CYBERGHOST VPN
7 (£4.70) per month • cyberghostvpn.com/en_gb
CyberGhost was founded in Germany by entrepreneur Robert Knapp, before quickly moving the operation out of the country in 2010. It outran Germany’s new data retention laws and settled in Romania where there is currently no mandate to log user activity.
The company professes a strong policy of customer privacy, turning down VC funding in favour of crowdsourced capital raising, and it even publishes a transparency report on its website. This is more for information purposes, showing on a country-by-country basis where requests for information about its customers personal data are originating. But since it does not keep logs, we’re told there is nothing to turn over from any of these requests.
CyberGhost has an interesting way to cut the link between a customer’s VPN credentials and their true identity as established by payment details. It out-sources account payment to a separate company that only processes card details without seeing login names.
Software
The CyberGhost proprietary client software is available for Windows, OS X, iOS and Android. Or you can opt for a manual setup using any of these systems’ built-in VPN client interface. Linux users can use the service with their choice of VPN binaries that support the service’s protocols of OpenVPN, PPTP and L2TP/IPsec.
Launching the program the first time, you see a small window with a map showing your current location as established by your real IP address. If you have bought a subscription, you just enter your login name and password. Then to start a connection, click on a large yellow button in the application’s window. Or in the words of the company: “Launch the application and press our magic yellow button. We swear, your whole life will change once you click on it.”
Anti-fingerprinting technology optionally changes the browser language with server location, and removes info about your Ease of use Features Privacy
Value
Overall
operating system and browser version. A content blocker removes social plug-ins like the Facebook Like button, which is used by the social network to analyse your surfing behaviour, and blocks other requests from hidden trackers on websites.
For Windows users, the application modifies Registry settings (HKCU\Software) to start automatically upon reboot in Windows, although this can be switched off from Settings.
One thing you can’t seem to do is to select your choice of VPN protocol through the CyberGhost client software. For the Windows version of the software, TAP drivers from OpenVPN Technologies Inc are installed with the program, so we can assume that OpenVPN is a possibility; OS X does not seem to have the necessary TUN/TAP kernel extensions included in the install process, suggesting an L2TP/IPsec or PPTP connection.
Delve into the Advanced Settings in the Windows version and you can exchange the default UDP connection mode to TCP, although this is not offered in the Mac version.
In our testing, the VPN connection did not appear to leak DNS requests. Our chief concern with the use of CyberGhost’s VPN software was an altogether different data leak though.
Both Windows and OS X versions of CyberGhost software were making outgoing connections to Google servers at every launch. These were to various Google-owned servers, with connection attempts made before an encrypted tunnel is started, so your real IP is revealed to Google at the very least.
After discussing the issue with CyberGhost we were informed that the company was making use of Google Fonts API, but that this potential privacy issue was now being resolved by moving the fonts to its own servers. VERDICT: CyberGhost relocated itself to one of the few European countries that took personal privacy seriously, providing a good base for commercial VPN services. Its software is easy to use and many other connection options are available for other devices, too. If your motivation for using a VPN service is personal privacy, you may be heartened to hear the Google API issue is also now being resolved.