do not require any special configuration on the customer's side. In our testing, even the servers that say they work with Netflix in the app might get blocked, anyway. You can find out which servers work with Netflix on this help page or by contacting customer support. There you'll find how to use NordVPN to watch US Netflix in a browser, on iOS and Android, and on a router.

CYBER MONTH DEAL: Save 77% on a 3 year plan here with NordVPN’s which brings the monthly cost down just $2.75. Deal ends November 30, 2017.

3. PrivateVPN

PrivateVPN App Netflix

  • Unblocks US Netflix in browser: Yes
  • Unblocks US Netflix app: Yes

Despite having a smaller network of servers to work with, PrivateVPN unblocked US Netflix both on mobile and desktop platforms in our tests. That includes the Netflix apps for Android and iOS. Not all servers worked all of the time, but the company keeps a list of currently working servers that in our experience is never empty. PrivateVPN scored well in our speed tests, meaning you can continue to stream your favorite Netflix shows in high definition. You'll also get a zero logs service, up to six simultaneous connections, and live chat support.

EXCLUSIVE DEAL: Comparitech readers get a 57% discount plus 5 months free with the annual plan.

Read our full PrivateVPN review.

4. StrongVPNstrong vpn client

Update: Some readers have alerted us that StrongVPN is no longer working with US Netflix. We will test as soon as possible and update this article shortly. 

  • Unblocks US Netflix in browser: Yes
  • Unblocks US Netflix app: No

All but two US servers–Miami and Atlanta–bypass the Netflix proxy error when using StrongVPN. This is a particularly good option for Netflix customers in China, as StrongVPN has long been a top choice among expats there and caters well to them. You can also watch Dutch and UK Netflix using StrongVPN from outside of Holland and the UK, respectively. The only downside is that OpenVPN won’t work. We were instructed to use PPTP, which is not a secure protocol, but SSTP also worked when we tested it.  At the time of writing, StrongVPN offers a 5-day money-back guarantee and 41% off their 12 month package as standard, there’s a further 15% saving on all plans here and by applying the discount code ‘SAVE15’ at checkout. If you’re happy accessing Netflix via a web browser and don’t need it on a mobile device StrongVPN is a good choice.

5 . VyprVPNvyprvpn android

  • Unblocks US Netflix in browser: Yes
  • Unblocks US Netflix app: No

VyprVPN now works with US Netflix again after a brief hiatus. We were able to log in and stream without any issues from a US server as we normally would without any configuration changes from the default OpenVPN setup. Not all servers work, but some do. We unblocked US Netflix both in Chrome browser and on the Netflix Android app. VyprVPN are currently running an offer with a 30 day money back guarantee on all plans here so you can try it risk free. VyprVPN works with Netflix in a browser but not with the mobile app. If you want to view Netflix on a mobile or tablet, we recommend ExpressVPN or NordVPN.

6. Cyberghost

cyCyberghost Netflix streaming

  • Unblocks US Netflix in web browser: Yes
  • Unblocks US Netflix App: Yes

CyberGhost is now under new ownership and the provider has clearly ramped up its operation with a deluge of new servers and locations. Among them is a dedicated Netflix streaming feature which you can select from the streaming menu in the app. No need to contact customer support or try random servers and hope for the best–the feature is clearly labeled and just works. Users can give instant feedback by clicking a thumbs up or thumbs down to let staff know if the server has been blocked or not. We tested on both desktop and mobile and didn’t encounter any issues.
CyberGhost also offers great speeds, top-notch security, a no-logs policy, and fast customer support. Apps are available for Windows, MacOS, iOS, and Android.

SAVE 74%: Our readers who subscribe to this CyberGhost deal can get the two-year plan for just a quarter of the normal price.

7. SaferVPNsafervpn new windows

  • Unblocks US Netflix in browser: Yes
  • Unblocks US Netflix app: No

SaferVPN recently added a "US Streaming" server to its list of locations. When connected to this server, SaferVPN unblocks Netflix in a web browser. In our tests, only desktop web browsers were affected, and SaferVPN could not unblock the Netflix mobile app. If you only watch Netflix in Chrome or Firefox, SaferVPN is a good option thanks to its extremely fast servers.

Deal alert: You can save a huge 80% on the 2 year plan here

Read our full SaferVPN review.

8. LiquidVPNliquidvpn android

Update October 12, 2017: LiquidVPN stopped working to unblock Nettflix but appears to now be working once more.

LiquidVPN skirted the Netflix firewall without issue when connected to US servers in our testing, even though it doesn’t officially claim to do so. Fast speeds ensure high quality streaming without buffering. The apps are novice-friendly and come packed with some great security features, including both static, dynamic, and modulating IP addresses. Update, November 18, 2016: We’ve had a few comments that LiquidVPN is not working with Netflix, if you contact their customer support they are usually quick at resolving any issues and can direct you to the best servers to use. Some of these issues are due to Netflix only working in a browser and not via the mobile app with LiquidVPN. If you want to view Netflix on a mobile or tablet ExpressVPN is your best bet since this isn’t supported by LiquidVPN.

Read our full review of LiquidVPN here.

9. HideMyAss

  • Last tested: June 26, 2017
  • Unblocks US Netflix in browser: Yes
  • Unblocks US Netflix app: Yes

HideMyAss recently added a server specifically for users who want to unblock US Netflix. We have tested it and confirmed it works on both desktop browser and Netflix's mobile app on Android and iOS, however we found speeds to be frustratingly slow. We recommend you contact HMA's customer support to ask which server to use and troubleshoot any issues you might have connecting, as you might need to change some other settings on your device as well. The same server also unblocks Hulu. Note that HMA is based in the UK, a country with strict data retention laws for service providers, and it has a history of logging customer browsing data that allegedly resulted in the arrest of one of its users. You can use HideMyAss to unblock Netflix, but privacy-conscious users should look elsewhere.

HideMyAss discounted deal: Save 43% here on HMA’s annual plan


VPNs and Smart DNS providers that DO NOT work with Netflix


As of July 5, 2016, like most smart DNS services, IronSocket is now struggling with the Netflix ban and will only work on certain devices, if it all. We recommend opting for one of the VPNs listed above instead.


As of July 5, 2016, Unblock-Us says it will not work on all devices. We’re recommending users go for one of the VPNs listed in this article instead since they have, on the most part, consistently worked during our testing. Update, November 17, 2016: Unblock-Us is now working with Netflix. We have tested this and can confirm that Unblock-Us is evading the Netflix Ban although it won’t work with the Netflix App on mobile devices.


As of July 4, 2016, Unlocator is not working with Netflix anymore. We’ve have official confirmation from the company that Unlocator is blocked by Netflix. We understand a solution is being worked on but were not given a date for when this will be available.

Private Internet Access

PIA has said it does not officially support circumventing geoblocks, and it does not currently work with Netflix.


PureVPN has informed us directly that is does not support unblocking.


IPVanish has recently given up the fight against Netflix and has informed us it no longer can bypass the firewall. IPVanish may not work with Netflix but is a very popular choice for torrenting, due to its fast speeds and zero log policy. With a growing number of customers frustrated by the Netflix VPN ban, more and more are turning to torrenting.


Buffered previously was able to unblock Netflix in a web browser on MacOS and Windows, but this is no longer the case as of September 2017. A customer support rep told us, “As of the moment, we are unable to access Netflix US with any of our servers. A fix is being worked on and should be forthcoming fairly shortly. We have no update though as of yet.”



Despite Unotelly openly stating it was “confident that we can continue to deliver quality service to our loyal and supportive users” when it comes to Netflix, Unotelly has been unable to unblock the streaming service since the first half of 2016.


Hola won’t unblock Netflix, and you shouldn’t be using it anyway. The company has a sordid history of abusing members of its peer-to-peer VPN-ish network to distribute pirated materials, pornography, and even carry out distributed denial-of-service (DDoS) attacks on websites.


Tunnelbear makes no mention of Netflix on its website, and searching for it in the VPN’s knowledgebase points to a troubleshooting article about how to get around geographic restrictions. But no amount of troubleshooting will help Tunnelbear users unblock Netflix at this time.


GetFlix is a smart DNS proxy service that made its debut heralding a fast and cheap means to unblock Netflix. That didn’t last long, and now the company is stuck with an embarrassing name that brings up painful reminders of when its users were blocked a few months later.


HideIPVPN announced in 2016 that neither its VPN nor its smart DNS proxy service would continue to unblock Netflix. “[…] as stated in our ToS we cannot guarantee that, you will be able to access specific websites or services. For now that is the case with Netflix.”


Netflix intermittently blocked Overplay’s smart DNS proxy and VPN services for about a year starting in 2016. Now the company seems to have given up the fight, scrubbing its website of any mention of Netflix.


Netflix put Blockless’ name to the test in 2016. It failed.

Hotspot Shield

Among a myriad of other reasons you should not be using Hotspot Shield, the fact that it can’t unblock Netflix is pretty low on the list. In a recent FTC complaint, the provider stands accused of hijacking HTTP requests and redirecting users to affiliate sites. It also injects tracking cookies into users browsers. Keep away.


CactusVPN announced in July 2016 that it would wave the white flag of surrender in the war on Netflix. “Unfortunately we can't compare to Netflix's resource so we have to admit: starting today, CactusVPN does not unblock Netflix with Smart DNS or VPN.”

Why do these VPNs work when others don’t?

Netflix usually blocks VPN users by their IP address. Most VPNs use shared IPs, which means hundreds of users are assigned to the same IP. This improves anonymity for users, but makes it pretty apparent to Netflix which IPs belong to VPN servers.

Alternatively, Netflix could have some network monitoring tools in place that detect VPN protocols.

A VPN can bypass Netflix’s firewall for one of two reasons. The first is that the VPN’s subscriber base is relatively small, so Netflix simply ignores its IP addresses. The second is that Netflix cannot detect the VPN due to some sort of obfuscation, which makes VPN traffic look like normal user traffic. The IP of that server might change periodically, which makes it difficult for Netflix to pin down.

Why do we advocate for using a VPN with Netflix?

A VPN is not simply a proxy tool to fool apps and websites into thinking the user is somewhere they are not. VPNs are in everyone’s best interest when it comes to privacy. We wholeheartedly recommend everyone use a VPN, whether they are a Netflix subscriber or not.

Netflix’s VPN ban is a blunt instrument put in place to appease copyright holders. It blocks VPN users no matter where they are located so long as a proxy is detected. This is not a fair policy to paying subscribers. Forcing users to turn off their VPNs could sacrifice privacy, especially those connected on unsecured wifi networks or traveling abroad to surveillance-heavy countries.

You have the right to use the VPN, and Netflix should respect that right by not forcing users to make the choice between privacy and entertainment.

Can I unblock Netflix using a smart DNS proxy?

Smart DNS proxies like Unotelly, Overplay, Unlocator, and Unblock-US were a flash in the pan during Netflix’s war on proxies. After Netflix blocked connections from most VPN servers, many users switched to these services instead. A smart DNS proxy is a server that monitors any DNS requests sent from your device. DNS requests are a means of looking up which domain names (e.g. “netflix.com”) are associated with which servers. If it detects a DNS request for Netflix, it sends all the browser traffic for that request through the server to an American Netflix server, thereby changing both your IP address and DNS server.

This approach worked for a few months until it caught the attention of Netflix, and a subsequent crackdown blocked most smart DNS proxy users. Today, a handful of smart DNS proxy services can still unblock Netflix, but the only one that’s consistently worked for us is ExpressVPN’s MediaStreamer service. MediaStreamer is a smart DNS proxy service that comes with every ExpressVPN subscription. It’s used by default when you connect to the VPN, or you can set it up separately so that it’s used on its own.

I’m travelling and want to access US Netflix Abroad, which countries will these VPNs work in?

The VPN services listed should allow you to unblock US Netflix in any country you might be traveling to, other than those where media is censored and VPNs are actively blocked by a firewall such as China (see our list of the VPNs working in China and pick one that works there, too). In pretty much every other country, the VPNs in our list will work. In fact, we've received comments or emails from people in Canada, the UK, Germany, Australia, New Zealand, Switzerland, Finland, Norway, Sweden, the Netherlands, Denmark, Belgium, France, Israel, Spain, Ireland, South Africa, and Italy telling us they've successfully accessed US Netflix!

What about accessing other countries’ Netflix?

A VPN that unblocks US Netflix won’t necessarily be able to unblock the Netflix catalogs of other countries. While the US version of Netflix is highest in demand by far, we’ve also made up lists of the best VPNs for a few other popular countries:

How to unblock the Netflix app by setting up the VPN on a router

When using a browser such as Chrome or Firefox, any of the VPNs recommended above should allow you to watch American Netflix without any issues. Both traffic and DNS requests are sent through the VPN, preventing Netflix from determining your true location.

When using a Netflix native app, however, the app can override the DNS routing used by a VPN and send requests to your nearest public DNS server. This means Netflix can determine the user’s true location and block them accordingly, even with a VPN app switched on. ExpressVPN and NordVPN have figured out how to overcome this behavior, so they both work with the iOS and Android Netflix apps so this won’t be a problem for if you are using one of these two VPNs.

ExpressVPN and NordVPN will unblock the Netflix app on iOS and Android smartphones and tablets. But other devices–Roku, Chromecast, smart TVs, game consoles, Fire TV, etc–do not support any VPNs. As such, even ExpressVPN and NordVPN have no apps for them. For those devices, you need to configure a router or buy a pre-configured one.

For the VPNs that don’t unblock Netflix on iOS and Android smartphones and tablets, router configuration is also the best alternative.

The VPN must be set up on the wifi router that your device is connected to. This process varies depending on your router’s firmware, and you may have to flash a new firmware onto the router that supports VPNs (Tomato or DD-WRT). You can usually find router setup instructions and configuration details on your provider’s website.

If you don't feel comfortable doing all that, ExpressVPN sells pre-configured routers and also offers free router firmware that can be installed on select routers. You can simply buy a router or flash the free firmware onto a compatible router and save yourself the hassle of a complicated procedure. This should unblock Netflix on any device.

Once the VPN is set up, you’ll also need to configure your firewall to forward DNS queries to our DNS servers (or whatever DNS servers the VPN service in question uses to bypass the Netflix ban). Again, look to your provider for instructions on how to accomplish this.

Netflix app vs Netflix in a web browser

A VPN that unblocks Netflix in a web browser might not unblock the Netflix app on your mobile device, set-top box, or smart TV. That’s because a web browser must use the DNS servers specified by the operating system. Most VPN apps take care of this for you and route all DNS requests to their own in-house DNS servers, which ensures that DNS requests match the location of your VPN server.

The Netflix app, however, can override a device’s DNS settings and force DNS requests to be sent to either a public DNS nameserver or the default ISP’s nameserver. This results in a mismatch between where the user’s IP address is located and where their DNS requests come from. That’s a red flag indicating the viewer is using a VPN or some other type of proxy, resulting in the dreaded proxy error message.

ExpressVPN and NordVPN have both figured out how to overcome this obstacle. If you want to watch Netflix through the app and not a web browser, they are the best options.

Unblocking Netflix on Apple TV

Apple TV does not have built-in support for VPNs, which means you’ll need some other means of routing traffic through the VPN. There are three options we know of:

  • Connect to a VPN on your iPhone or iPad, then stream Netflix on your device and cast it to Apple TV using Airplay. This isn’t exactly the same as just watching Netflix on your Apple TV, but it works so long as you’re using one of the two VPNs we’ve confirmed work with the Netflix app: ExpressVPN or NordVPN.
  • Use a laptop to configure a virtual router. Connect to a VPN on the laptop, then connect the Apple TV to the laptop’s wifi hotspot. This works with most modern Windows and Mac laptops. You can find more detailed instructions in our tutorial on how to turn your Mac into a VPN-secured router. Windows PC instructions can be found in this tutorial.
  • Flash your wifi router with a VPN-compatible firmware and configure the VPN on it. This is the most technically advanced option, so make sure you know what you’re doing. The process varies from router to router, and not all wifi routers are compatible with DD-WRT or Tomato firmware. If you’re not comfortable with replacing the firmware on your home wifi router, you can opt to purchase a preconfigured VPN router from ExpressVPN.

 Netflix VPN ban: What the VPN providers say

To find out more about their ongoing fight, we spoke to executives from NordVPN, Buffered, VyprVPN, ExpressVPN and LiquidVPN for some insight from the front lines.

“We are receiving an unprecedented number of inquiries from people looking to access Netflix service, suggesting there are not a lot of VPNs left that offer an alternative workaround,” NordVPN CIO Emanuel Morgan tells Comparitech. “Keeping up with offering new workaround solutions might require significant resources and it is understandable that some services chose to forgo advocating for this issue – choosing to concentrate their resources on primary service functions (offering privacy and security solutions) instead.”

Morgan says Netflix probably isn’t targeting isolated VPN providers. He believes a combination of techniques is used to block them. One of those techniques, says LiquidVPN CEO Dave Cox, is by identifying connections coming from data centers instead of residences. He goes on to explain that the Netflix apps combat SmartDNS services by forcing you to use a public DNS server and frequently change the URLs that do geolocation for their content. This makes it impossible for services that could support thousands of customers streaming at a time by only forwarding the geolocation packets through their servers.

Buffered CEO Jordan Fried suspects Netflix could put the final nail in the VPN coffin if it truly wished to do so. Instead, it has resisted to avoid losing more customers. The argument against a billing address-based filtering scheme, Netflix might argue, is that the copyright licensing restrictions apply to where content is being watched from, not where the subscriber’s money comes from.

It’s not just Netflix. Hulu, BBC iPlayer, HBO Now, and several other streaming providers have all implemented VPN bans at some level. Should the trend continue, legally watching licensed content online from any site would require users to relinquish their privacy. Constantly maintaining a Netflix workaround requires significant resources. Each of the VPNs we contacted were optimistic, but not certain, that they would still have a workaround six months from now.

Are the solutions listed here no longer working for you? Do you know of any other VPN services that bypass Netflix’s anti-VPN firewall? Drop us a note in the comments!

Read more: How to hide OpenVPN traffic using Obfsproxy on a Windows PC and Linux EC2 server

To shreds, you say” by Jeffrey licensed under CC BY-SA 2.0 

The post Netflix proxy error Fix – Here are 9 VPNs that still work in 2018 appeared first on Comparitech.

How to protect yourself from SWATTING

Posted: 29 Dec 2017 02:54 PM PST


SWATTING is a dangerous prank that’s all too easy to get away with, and it’s quickly becoming an epidemic. A recent case led to the death of an innocent Kansas City man who wasn’t involved but just happened to live near the home of the prank’s intended target. His unfortunate death demonstrates in the strongest possible terms the need to protect ourselves from SWATTING, because it shows how it could happen to anyone.

You can find the details of that case here. In this article, we’ll explain how SWATTING works and how to protect yourself.


SWATTING occurs when someone calls in a hoax to police in order to have a SWAT team or a similar armed police force sent to the victim’s location. The “joke” usually ends after police realize there’s no real threat, but the Kansas City incident shows just how dangerous the prank can be. Due to the nature of the false reports called in–a hostage situation gone awry, in this case–these are tense situations and police are often ready to take lethal action.

SWATTING starts online. Let’s say you get into an argument with someone on the internet. The prankster in the aforementioned case got into a dispute over a game of Call of Duty, but it could just as easily be an argument on Twitter or reddit. It can even be completely random with no catalyst.

The person on the other end of the argument can use any number of techniques to determine where you live. If you have any public profiles that leave hints as to your location, they could correlate this with listed telephone numbers. Some cameras record and send geolocation data, a common concern for Twitch streamers. They could also use your IP address. Every device connected to the internet has an IP address. They are unique strings of numbers and decimals that allow computers to communicate with each other. They also point to the device’s approximate location.

There are various means of determining someone else’s IP address or location. IP addresses are public and sent out every time you connect to an online service or website, including online games.

Now that they have an idea of where you live, the prankster can call the cops and submit their hoax. To hide their own location, SWATTERs can use anonymously-registered VoIP (voice calls over the internet) caller ID spoofing services to make the call, hiding their own IP address behind a proxy to prevent being tracked. In the Kansas City incident, however, the prankster seemed to get the address wrong, which led to the police shooting an uninvolved man. This could be because IP addresses don’t specify exact locations like GPS does, but only an approximate location.

When the police arrive, they believe they are responding to a situation with a high probability of violence, so tensions are high. Meanwhile, the prankster watches the fruits of his nefarious labor play out on the news.

SWATTING is a dangerous prank often carried out by minors with little regard for the consqeuences of their actions.

How to protect yourself from SWATTING

First off, don’t post any information that could allow someone to determine your location in any public place. Some users who have been SWATTED in the past left their addresses on their Steam profiles. Geo-tagged photos on social media open up another attack vector. Finally, hide your IP address using a proxy.

The easiest, most reliable, and most secure type of proxy is called a Virtual Private Network, or VPN. A VPN encrypts all the internet traffic going to and from your device and routes it through an intermediary server in a location of your choosing. Your real IP address is masked by that of the server, which is typically located in a data center somewhere.

If someone tries to SWAT you using an IP address, the prankster will not be able to determine your real location and can only see the location of the data center.

Good VPNs will only marginally slow down your internet connection and come with a myriad of other benefits to security and privacy. They typically cost a few dollars per month.

On a broader note, police need to be better trained to identify SWATTING hoaxes and perhaps flag calls that come from VoIP services as possible SWATTING attempts.

Las Vegas Metropolitan Police Department SWAT” by Tomás Del Coro licensed under CC BY-SA 2.0

The post How to protect yourself from SWATTING appeared first on Comparitech.

Unblock Youku outside of China with this VPN workaround

Posted: 29 Dec 2017 02:04 PM PST

youku american tv
VPNs are popular among people in China who want to access the internet that’s normally blocked from within the country (see our article on the best VPN for China). The Middle Kingdom’s advanced censorship system, commonly referred to as the Great Firewall, censors western social media, news outlets, and streaming video sites, among other content. For this reason, it may sound odd that some VPN users want to do just the opposite: use a VPN to access the internet inside of China.

How to watch Youku from outside China

If you try to access Youku outside of China, you will receive the message “sorry this video can only be streamed within mainland china” (translation ours). To unblock Youku in any country you need a VPN that has Servers in China such as PureVPN. We’ve tested this method and it is a simple workaround to access Youku or other Chinese streaming sites such as LeTV, iQiyi, Sohu, and QQ Video from the US, UK, Canada, Australia, Germany, France or any other country outside of China. At the time of writing, PureVPN is3 running a 7-day money-back guarantee offer so you can test this method risk free.

Deal alert: PureVPN has extended it’s New Year sale and is offering a massive discount on it’s 2 year plan.

The Details:

China’s most popular video streaming sites have a lot more to offer than one might expect. Youku Tudou, often shortened to just Youku, hosts a vast collection of free-to-watch TV shows and movies. Its catalog includes a treasure trove of western content that users in the US, UK, and Canada would normally have to pay for. All of the content is 100 percent legal and usually doesn’t even require registration to watch.

The catch? The viewer must be in mainland China to watch licensed content. Or at least it must look to Youku as if the user is inside China. Otherwise, Youku will not work. In most cases, you’ll receive an error page like this one, indicating this video can only be streamed within mainland China:

youku error screen

Luckily, spoofing one’s location is simple with a VPN. To access Youku in US, UK, Australia, Canada, Germany or France, VPN apps can be installed on PC, Mac, iPhone, Android, or iPad.

What VPN can I use to watch Youku?

Back in 2009, Youku started blocking users with Hong Kong and Taiwan IP addresses from watching licensed video content. That means users must choose a VPN with servers operating on the mainland. This stipulation narrows the options considerably, as most VPNs don’t bother with the additional costs and risk of running a server there.

The VPN must also be fast enough and allow enough data to reliably stream video, while also keeping up privacy standards. For these reasons, we strongly suggest a paid VPN service over a free one. Our top recommendation is PureVPN, which operates servers in Beijing, Shanghai, and Guangdong. Besides the Chinese servers, PureVPN has a huge selection of locations, fast connections, and an easy to use app. However, it does log the real IP addresses of its users, despite the no-logs policy, so privacy-conscious users should be aware that their activity could be traced back to them.

Other honorable mentions include EarthVPN, HideMyAss, and Astrill, all of which have some servers in China and are fairly reputable. FlyVPN and SenVPN run a few servers each in China, but Comparitech has not tested these and cannot vouch for them at this time.

How do I watch Youku from outside of China?

Once you have downloaded, installed, and logged into the VPN of your choice, find the full list of servers. Search for any server located on mainland China; Beijing, Shanghai, Shenzhen, and Guangdong are the biggest major cities where servers are likely to be located. Choose one and connect to it.

Once connected, open a browser and navigate to Youku. If you recently visited the site without a VPN, make sure to clear your cookies first.

Often searching for the English name of the show you’re looking for will bring up the correct result, but sometimes you might need to know the Chinese name. To find it, go to Baidu, China’s most popular search engine, and type in the English name there. This should bring up a result (often from Douban.com or Baidu Baike) that contains both the English and Chinese names. Chinese television and movie names are usually three or four characters long.

Copy and paste the characters into the Youku search bar. Look for results with the appropriate length of time, i.e. between 20 and 30 minutes for a half hour show, between 40 and 75 minutes for a longer TV drama, etc. Shows are split up by seasons, so once you find the show you want, the list of episodes for that season will be displayed on the right hand side of the page.

youku video player
Mr. Robot on Youku

If you just prefer to browse TV shows, take a look at this link for American titles and here for the British catalog. For movies, here are Youku’s American films, and you can find British flicks here. A VPN is not necessary to browse, only to play the video.

Note that Youku might not have every season of each show, and in some cases it may only have a few episodes. Because of China’s strict censorship rules, some content might be altered from the original, especially during scenes containing sexual or violent content. Most movies will be in English with Chinese subtitles, but some–children’s movies and animation in particular–will be dubbed. Finally, expect ads to pop up at random moments. Western ad blockers often don’t stop advertisements from Chinese ad networks.

Western TV shows and movies on Youku

Here is an alphabetized, not comprehensive list of TV shows on Youku:

12 Monkeys, 2 Broke Girls, 24, 30 Rock, Agents of Shield, American Horror Story, Arrow, Boardwalk Empire, Bones, Breaking Bad, Brooklyn Nine-Nine, Californication, Cougar Town, Criminal Minds, CSI, Desperate Housewives, Doctor Who, Empire, Everybody Loves Raymond, Falling Skies, Fargo, Friends, Gossip Girl, Gotham, Grey’s Anatomy, Grimm, Heroes Reborn, Homeland, House, House of Cards, How I Met Your Mother, Lie to Me, Lost, Louie, Luther, Mad Men, Modern Family, Mr Robot, New Girl, Orange is the New Black, Orphan Black, Penny Dreadful, Prison Break, Psych, Scandal, Sherlock, Smallville, Supernatural, Teen Wolf, The Americans, The Expanse, The Flash, The League, The Night Manager, The Office, The Tudors, The Vampire Diaries, True Blood, Two and a Half Men, Under the Dome, Veep, Weeds, White Collar

And here’s a sampling the Western movies on Youku:

007 movies, 12 Years a Slave, 28 Weeks Later, Alien, Alien Versus Predator, Around the World in 80 Days, Assassin’s Creed, Avatar, Batman (all of the new ones), Bronson, Chronicles of Narnia, Concussion, Eddie the Eagle, Eragon, Ex Machina, Fury, Gravity, Green Street Hooligans, Harry Potter movies, Hitman, Hotel Rwanda, Into the Woods, Kung Fu Panda, London has Fallen, Maleficent, Mazerunner, Moon, On the Road, Resident Evil movies, Superman, The Boy in Striped Pajamas, The Brothers Grimm, The Count of Monte Cristo, The Dark Knight Rises, The Disappearance of Alice Creed, The Hitchhiker’s Guide to the Galaxy , The Iron Lady, The League of Extraordinary Gentlemen, The Martian, The Pianist, The Woman in Black, Tinker Tailor Soldier Spy, Tomb Raider, Transporter 3, Tropic Thunder, Troy, X-Men (most of the new ones)

Other Chinese streaming sites

Youku isn’t the only player in China’s video streaming market. If you can’t find what you’re looking for there, try LeTV, iQiyi, Sohu, and QQ Video, all of which we were able to unblock with PureVPN during our testing. Each has its own exclusive licensing rights with different production studios in the West. Youku, for example, has a lot of titles from Paramount and Dreamworks.

The post Unblock Youku outside of China with this VPN workaround appeared first on Comparitech.

Best VPNs for Kodi XBMC and OpenELEC in 2018

Posted: 29 Dec 2017 03:45 AM PST

Kodi, the multi-platform home theater software formerly called XBMC, can be customized with a range of content repositories, tools, and programs for a tailored entertainment experience. It overlays any computer, Android device, and even Raspberry Pis with an easy-to-use interface compatible with remote controls and gamepads.

The real allure of Kodi lies in addons that extend Kodi’s capabilities. Namely, video addons allow Kodi users to stream video from a wide range of sources. These include popular streaming services like BBC iPlayer and third-party addons that primarily offer pirated content. Most Kodi users employ a VPN to hide their activity from their ISP when viewing pirated content, however there are many legitimate reasons everyone should use one.

Short for Virtual Private Network, a VPN encrypts all of your Kodi device’s internet traffic and routes it through an intermediary server in a location of your choosing. This allows you to unblock geographically restricted content, such as BBC iPlayer from outside the UK. It also protects users from certain types of attacks and vulnerabilities common in third-party addons while keeping your activity private.

Many VPNs are available, but we’ve narrowed down a list of six we believe to be the best VPNs for Kodi users. We’ll make a note as to what types of devices each VPN is compatible with, including Android and OpenELEC. If you’re not sure which to choose, check out our guide on how to set up a Kodi VPN.

Best VPNs for Kodi XBMC

We chose the best VPNs for Kodi based on the following criteria:

  • Compatibility with a range of Kodi devices
  • Speed and reliability
  • Security and logging policy
  • Ease of setup and use

1. IPVanishIPVanish discounted plans

IPVanish is our top recommendation for Android-based Kodi devices, including the Amazon Fire TV and Fire TV Stick. For users without access to Google Play, IPVanish allows you to simply download the APK file from its website and install it directly onto your device without the need to go through an app store. IPVanish now lists its app on the Fire TV app store via Amazon, and as of time of writing it’s the only one on this list to do so. Linux users, however, will have to manually configure the VPN.

The Fire TV version is optimized to be used with the Fire Stick remote, making it easy to get set up and connected to your server of choice. Over 1,000 servers are available to choose from, with fast and reliable service to the vast majority of locations around the world. You’ll also get solid security thanks to 256-bit encryption and a no-logs policy.

Apps are available for Windows, MacOS, iOS, Android, and Fire TV.

SAVE 60%: Our readers can get an exclusive discount of up to 60 percent on IPVanish plans.

Read our full IPVanish review.

2. ExpressVPNExpressVPN pricing

ExpressVPN is a great all-around choice for Kodi users, promising fast speeds and reliable service. A Linux version of the app with a command-line interface is available, although we haven’t yet tested this with OpenELEC. Word on the street is that a Fire TV-optimized version will be available through Amazon’s app store in the coming weeks. One downside for users with Android-based Kodi devices is they can’t easily download the APK from the website without first authorizing their account. That means devices that lack Google Play and a traditional web browser will have to sideload the app from a second Android device. ExpressVPN also has a tutorial for getting set up with Nvidia Shield on its website.

ExpressVPN is a reliable unblocker of geo-locked services, including BBC iPlayer, Netflix, Hulu, HBO Now and HBO Go. It boasts best-in-class security standards, 256-bit AES encryption and perfect forward secrecy among them.

Apps are available for Windows, MacOS, iOS, Android, Linux (command-line), and certain wifi routers. If your Kodi device doesn’t support VPNs at all, ExpressVPN’s pre-flashed wifi routers with the company’s bespoke firmware might be just what you’re looking for.

3 MONTHS FREE: Get 3 months free here with ExpressVPN’s annual plan. The deal includes its 30-day no quibbles money-back guarantee so you’ll receive a full refund if unsatisfied.

Read our full ExpressVPN review.


3. NordVPNNordVPN 3 year plan

NordVPN offers a network of more than 1,100 server in over 60 countries. Many of those can unblock geo-locked streaming services like BBC iPlayer, Hulu, and Netflix. Android users without Google Play can get the APK file directly from the NordVPN website. Unfortunately, there’s no Linux version of the app, but NordVPN can be manually configured using a range of different protocols.

The company uses 256-bit encryption and adheres to a strict zero-logs policy. Speeds are decent and connections are reliable. The default map interface might not be suitable for users who operate Kodi with a remote control, but you can switch to view the available servers in list form as well.

Apps are available for Windows, MacOS, iOS, and Android.

SAVE 77%: Save a whopping 72% off on NordVPN's limited time three-year deal.

Read our full NordVPN review.

4. PrivateVPNprivatevpn banner

PrivateVPN is a small provider making a big splash thanks to its ability to unblock pretty much everything you can throw at it, including BBC iPlayer and Netflix. A relative newcomer, it doesn’t have a huge amount of servers, but those it does have are spread over a good range of countries and offer blazing fast speeds. Security and logging policies are what you would expect from a much larger provider, so you can rest easy knowing your ISP and hackers won’t be able to snoop on your activity.

Android users can get the APK file directly from PrivateVPN’s website. There’s no app for Linux yet, but manual configuration is an option.

Apps are available for Windows, MacOS, iOS, and Android.

EXCLUSIVE DEAL: Our readers get a 67% discount plus 5 months extra free with the annual plan.

Read our full PrivateVPN review.

5. Private Internet Accesspia mobile app

Private Internet Access is a solid option for both Android- and Linux-based Kodi devices. The Linux version is tested and proven to work on OpenELEC, a popular Linux distro for low-power Kodi devices like Raspberry Pi. The apps are lightweight and the price is cheap, so this is a good overall choice for Kodi users on a budget. The APK file is available for direct download from the PIA website if your Android device doesn’t have Google Play.

Despite its small footprint, PIA doesn’t compromise on security or performance. Speeds are decent and you get a decent range of server locations. Encryption standards are adjustable with 256-bit and 128-bit encryption available; the latter might be preferable lower-end Kodi devices. PIA sticks to a strict no-logs policy.

Apps are available for Windows, MacOS, iOS, Android, and Linux.

CHEAP DEAL: PIA is running a discounted deal on their annual plan here which brings the cost down to $3.33 per month.

Read our full Private Internet Access review.

6. CyberGhostcyberghost banner

CyberGhost categorizes its servers not just by location, but by which video streaming service the user wants to access. This is useful for users who use Kodi to stream from official sources like BBC iPlayer. Unfortunately, there’s no Linux app and the Android version is only available from Google Play. That means devices that run on OpenELEC or a version of Android that doesn’t have Google Play will have to manually configure CyberGhost servers.

On the plus side, CyberGhost has gotten pretty good at unblocking streaming channels as of late, and it’s added a whole slew of servers to its ever-expanding network. Speeds are solid and security is tight.

Apps are available for Windows, MacOS, iOS, and Android.

DISCOUNTED DEAL: Right now, you can get a 74% discount on CyberGhost Pro.

Read our full CyberGhost review.

Don’t use APK files from third parties

If your Kodi device runs on Android but doesn’t have Google Play, getting the VPN app you want onto it can be a challenge. The next best option is often downloading the APK file and allowing your device to install apps from unknown sources. However, we caution against downloading APK files from anyone other than the VPN provider itself.

A bit of Googling will no doubt turn up several third party APK hosting websites. These are best avoided. Those APKs were not put there by the people who made them, so there’s a substantial risk that the app could have been modified to contain malware. Even if it’s safe, these APKs are often out of date, which means they could be missing key features or contain unpatched security vulnerabilities.

Whenever possible, download APKs directly from the VPN provider’s website. Another option is to “sideload” the app from a second Android device that does have Google Play.

How to use a VPN with Kodi

On smartphones and PCs, the easiest way to use a VPN with Kodi is to install the VPN provider’s app. To do so, you will need to minimize Kodi and install it on the underlying operating system. Just download the app from the provider website, log in with your account credentials, select a location, and hit the connect button. Once the connection is established, open Kodi back up and use it as you normally would. All your device traffic will be tunneled through the VPN.

Read more: How to use a VPN or smart DNS with Kodi to unblock content

VPN router setup for Kodi on Roku, Chromecast, FireTV, etc

If you’re using Kodi XBMC on a device that doesn’t support VPNs, you can still take advantage of a VPN subscription by setting it up manually on your wifi router. This process differs based on the particular router’s firmware, so we recommend you Google a setup tutorial to learn how. Once set up, all the internet traffic coming and going from the router will travel through the VPN server.

You may need to replace the router’s firmware if the stock version does not support VPN connections. This process is called “flashing”, and it should be done with great care. If you do not flash the new firmware properly or flash the incorrect firmware version for your router model, it can permanently damage, or “brick”, the router. Some of the most popular router firmware that support VPNs include:

  • DD-WRT
  • Tomato
  • AsusWRT

If you have a PC or Mac laptop available, a safer and easier solution is to install the VPN on that and create a wifi hotspot.  This is called a virtual router, and most modern laptops are capable of creating one.  By connecting to the VPN on your laptop and broadcasting a wifi network from it, you can connect your Kodi device so that all streams go through the VPN. You can find PC instructions on how to create a VPN-enabled virtual router, and Mac instructions here. We’ve also got our Fire TV Stick VPN setup instructions for 2nd generation Amazon Fire TV Sticks and later.

See also: What are the best VPNs for Fire Stick and Amazon Fire TV?

Is Kodi legal?

Kodi is perfectly legal open-source software created by a nonprofit organization. You are fully within your rights to download and install Kodi from the official website and use any of the officially sanctioned add-ons.

It is not illegal to buy or sell devices with Kodi pre-installed, so long as they do not contain third-party add-ons that stream from illegal sources. We recommend the boxes sold by WeTek, which come with a clean install of Kodi without any third-party add-ons and run on the OpenELEC Linux distro.

Kodi users run into legal issues when they extend Kodi’s range of streaming sources using unsanctioned, third-party add-ons, or when they buy “Kodi boxes” from third party retailers that come with these add-ons pre-installed. These sources can include pirated IPTV streams, torrents, and websites hosting content without the copyright owner’s permission.

It might not be completely clear to users which add-ons stream from legal sources and which don’t. This is especially true for pre-configured Kodi boxes. In one case, a UK man was fined £250,000 for selling Kodi devices loaded with several add-ons that streamed content from illegal sources, despite his claim that the boxes were “100 percent legal.”

So how do you stay on the right side of the law?

First off, know that the XBMC Foundation, which created and maintains the Kodi software, is not involved in any way with the sale of Kodi boxes. In fact, Team Kodi has said the boxes commonly sold on eBay and by Youtubers, which come loaded with third-party add-ons, are “killing Kodi”. But because Kodi is open source, XBMC cannot control who installs it on what.

We discourage purchasing any device with Kodi and third-party add-ons pre-installed. Not only could doing so get you in trouble for copyright infringement, it could also infect your device with malware installed on the system before purchase. If you bought an Amazon Fire Stick or other device with a “fully loaded” Kodi installation, we recommend a clean wipe of the entire system and starting from scratch.

Secondly, the legality of streaming from third-party sources varies by country. Some might be legal but require you watch from a specific country or region. Others might exist in a legal grey area. For these reasons, we always recommend checking your local laws and regulations and using a VPN to hide your activity from your ISP and other entities.

Read more: Is Kodi safe and legal? What precautions should you take?

Choosing a Kodi box

While you can install and run Kodi on a desktop operating system like Windows or MacOS, most Kodi users prefer to use a separate device to use as a home media center. These are often referred to as Kodi “boxes”, and they come in two main flavors: Android and Linux.

Most of the VPNs listed here make Android apps with downloadable APK files that you can install directly onto your device without the need for Google Play. While not all versions of Android are the same, most should run these VPN apps just fine.

Popular Android-based Kodi boxes include:

  • Amazon Fire TV and Fire TV Stick
  • Nvidia Shield
  • Gem Box
  • Razer Forge TV
  • Matricom G-Box

Many Linux distributions can run Kodi, but the most popular for small, low-powered devices like these is OpenELEC. OpenELEC is a Linux distro tailor-made for Kodi boxes. Some VPNs make Linux apps that might run on OpenELEC, but a more universal option is to configure the VPN manually. OpenELEC Kodi users can even connect to a VPN from within a Kodi add-on like VPN Manager for OpenVPN or OpenVPN for Kodi. Ask your VPN provider for the necessary configuration files to get up and running.

Popular devices that run Kodi with OpenELEC include:

  • Wetek Play, Play 2, and Core
  • Raspberry Pi 3
  • CuBox-i

There are many more, but beware of devices that are sold with non-stock editions of Kodi. Many vendors will sell pre-configured “piracy boxes” with special builds that come with tons of add-ons already installed. This is especially prevalent among third-party vendors selling Amazon Fire TV sticks with Kodi. While these can seem like a good deal at first because they don’t require you to install Kodi on your own, they often come with malware, botnets, and other nasty stuff that risks your security and internet bandwidth.

If a device doesn’t come with the stock version of Kodi, just install it yourself. You can find a tutorial on how to install Kodi on Fire TV here, and how to install a VPN on Fire TV here. These instructions should work similarly for other Android-based devices as well.

Comparitech does not condone or encourage any violation of copyright restrictions, including illegal streaming through Kodi. Kodi can be used for many excellent, legal online streaming purposes. Please consider the law, victims, and risks of piracy before downloading or streaming copyrighted material without permission.

The post Best VPNs for Kodi XBMC and OpenELEC in 2018 appeared first on Comparitech.

Is Dropbox Secure? 9 Ways To Make The File Sharing Service Safer To Use

Posted: 28 Dec 2017 04:13 AM PST

Dropbox padlock

Like most internet services, Dropbox was created because its founder — Drew Houston — couldn't find a solution to a problem which satisfied his needs.

In Houston's case, while he was a student at MIT, he found he consistently forgot the USB key containing his files on it and the file sharing services which were available in 2007 simply didn't meet his needs, with problems like latency, buggy software and inability to handle big files among his major gripes.

And so Houston created Dropbox, a simple service which allows users to store files online while also syncing their files to folders on their PCs, laptops and smartphones. Users can share files with others and the whole service was free — at least for those without the need to store a huge amount of data.

Unsurprisingly it was a huge success, and almost a decade after it first launched Dropbox now has over half a billion users globally with 1.2 billion files uploaded to the service every single day by individuals as well as enterprise customers.

Some of the numbers associated with Dropbox are staggering, giving an idea of the amount of data the company stores — and is responsible for keeping safe: 35 billion Microsoft Office files are stored on Dropbox; it supports 20 different languages; and 4,000 file edits are made on Dropbox every single second.

With such a huge trove of data, security and privacy are obviously very important for the company and its users.
To help us understand how secure Dropbox's service is, let's first look at how the service operates.

How Dropbox Works

Dropbox's promise to let you access your files wherever you are, and on whatever device you are using, is a hugely compelling selling point and it is all made possible thanks to the power of cloud computing.

Accessing Dropbox is done in a couple of ways. The first is through the Dropbox website which allows you view, upload and download files as well as sharing them with your family, friends and co-workers. Dropbox also has software which you can install on pretty much all desktop, tablet and smartphone operating systems. This allows you to easily add or remove files from your Dropbox account. When you place a new file in the Dropbox folder, it is uploaded to the central server and then synced with all the computers, tablets and smartphones that you have Dropbox installed on.

Even if your smartphone and PC are in the same room, any change made to your Dropbox folder is first sent to the server before all your other devices are updated.

How Does It Do Security?

This is what Dropbox says about security:

"At Dropbox, the security of your data is our highest priority. We have a dedicated security team using the best tools and engineering practices available to build and maintain Dropbox, and you can rest assured that we've implemented multiple levels of security to protect and back up your files."

Sounds great, but what does it mean in reality?

Well any time you have to send any of your information over the internet and put it on a remote server you are automatically increasing your security risk.

To offset this, Dropbox encrypts all data in transit using Secure Sockets Layer (SSL)/Transport Layer Security (TLS) between Dropbox apps and its servers. This is designed to create a secure tunnel protected by 128-bit or higher Advanced Encryption Standard (AES) encryption.

The Dropbox software you install on your PC or smartphone creates a secure connection with the Dropbox servers and therefore with the data encrypted there is no way for anyone to intercept and read that information while in transit.

When it reaches Dropbox's servers, your data is encrypted with 256-bit AES, which is an industry recognised standard and which is almost impossible to crack without the encryption key.

The information is then synced with all your other devices, with the data again being sent over an encrypted channel. Once on your other devices the data is decrypted and stored on your PC or smartphone.

This all sounds pretty secure — and it is, to a point — but there are still some major concerns Dropbox's security.

Dropbox Security Issues

Despite all the talk to 256-bit AES encryption and claims "the security of your data is our highest priority" the fact remains that Dropbox has the ability to decrypt all your files and can view them whenever it wants — particularly if any law enforcement agency comes calling.

This leads to a number of security concerns for users. For example, if a Dropbox employee went rogue and decided to unlock all your secret files, they could — though it should be pointed out that only a very limited number of employees have access to the encryption keys needed to do this.

The fact that Dropbox stores all the encryption keys for its users, means that potentially hackers will be able to breach their systems and steal these very valuable pieces of information – though because Dropbox likely stores this in a very secure location the likelihood of this happening is again small.

The real concern is that Dropbox can — if it wants to — disclose your information to a third party. The company has already stated that should a law enforcement agency come calling with a subpoena, it will willingly decrypt your data and hand it over.

This has led to some high profile criticism of Dropbox. Former NSA contractor turned whistleblower Edward Snowden has not been shy about his disdain for Dropbox, calling it "hostile to privacy" and using users to "get rid of it."

"We're talking about encryption," Snowden said during a remote interview for the New Yorker Festival in 2014. "We're talking about dropping programs that are hostile to privacy. For example, Dropbox? Get rid of Dropbox, it doesn't support encryption, it doesn't protect your private files."

Houston responded by saying that Dropbox could offer better encryption but it is "a trade-off between usability/convenience and security. We offer people choice."

Houston said that if Dropbox implemented "zero knowledge encryption" then services like search, access to third-party apps, seamless access to data from mobile devices and other features would be impeded.

Privacy Problems

As well as issues around security, Dropbox's own Privacy Policy, highlights some issues users should be aware of:

  • Data Retention– Users should be aware that when they are signing up, information like usernames, emails, addresses, phone numbers, credit card information and social network details are retained and stored by the company. This is common practice among almost all online businesses but users should still be aware of it.
  • Deleting Your Account Doesn't Necessarily Delete Your Data– While you can delete your account, Dropbox reserves the right to retain your data in order “to comply with our legal obligations, resolve disputes or enforce our agreements,” according to the company's vague explanation. There may be several reasons for needing to retain your information, including if your data is tied up in legal obligations or disputes, but Dropbox’s policy wording leaves it open to interpretation — which is never a good thing when your data is involved.
  • Sharing Personal Information– Dropbox makes it clear that it will never sell your personal information, but it has no problem sharing it with others. If you sign into your Dropbox account through a third-party app — say Facebook — then Dropbox will share your personal information with Facebook. Dropbox also shares your information with Amazon because it uses Amazon's S3 service for storage and is required to hand over your details. It will also share your information if it thinks there is a danger to the company or its users, though it doesn't define what these situations might be — but they are likely to be fraud or property theft. Finally, Dropbox will also hand over your personal information if it is sold or acquired by another company.
  • Dropbox Knows Where You Are– It would be very easy for Dropbox to find out where its users are, simply by using GPS information from the devices the information is being sent from — but the company says it doesn't do this as this would suggest it was monitoring users’ locations. What the company does do however is use data embedded in the files users are uploading (EXIF data in photos and videos) as well as using your IP address to get a rough estimate of where in the world you are located .

On the whole, while Dropbox does claim to make security and privacy a priority, it is clear that if you or your business want to use Dropbox to hide sensitive and valuable data, there are risks involved.

Luckily there are some steps you can take to make your content more secure.

1. Enable Two-Step Verification

A hugely powerful tool to prevent unauthorised access to your accounts, two-step verification (or two-factor authentication as it is also known) is available on most popular online services today, including the likes of Gmail and Facebook.

Dropbox two step authentication

The features allows you to request a code be sent to your smartphone every time someone tries to access your account from a new device.

To turn on the feature in Dropbox, click on the drop down menu in the top right-hand corner of your account's home page and hit Settings.

This will open a new window and here you can hit the Security tab. You will see the status of two-step verification on your account and if it is disabled, then hit the "click to enable" link to set it up.

You will be asked to re-enter your account password during the set up process, and then you will be asked if you want your codes sent to your phone as a text message or to an app such as Google Authenticator.

Dropbox authenticator

You will then be asked to put in your phone number, and a code will be sent to make sure the system is working. Dropbox then asks for a backup number in case you lose your own phone. Finally Dropbox presents you with a list of 10 backup codes which you are meant to print out or write down and keep in a safe place.

Now you can click on the Enable Two-Step Verification button to finish the process.

2. Delist Linked Devices

If you have been using Dropbox for a long time and in that time you have changed PCs and smartphones several times, then you probably have a long list of linked devices — and it's very easy to see them, when you last used them and to delist them.

Dropbox linked devices

In the same Security tab where you enabled two-step verification above scroll down to see the Devices list. Here you will see the names of the devices you connected your Dropbox account to, where you used them and when the last time your accessed Dropbox on the devices.

At the far right of the list you will see an 'x' which allows you to delink the device and make sure that if that device is used by anyone else they won't automatically be able to access your account.

3. Check Web Sessions

If you are worried that your Dropbox account may have been compromised, then it is relatively easy to check.

On the same Security page just above the list of linked devices, users can view their current web sessions which shows which browsers are currently logged into your Dropbox account. This list can put your mind to ease that no one else is logging into your account and can quickly show you where all the sessions are happening.

4. Manage Your Linked Apps

As mentioned above, when you sign into Dropbox through a third party app, the company shares your personal information with that app. Over time you may forget which apps you have given permission to access your Dropbox account and may have stopped using those apps altogether.

linked apps

Towards the bottom of Dropbox's security settings page you can view all the apps you have given permission to over the years and just as with de-listing trusted devices, you can easily revoke permission for any given app.

5. Set Up Email Notifications

If two-step verification is not enough of a safety net for you, then Dropbox does offer you the option of getting emails sent to your account whenever something changes, including logins from new devices or browsers, whenever new apps are given access or when a significant number of files are deleted.

Email notifications can be managed from the Profile panels of the Settings menu.

6. Use A VPN

While Dropbox may not be able to track your location precisely, it can still get a general sense of what part of the world you are in and depending on how your IP address is assigned could be able to pinpoint your location pretty accurately.

There is however an easy way around this. A virtual private network or VPN is a network of connected computers which creates an encrypted tunnel that re-routes your browsing to a server on the VPN network rather than a public server. This means Dropbox (or anyone else for that matter) won't be able to see your real IP address. Check out our roundup of some of the best VPNs.

7. Use Your Own Encryption

One way to circumvent Dropbox's ability to snoop on your data is to get there before them and encrypt all your own information before it is uploaded to Dropbox, meaning the company won't have the encryption keys needed to unlock your files.

Boxcryptor is a free service which integrates with Dropbox and works on all major desktop and mobile platforms to allow you encrypt data before it leaves your computer. The only problem is that because Boxcryptor has a "zero knowledge" approach to encryption, if you forget your password, then the company won't be able to retrieve your data .


Here is a list of other free services that can be used for cloud encryption.

8. Use A Strong Password Or Password Manager

This is a piece of advice which is applicable to pretty much every single online service – use a strong password. This means using a combination of upper and lower case letter, numbers and symbols while avoiding reusing the same combination of characters from other services. Dropbox suggests using "non-standard uPPercasing, creative spelllling, personal slang, and non-obvious numbers and symbols (using $ for s or 0 for o is too obvious!)."

However trying to remember a lengthy and unique password is a challenge, particularly if you have a different one for every service. This is where password managers comes in. They will remember all your passwords for you and you will have to just remember a single password in order to access all your accounts.

Here is a comparison of some of the best password managers available at the moment, and an FAQ about using them.

9. Try a Dropbox Alternative

If all these options are still not enough to convince you that Dropbox is secure, then there are alternatives available.

The one service Snowden has promoted in the past is called SpiderOak which basically promises all the same features as Dropbox but with the added benefit of not having the ability to see what files are stored on its servers — claiming as they do a "zero knowledge cloud solution."

READER DEAL: SpiderOak is offering our readers a 15% discount here. Just add the code Comparitech15 when prompted.

Another option is Sync.com, a Canadian based service which calls itself "the most private, most secure cloud storage service on the planet!"

On top of a zero knowledge approach, passwords are never transmitted to Sync and the company does not store passwords or password hashes during account creation, or when you log in.

E-Box is a UK-based cloud storage company and unlike Dropbox — which hosts everything on US-based servers — it has servers located in the UK which may be a significant benefit for UK or European companies. E-Box is entirely web-based meaning any device with an internet connection and a web browser can access it.

Image credit: “Mysterious box” by Blondinrikard Fröberg licensed under CC BY 2.0

The post Is Dropbox Secure? 9 Ways To Make The File Sharing Service Safer To Use appeared first on Comparitech.

Online dating and romance scams: How to spot and avoid them

Posted: 21 Dec 2017 11:33 AM PST

Finding love online is becoming more and more commonplace. In fact, you probably know at least one couple who met online. However, the rise in popularity of online dating has resulted in a dramatic increase in the number of romance scams taking place.

Dating and romance scams are nothing new, but with so many people looking for love online, they have become that much more attractive and accessible to online criminals. Plus, the countless real online love stories only serve to make this scam even easier for criminals to pull off.

Most people hope they wouldn't be naïve enough to fall for such scams. But, as the old saying goes, "love is blind," and thousands of people fall victim to such plots every day. Of all internet crimes in the US, romance scams account for the largest financial losses, totaling $230 million (~ GBP £172 million) in 2016. And it's definitely not just happening in the US. Last year in the UK, there were almost 4,000 victims of romance fraud scammed out of close to GBP £40 million (~ $54 million). In Canada last year, 750 victims lost CAD $17 million (~ GBP £10 million).

Victims are often too embarrassed to come forward, so these numbers may be grossly underreported. Many realize that it's usually impossible to recover any of the money sent to scammers. However, there is some good news. By educating yourself and those around you about the tactics online fraudsters use, you can drastically decrease the chances that you or they will become a victim.

In this post, we'll describe the common tactics used by scammers, what to look out for, and how to avoid getting caught up in the scam.

The common scam pattern

Although the details vary, most online dating and romance scams follow a similar pattern. It begins with a hook. The would-be suitor makes contact and uses something in common to spark a friendship or romantic relationship. The relationship ramps up quickly with scammers typically sending lots of messages throughout the day over a period of weeks or even months.

According to FBI Special Agent, Christine Benning, the majority of victims are women over 50. She explains that ideal targets might be those who are recently divorced or widowed. They are looking for love and may believe they don't have a great chance of finding a partner. As such, they become vulnerable and are more likely to fall for these scams. It's also possible that that women in this age group tend to be more affluent and less tech savvy than younger demographics.

Once they are sufficiently 'groomed,' the victim is tested. An initial test might involve sending a small amount of money. This could be for a child's birthday present, to help an elderly relative, or to get a car fixed.

At some point, the victim may be asked to send something to the scammer that can later be used against them, such as compromising photos or videos. Sometimes the message history is enough to use as a threat, especially if the victim is married or in a long-term relationship and is hiding this online relationship from their significant other.

Eventually, they are asked to send large amounts of money or to carry out something illegal. They may do this willingly out of love or compassion for the scammer. Or they may do it because at this point they are being threatened. In a surprising number of cases, the scams continue for prolonged periods for the simple fact that the victim is too embarrassed to admit to friends, family, and law enforcement that they have fallen prey to a scammer.

Even more surprising, in some cases, victims know that they are being scammed but are still in love with the scammer and continue to send money anyway. This goes to show two things: the manipulative power these criminals hold and the vulnerability of the victims they target.

Common warning signs to look for

Although the common perception is that you'd have to be really stupid to fall for one of these cons, that's often not the case. Scammers are very clever and prey on vulnerable people. On the other side, people are looking for love or friendship, and with real online love stories becoming more and more common, it doesn’t seem so far-fetched that it could happen to them.

Even so, there are often tell-tale signs that a potential love prospect is not being up front. Here are some of the signs to look out for:

Creating trusted profiles

Online dating scams typically involve someone creating a fake profile, be it on a dating site or a social media platform. This is often known as 'catfishing.' Military personnel, aid workers, and medical professionals are common guises, as people are more likely to trust people in these professions. Many will claim to be from a Western country but currently working overseas.

Scammers will often create multiple profiles using the same stolen images. American hypnotherapist, Dr. Steve G Jones has had his identity stolen for this purpose multiple times. Scammers use his videos and images to create fake online profiles. Some also use his real name and personal information. He has even been contacted by victims who believe they're in a relationship with him. His images have been used so many times, he decided to create a PSA to let everyone know and warn them of the dangers of befriending strangers on social media.

Scamalytics scans many of the most popular dating websites to find out what the most common scam profiles consist of. A typical male profile would be in his late forties, be a widower, and have a high-paid job. A typical female would also be well-paid, but be in her late twenties and never married.

If you're suspicious, you can run images through Google image search or TinEye to see if they appear elsewhere. You can check on sites like Romance Scam  and Scamdigger to view frequently used profile images and names. Additionally, certain Facebook groups dedicated to raising awareness flag scam profiles. Some people suggest trying to arrange a meeting as early as possible, although this seems risky. A better option might be to try to arrange a video call early on and see how they react. Many will say their camera doesn't work, which could be legitimate excuse, but it's worth asking.

Poor English can be a good indicator that someone is not who they say are, especially if they’re purporting to be from a Western country and/or university educated. If you're unsure about location information, you could test someone on knowledge of the local area they claim to be from.

Scammers often work in groups posing as a single person. Changes in things like tone, grammar, and use of emoticons can be a tell-tale sign you're talking to more than one person. Inconsistencies and repetition are also more likely to occur when you're talking to a group.

Hooking you with common interests

Whether it's your religion, line of work, or hobbies, scammers will often select information from your profile to help strike up a conversation. It doesn't take long before you're divulging more information that they can use to further the relationship. In fact, many times they will adjust their 'personality' to fit the perfect partner that you've been searching for.

Romance scamming is such a big business that people even profit off of writing scripts for criminals to follow. One UK woman was jailed for two years for writing such scripts. Not all scammers will bother paying for original content and things like poetry and romantic verses can easily be lifted from the internet. If it sounds too good to be true, pop it into Google search and you'll likely find something the same or similar elsewhere.

When it comes to online public profiles, you should be very cautious about the pieces of information you divulge. Of course, this can be impossible for online dating sites when you're actually trying to spark a relationship, but you can still keep things to a minimum.

Quickly becoming overly emotional

For people conducting these scams, this is often their full-time job. Some scammers are running dozens of 'cases' at a time. Of course, they don't want to waste their time. They usually ramp up a relationship quickly so they can get to the point where they're actually profiting from it sooner rather than later. A British Columbia man was in an online relationship for just six weeks before he started handing over money to his suitor. Ultimately, he sent around CAD $500,000 (~ GBP £290,000) before realizing he had been had.

It's common for fraudsters to shower victims with love and affection, talking to or messaging them constantly throughout the day. This can be referred to as "love bombing," which is often used to describe the type of behavior exhibited by cults and religious sects. One romance scam victim described the feeling as similar to being brainwashed.

If they're using a dating site to find victims, perpetrators will usually ask to move to a more private chat forum. Dating sites often monitor for suspect activity, so if you meet someone on such a site, it's better to keep the conversation there.

Asking for money

This can start out very innocently. A few bucks here and there could seem like nothing when you're in love with someone. But it can quickly ramp up. A common request for money can involve the scammer coming to visit the victim. They might say they need money for flights or other expenses. Other large sums might be requested for investing in a business or for medical costs. The urgency of these demands tends to ramp up and can even become threatening.

One common request is to send money for fees with the pretense that the victim will be compensated with additional (often huge) sums of money. One woman was duped into sending CAD $450,000 (~ GBP £260,000) in this manner. She believed she was set to receive a sum many times higher than that in compensation from the Nigerian court system. Instead she was “defrauded of her life savings and possessions.”

There is some good news in that companies like Western Union are being held accountable for helping scammers. As such, they are becoming more strict about the transfers they allow to go through. Of course, there are always other ways to transfer money. The bottom line is you should never send money or banking details to anyone you don't know well and completely trust.

Asking to carry out suspicious activities

For most people alarm bells would ring if someone asked them to take money or goods and pass them onto someone else they didn't know. But this stuff happens all the time during online dating scams.

Of course, if someone asked you to take their sealed luggage on a flight, you'll likely say no. You never know what's in there and it could get you into a lot of trouble. Similarly, you should never receive or sends goods or money on behalf of someone else.

Sharon Armstrong learned about this type of scam the hard way. She agreed to transport a "contract" from Argentina to London on behalf of her faux-boyfriend. Unfortunately, she ended up spending two and a half years in an Argentinian prison for cocaine smuggling.

Making broken promises

Whether the fraudster has promised to visit the victim or pay them back some money, there is always some excuse. These can be elaborate to the point where they may seem believable. What's more, these excuses often become a gateway to ask for even more money.

One common scenario involves the victim believing the scammer is coming to visit them. They're so excited and might have told friends and family that their boyfriend or girlfriend is due to arrive. Then something comes up and the scammer needs money for a passport or a ticket or to tie up some loose ends. While pinning their hopes on a real-life meeting, the victim keeps doling out money, even though the excuses become more and more far-fetched.

Introducing you to others

Online dating scams are often run by highly organized crime rings. Sometimes this just means you'll be in contact with multiple people posing as one person. However, for more elaborate cons, victims may be introduced to other 'characters,' including people posing as relatives, business partners, lawyers, bank managers, travel agents, and more.

Report scammers

Hopefully you'll realize that you — or your friend or relative — are being scammed before it's too late. If so, you should report the scammer to whichever platform you met them on. You can also report the incident to your local police (especially if you have handed over any money or performed any requested tasks) and to the fraud centre in your country of residence:

Although you might be embarrassed, it's important to talk to friends and relatives about these situations. They can offer support and help you get out before things go further. Additionally, when someone they know has experienced an online dating scam, they’re likely to be far more cautious themselves.

"Woman date" by Rachel Scott licensed under CC BY 2.0

The post Online dating and romance scams: How to spot and avoid them appeared first on Comparitech.