Today I’ll be reviewing the VPN service provider AirVPN based out of Italy. Interestingly enough, the idea for the business came about during a Pirate festival in Rome due to the efforts of a very small group of activists, hacktivists, and hackers. A couple of lawyers that were around during its creation still provide legal advice to the team. When checking out the information on their “About us” page, it was nice to see a privacy/security company go into so much detail about how everything started. This transparency and enthusiasm stay consistent throughout the site.
The Website & Packages:
I have to admit that I was initially hesitant to try this VPN due to the first impression I received from their homepage. While not ugly, the layout had me questioning whether or not this was a serious competitor in the market. Once I delved deeper into the site, the amount of features and available information painted a far different picture.
The ability to see live statistics about each server allows users to determine the type of performance they will be able to expect. This also makes it easy to confirm that they are making the necessary upgrades to their infrastructure and not overselling the service. The added benefit of being able to see statistics relating to your own connection to their servers makes the website an invaluable tool.
AirVPN has only one type of plan available for purchase. Thankfully the service does not discriminate against the type of data routed through their network, so there is no need to buy a pricier package for P2P file sharing. They have a three-day trial available for €1, with their monthly plan priced at €7 all the way up to €54 for yearly. This includes unlimited bandwidth and server switches. Besides the normal form of payment by credit card, they also accept and recommend Bitcoins for increased anonymity.
The software and configuration files provided by AirVPN only include OpenVPN tunnels. The reasoning for this is their belief that OpenVPN provides the only proven secure form of encryption available. They don’t want to offer services like PPTP due to its inherent security vulnerabilities. After the many revelations about the NSA’s spying and encryption cracking abilities, this seems like a sensible course of action. Customers that require alternate protocols will need to use a different service.
Like almost every other VPN that I have run across, they provide proprietary software to configure the connection and switch between servers. Thankfully when asked about the ongoing plans of their client software, they told me about their newest client in production codenamed “Eddie” which will be completely open source and released for Windows, OS X, and Linux.
When this change comes about hopefully other security vendors will follow suite, as many people including myself see this as an essential requirement of any custom software. They have one of the most in-depth OpenVPN config generators I have ever seen. If the user prefers the official OpenVPN client, it’s easy to quickly create the optimal configuration file for their system.
They maintain their own logless DNS servers that actively fight against censorship by not allowing domains to be seized by government entities. These are private DNS servers that can be accessed solely through the VPN. This also provides the added benefit of circumventing geolocation censorship with their double-hop feature. One thing that I would like to see added as a feature to these DNS servers is the ability to connect to OpenNIC domains. There is plenty of documentation for connecting to these servers through most desktop and mobile operating systems. Even though the capabilities are there for setting up gaming consoles, it would have been nice to see a guide on their site for this.
To continue detailing the long list of features, we move to services that will benefit anyone trying to host web or gaming servers. Remote port forwarding allows users to configure the VPN to forward data to specified ports, up to 20 simultaneously. This is complimented by Dynamic DNS, allowing users to automatically update the DNS entry in real-time so that it points to the correct IP address even if the location has changed.
The total amount of servers that are available currently number 45 across 14 countries. I would consider this a medium-sized VPN that still has room to grow. The company believes that security and a quality infrastructure is more important than having hundreds of servers spread across the globe. What this means is that you might not find a server as close to your current location as you would like, but they should still be able to provide impressive speeds and not be overburdened with too many users.
On the status page of the website there is a nifty feature that automatically queries all AirVPN servers, allowing everyone to view each individual server load, amount of users connected, and many other useful statistics. This allows you to understand what kind of latency to expect without having to make a purchase. This level of service transparency is something I hope catches on with other VPN providers.
One of the main advantages I have noticed while using AirVPN are their consistently fast speeds and low pings even during peak hours. When contacted about what they might be doing differently than other providers to keep their quality of service so consistent, they provided several strict requirements imposed upon the data centers. Besides requiring that these companies are able to supply double the allocated bandwidth that AirVPN promises in their terms of service, each of their machines must have access to multiple Tier 2 providers as well as at least one Tier 1 provider. While using a close-by node I am able to consistently maintain download speeds that are no more than a 10% reduction of my native connection no matter which protocol I am using. These results from speedtest.net are the norm for my connection:
Native Connection Speed
VPN Connection Speed
The Encryption & Policies:
As stated earlier, AirVPN only provides connections through OpenVPN. From what I have seen, they have taken a pro-active approach to their level of security. While other VPNs have recently began scrambling to offer their customers RSA 2048 key sizes due to leaks provided by Edward Snowden, this company has used that level of encryption as default since well before people started to worry. Other aspects securing your data that are becoming industry standards such as PFS through Diffie-Hellman keying along with AES-256 are also present. When I asked about any future changes that they are looking in to, they mentioned evaluating the need to upgrade to 4096bit RSA next year in order to stay ahead of the curve.
One other important feature to mention is their server’s ability to push UDP/TCP traffic using SSH and SSL through standard internet protocols like port 80. What this means is that if you were being monitored by the government or ISP, it would appear that all you are doing is connecting through a secure connection that most websites enable by default. This makes identifying your data stream as a VPN connection pretty much impossible. This is an important feature that is worth drawing attention to.
Due to the circumstances in which this service came into existence, you can be sure that this VPN is adamant about not monitoring or collecting any data about its users. They make a public stance in the following blurb from their web site: “AirVPN has been created and is maintained by people who strongly support privacy and Net Neutrality and know well the needs of the communities around the world.”
Their terms of service are pretty cut and dry, with the following being the only thing worth mentioning:
“BY USING THE AIRVPN VPN SERVICE (“Service”) YOU AGREE NOT TO: 1. use the Service to violate, in any way, directly or indirectly, the European Convention for Human Rights. If you live in a country with laws which permit such violations, you nevertheless agree to respect the aforementioned Convention.”
Though I have never heard of them having to go after a user for breaking this rule, it’s still worth pointing out that if you plan on using their service to inflict harm on other human beings then they will not protect you. Since I believe that its moral guidelines that compels these companies to help us secure the basic human right to privacy, it should come as no surprise that they would not allow their services to be used to infringe upon the livelihood of others.
Response time on ticket requests were always handled within a couple hours in a professional manner. A unique aspect of this company are the forums that they maintain. Even if you have no plans to purchase their service, they have one of the most active VPN and security related communities on the internet. It would be wise to check out what’s going on there every once in a while if you have any long-term interest in this industry. The forum’s inhabitants are comprised of AirVPN employees along with other intelligent people having discussions and patiently answering questions.
The Verdict aka tl;dr:
This company has earned my respect with the level of transparency and quality of service that they provide. AirVPN has always been at the forefront of encryption strength and features, many of which should eventually be considered mandatory for other companies to implement. They have set the bar at such a high level that it’s going to be hard for other VPN providers not to take notice.
If you’re interested in taking a look at their service then head over to their website using the link below :-