[Consolidated] VPN Provider Recommendations
#376
FlyerTalk Evangelist
Join Date: Mar 2010
Programs: DL, OZ, AC, AS, AA, BA, Hilton, Hyatt, Marriott, IHG
Posts: 19,905
What does the VPN landscape look like in late 2021?
You still see a lot of advertising for various services.
I'm finishing up a 3-year sub to Nord and they've been okay but looking to see if there's anything better.
For one thing, when connected to Nord, some sites will absolutely not load, for instance BofA.
I haven't tried using it for circumventing geo-restrictions for streaming that much.
Makes it hard to use it for daily use if some sites load really slowly or not at all.
You still see a lot of advertising for various services.
I'm finishing up a 3-year sub to Nord and they've been okay but looking to see if there's anything better.
For one thing, when connected to Nord, some sites will absolutely not load, for instance BofA.
I haven't tried using it for circumventing geo-restrictions for streaming that much.
Makes it hard to use it for daily use if some sites load really slowly or not at all.
#377
FlyerTalk Evangelist
Join Date: Dec 2002
Location: Danville, CA, USA;
Programs: UA 1MM, WN CP, Marriott LT Plat, Hilton Gold, IC Plat
Posts: 15,722
Considering Mullavad, Nord and Proton. Any thoughts?
I would have installed this by now but the last one I tried seemed to slow my web browsing. But need something that will:
(1) protect my uploads while traveling (one of my amex accounts got hacked on my last trip when I had to login)
(2) stop amazon, netflix and apple from blocking playback of downloads when traveling (if I login over wifi they block playback when I open the app, even if not connected)
(3) privacy protection, because none of us need more government snooping
I would have installed this by now but the last one I tried seemed to slow my web browsing. But need something that will:
(1) protect my uploads while traveling (one of my amex accounts got hacked on my last trip when I had to login)
(2) stop amazon, netflix and apple from blocking playback of downloads when traveling (if I login over wifi they block playback when I open the app, even if not connected)
(3) privacy protection, because none of us need more government snooping
#379
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
VPN and TOR users find work arounds to Cloudflare's kicks, but Cloudflare is very much into making sure this remains a cat and mouse game with Cloudflare as the wannabe cat.
#380
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,231
Considering Mullavad, Nord and Proton. Any thoughts?
I would have installed this by now but the last one I tried seemed to slow my web browsing. But need something that will:
(1) protect my uploads while traveling (one of my amex accounts got hacked on my last trip when I had to login)
(2) stop amazon, netflix and apple from blocking playback of downloads when traveling (if I login over wifi they block playback when I open the app, even if not connected)
(3) privacy protection, because none of us need more government snooping
I would have installed this by now but the last one I tried seemed to slow my web browsing. But need something that will:
(1) protect my uploads while traveling (one of my amex accounts got hacked on my last trip when I had to login)
(2) stop amazon, netflix and apple from blocking playback of downloads when traveling (if I login over wifi they block playback when I open the app, even if not connected)
(3) privacy protection, because none of us need more government snooping
1a. It's likely that someone either cloned your card or guessed random card numbers and hit on yours. If you're saying that your amex dot com login was hacked, then it's probably because you reused the password from another site that was hacked, and the hackers then used that username and password to log in to your account. The solution here is to use a random unique password for each site. This is what password managers are for.
2. For this use case, I would run speed tests on the various VPNs to verify they can give you a high enough throughput to stream. I think most of the big ones probably can.
3. I'm not sure what problem you're trying to solve here. Which government is snooping? What are they snooping? How are they snooping? All you do by using a VPN is to trust the VPN provider with the same information that you had been trusting your ISP with. Unless their privacy policy states otherwise (and I'd be surprised if they do) then your VPN provider probably keeps copious logs of your activities (even if they claim not to!) that they will be happy to give to any police force that asks for them, perhaps even without a court order depending on jurisdiction. The government and Big Tech already have tons of information on you, including which sites you visit, what you search for, and much much more. A VPN won't help you here. It's an unavoidable consequence of being online, unless you are exceptionally diligent about avoiding leaving trails, using privacy-centric browsers and search engines, and essentially having the opsec of an undercover agent.
A commercial VPN provider is useful IMO for exactly two reasons: 1) pretending to be somewhere you're not so you can do something like stream Netflix, or 2) being able to access sites that are blocked by your local ISP.
I personally don't have a commercial VPN provider, but I do have a VPN server in my home router that I can use in case of either of the above two needs, or if I need to access something on my home network.
Also, I seem to recall several articles from a while back that all but proved that several free VPN services were fronts for various countries' intelligence agencies.
#381
A FlyerTalk Posting Legend
Join Date: Sep 2002
Location: LAX/TPE
Programs: United 1K, JAL Sapphire, SPG Lifetime Platinum, National Executive Elite, Hertz PC, Avis PC
Posts: 42,231
Considering Mullavad, Nord and Proton. Any thoughts?
I would have installed this by now but the last one I tried seemed to slow my web browsing. But need something that will:
(1) protect my uploads while traveling (one of my amex accounts got hacked on my last trip when I had to login)
(2) stop amazon, netflix and apple from blocking playback of downloads when traveling (if I login over wifi they block playback when I open the app, even if not connected)
(3) privacy protection, because none of us need more government snooping
I would have installed this by now but the last one I tried seemed to slow my web browsing. But need something that will:
(1) protect my uploads while traveling (one of my amex accounts got hacked on my last trip when I had to login)
(2) stop amazon, netflix and apple from blocking playback of downloads when traveling (if I login over wifi they block playback when I open the app, even if not connected)
(3) privacy protection, because none of us need more government snooping
#382
Join Date: Dec 2010
Location: DEL
Posts: 1,057
A commercial VPN provider is useful IMO for exactly two reasons: 1) pretending to be somewhere you're not so you can do something like stream Netflix, or 2) being able to access sites that are blocked by your local ISP.
I personally don't have a commercial VPN provider, but I do have a VPN server in my home router that I can use in case of either of the above two needs, or if I need to access something on my home network.
I personally don't have a commercial VPN provider, but I do have a VPN server in my home router that I can use in case of either of the above two needs, or if I need to access something on my home network.
Commercial VPNs are good to beat geoblocking for expats and immigrants who often need to access services in the "old" country that may not allow foreign connections for "security" reasons, e.g. E-ZPass in the U.S. They can also be useful if you really want to watch some other country's streaming content.
If you just want to beat geoblocking while traveling, setting up a VPN server at home is absolutely the way to go--Netflix et al try to block commercial VPNs with varying degrees of success, but by VPN-ing back home you look like you're connecting from your own living room and you won't run into any of the problems you get with commercial VPNs.
Last edited by der_saeufer; Sep 12, 2022 at 11:33 pm
#383
Join Date: Sep 2008
Location: AUS
Programs: BAEC Gold, AA PPro, Hyatt Globalist, Amex Plat
Posts: 7,043
<snip>Commercial VPNs are good to beat geoblocking for expats and immigrants who often need to access services in the "old" country that may not allow foreign connections for "security" reasons, e.g. E-ZPass in the U.S. They can also be useful if you really want to watch some other country's streaming content.
If you just want to beat geoblocking while traveling, setting up a VPN server at home is absolutely the way to go--Netflix et al try to block commercial VPNs with varying degrees of success, but by VPN-ing back home you look like you're connecting from your own living room and you won't run into any of the problems you get with commercial VPNs.
If I setup a home VPN server and attempt to route all streaming traffic while abroad through the home server, it would seem my performance will be constrained by the very low upstream bandwidth I have?
This may show my lack of understanding on this topic; I have a technical background, but not so much on the networking front (at least not with any depth). Its unclear to me, if when streaming from abroad though a home VPN, if the actual video stream has to "download" to the home server, then "upload" back out to my remote client (hope that makes sense). If that is correct, it seems like that would be some pretty poor performance for streaming video. But I may very well be missing an understanding of how this traffic is actually routed.
Regards
#384
Moderator: Hyatt; FlyerTalk Evangelist
Join Date: Jun 2015
Location: WAS
Programs: :rolleyes:, DL DM, Mlife Plat, Caesars Diam, Marriott Tit, UA Gold, Hyatt Glob, invol FT beta tester
Posts: 18,947
It's not just you -- it's a lot of people. Courtesy of Cloudflare. FT/IB uses Cloudflare. And Cloudflare is very blocking happy and seems to be on blacklisting kicks for IP addresses and who knows what else.
VPN and TOR users find work arounds to Cloudflare's kicks, but Cloudflare is very much into making sure this remains a cat and mouse game with Cloudflare as the wannabe cat.
VPN and TOR users find work arounds to Cloudflare's kicks, but Cloudflare is very much into making sure this remains a cat and mouse game with Cloudflare as the wannabe cat.
I've actually thought about taking this route on several occasions, but have just been too lazy to pursue it. I'm curious what the performance impact on streaming is when taking this route. For example, my home internet is cable modem, so very, very asymmetrical performance, ~300 Mbps down stream, but only ~11-15 Mbps upstream. That is fine for our home usage model but I fear would be problematic from streaming from abroad.
If I setup a home VPN server and attempt to route all streaming traffic while abroad through the home server, it would seem my performance will be constrained by the very low upstream bandwidth I have?
If I setup a home VPN server and attempt to route all streaming traffic while abroad through the home server, it would seem my performance will be constrained by the very low upstream bandwidth I have?
I found it on Google so it must be reliable : "0.5 Mbps is just enough to start a video stream, but anything below 1.5 Mbps leads to poor video quality. As recommended by Netflix, Standard definition (SD) requires 3 Mbps, High definition (HD) 5 Mbps and 4K/Ultra HD at least 25 Mbps."
#385
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,231
If I setup a home VPN server and attempt to route all streaming traffic while abroad through the home server, it would seem my performance will be constrained by the very low upstream bandwidth I have?
This may show my lack of understanding on this topic; I have a technical background, but not so much on the networking front (at least not with any depth). Its unclear to me, if when streaming from abroad though a home VPN, if the actual video stream has to "download" to the home server, then "upload" back out to my remote client (hope that makes sense). If that is correct, it seems like that would be some pretty poor performance for streaming video. But I may very well be missing an understanding of how this traffic is actually routed.
Regards
1. Your local connection's downstream bandwidth
2. Your VPN server's upstream bandwidth
3. The VPN appliance's capability to encrypt data
You can't do much about #1. For #2 the best you can do is buy a connection with a higher upload bandwidth from your local ISP. Cable connections tend to have a big disparity between download and upload speeds but some cable companies provide 30+ Mbps upload...on their most expensive plans. If you can get fiber, those connections are usually symmetric (same upload and download speeds). We have 300 Mbps up and down from AT&T fiber.
#3 is a complicated little bear, though. It depends on the hardware you're running the VPN on and the type of VPN. Running the server on a router is not optimal because routers typically are designed to route and have otherwise limited resources. Running the server on a dedicated computer (even a Raspberry Pi) can be better, but more complicated to set up.
OpenVPN is popular but also cumbersome to set up and can be rather slow depending on the encryption algorithms you select and whether the hardware you're running on supports hardware offload of those algorithms. IPSec is also very popular but also difficult to set up and configure securely, but some routers support offloading the encryption work to dedicated hardware which can make it quite fast. I personally use WireGuard, which has the benefit of being fast, easy to set up, and still able to run with decent performance on even unoptimized hardware. I use WireGuard on a Ubiquiti Edgerouter X, which is quite a limited little box all considered, but I can still get 50+ Mbps from it over the VPN connection. With OpenVPN I got more like 5-10Mbps.
#386
Join Date: Sep 2008
Location: AUS
Programs: BAEC Gold, AA PPro, Hyatt Globalist, Amex Plat
Posts: 7,043
Yep -- IB will try to work with you if you can give them an IP to unblock, but, well, there's a 13-page thread and counting in the tech support forum: Consolidated "Problems Accessing FlyerTalk When Using A VPN" thread
You're correct that VPNing means all the traffic will first go to your home, then back out through the same connection (this doesn't matter much though; unlike a water pipe the down/up directions are largely independent of each other) so the smaller upload bandwidth will be the limiting factor. But FWIW I only have ~20 Mbps up and it provides tolerable VPN streaming.
I found it on Google so it must be reliable : "0.5 Mbps is just enough to start a video stream, but anything below 1.5 Mbps leads to poor video quality. As recommended by Netflix, Standard definition (SD) requires 3 Mbps, High definition (HD) 5 Mbps and 4K/Ultra HD at least 25 Mbps."
I found it on Google so it must be reliable : "0.5 Mbps is just enough to start a video stream, but anything below 1.5 Mbps leads to poor video quality. As recommended by Netflix, Standard definition (SD) requires 3 Mbps, High definition (HD) 5 Mbps and 4K/Ultra HD at least 25 Mbps."
It terms of video streams, I can tell you that every once in awhile our service goes tapioca and speeds will drop substantially, even to single digit Mbps (a modem reset immediately cures it) and when that happens we notice a very distinct difference in streaming quality, often dropping to SD (which is not a joy to see on a 65" OLED TV) or even stuttering. So while I acknowledge the theoretically numbers for "starting a stream" I really have zero interest in watching anything in SD these days.
Regards
#387
Join Date: Sep 2008
Location: AUS
Programs: BAEC Gold, AA PPro, Hyatt Globalist, Amex Plat
Posts: 7,043
<snip>You can't do much about #1. For #2 the best you can do is buy a connection with a higher upload bandwidth from your local ISP. Cable connections tend to have a big disparity between download and upload speeds but some cable companies provide 30+ Mbps upload...on their most expensive plans. If you can get fiber, those connections are usually symmetric (same upload and download speeds). We have 300 Mbps up and down from AT&T fiber.
#3 is a complicated little bear, though. It depends on the hardware you're running the VPN on and the type of VPN. Running the server on a router is not optimal because routers typically are designed to route and have otherwise limited resources. Running the server on a dedicated computer (even a Raspberry Pi) can be better, but more complicated to set up.
#3 is a complicated little bear, though. It depends on the hardware you're running the VPN on and the type of VPN. Running the server on a router is not optimal because routers typically are designed to route and have otherwise limited resources. Running the server on a dedicated computer (even a Raspberry Pi) can be better, but more complicated to set up.
OpenVPN is popular but also cumbersome to set up and can be rather slow depending on the encryption algorithms you select and whether the hardware you're running on supports hardware offload of those algorithms. IPSec is also very popular but also difficult to set up and configure securely, but some routers support offloading the encryption work to dedicated hardware which can make it quite fast. I personally use WireGuard, which has the benefit of being fast, easy to set up, and still able to run with decent performance on even unoptimized hardware. I use WireGuard on a Ubiquiti Edgerouter X, which is quite a limited little box all considered, but I can still get 50+ Mbps from it over the VPN connection. With OpenVPN I got more like 5-10Mbps.
Regards
#388
FlyerTalk Evangelist
Join Date: Mar 2010
Programs: DL, OZ, AC, AS, AA, BA, Hilton, Hyatt, Marriott, IHG
Posts: 19,905
Yes, I'm aware I could mitigate the upstream issue. However, I've had my service for a very long time and surprisingly they have never raised the rate and generally, for our use case, I'm very happy with what we get for the dollars we spend. Fixing the issue (e.g. switching to fiber, etc.) will likely increase my bill in order to solve a problem that is like, 0.75% of my use case, so really just not worth it (at least to me).
Yes, I've done a good bit of reading on all this and did setup and play with OpenVPN many years ago. If I do decide to pursue again I'd definitely go with Wireguard, no question.
Regards
Yes, I've done a good bit of reading on all this and did setup and play with OpenVPN many years ago. If I do decide to pursue again I'd definitely go with Wireguard, no question.
Regards
#389
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,231
I don't want to restart that thread here, but this Cloudflare stuff w/FT drives me crazy. It is literally the only site on well... the Internet... that I have issues with. IB acts as though they are Fidelity or Charles Schwab or something. It's a traveler site where probably 90% of users are anonymous anyhow...
Cloudflare is mostly a CDN (content delivery network). They maintain points of presence throughout the world on the internet with cached copies of sites that are their customers. This provides faster load times no matter where you are physically located, because you get a copy of what you're looking for from a location nearest you. I don't know why Flyertalk's admins have set Cloudflare to block VPNs...I suspect they noticed abuse coming from VPN IPs.
#390
Join Date: Sep 2008
Location: AUS
Programs: BAEC Gold, AA PPro, Hyatt Globalist, Amex Plat
Posts: 7,043
Post your concerns in the Tech Support forum if you haven't.
Cloudflare is mostly a CDN (content delivery network). They maintain points of presence throughout the world on the internet with cached copies of sites that are their customers. This provides faster load times no matter where you are physically located, because you get a copy of what you're looking for from a location nearest you. I don't know why Flyertalk's admins have set Cloudflare to block VPNs...I suspect they noticed abuse coming from VPN IPs.
Regards