VPN clients help you conceal the identity of your PC and surf anonymously. Not only since it became known that NSA, CIA and their peers are monitoring the Internet, PC users are looking for ways to snoop. This is not about concealing illegal activities. Rather, these users simply want to surf the web anonymously. Simply put, it is a piece of software that establishes contact with a remote server via an encrypted connection known as a tunnel, so that your own computer becomes part of this network and can henceforth be reached via its IP address.

This technology is used by companies, among other things, to give employees secure access to the corporate LAN from home. If you also want to go online via a VPN in the future, you have to choose a suitable provider. In order to help you make your choice, we will answer the most important questions below.

Which VPN protocol is preferred?

The protocol of the VPN service is important. Nearly all providers support the three common versions PPTP, L2TP and OpenVPN. It is not advisable to use VPN connections that are handled via the Point-to-Point Tunneling Protocol (PPTP), since the network protocol, which is implemented in all common computer and mobile operating systems, is considered unsafe after a hacker managed to crack the 128-bit encryption MS-CHAPv2 in July 2012? In addition, VPN connections can be blocked relatively easily via PPTP, since they are handled exclusively via TCP port 1723.

The Layer 2 Tunneling Protocol (L2TP), the successor to PPTP and part of all Windows versions since 2000/XP and MacOSX 10.3 and higher, is considered relatively secure if an unbreakable encryption method such as AES is used. Since L2TP also communicates via defined ports, such connections can be easily blocked. With the exception of iPredator and proXPN, all providers offer this variant; Goldenfrog and VPNTunnel, however, are only available for an additional charge.

Currently, OpenVPN is considered to be the safest variant. The open source solution is based on OpenSSL and supports all common crypto algorithms. In addition, OpenVPN can communicate over any TCP and UDP port, including TCP port 443 used for HTTPS connections, making blocking virtually impossible. However, under Windows and Mac, it is necessary to upgrade OpenVPN by installing software.

VPN with loss of speed?

Yes, the speed of a VPN connection is always lower than the maximum speed that your Internet connection can theoretically achieve. The main reason for this is that inquiries to web pages are not transmitted directly, but are routed via the provider’s server infrastructure.

The utilization of the servers plays a major role in this context. The more users that go online via a VPN server, the less bandwidth is available. If a VPN service offers sufficient alternatives, you can switch to another server. The number of server locations offered is therefore an important criterion.

By far the largest selection is offered by HideMyAss, IPVanish and VPN4All with 114,103 and 80 international server locations. On the other hand, the so-called overhead resulting from the encryption of the data is negligible.

Guaranteed VPN anonymity?

Before Prism and Xkeyscore this question would have been answered in the affirmative. There have always been ways and means to access the IP addresses via the server logs of the VPN operators and to compare them with the records of the providers in order to uncover the identities of a user. However, at least one initial suspicion had to exist. However, given the near-coverage monitoring and the possibility that the NSA has already cracked some encryption procedures, this question cannot be answered beyond doubt.

The home location of the VPN provider plays a major role in terms of data protection. Those who do not want to make any compromises must avoid American companies, as they are legally obliged under the Patriot Act to provide all information to U.S. intelligence services and law enforcement agencies.