PRIVATE TUNNEL
12 (£8) for 50GB • privatetunnel.com
Private Tunnel is a commercial spin-off of OpenVPN Technologies, the developer behind the open-source OpenVPN software suite. This is a popular alternative to the L2TP/IPsec and PPTP protocols used to tunnel traffic through encrypted internet links.
There are three principle VPN protocols in common use today. The weakest is PPTP, developed by Microsoft and generally considered to be wide open to nation-state intelligence agencies and gifted hackers. Then there’s IPsec over L2TP, a popular choice but with question marks raised by respected security experts since its release in the 1990s, when it was developed by committee with the NSA.
This leaves OpenVPN as a possibly secure VPN protocol. It is an open-source implementation for virtual private networks based on SSL/TLS key exchange, followed by symmetric ciphers to transport user data. But since it’s based on OpenSSL, the OpenVPN system cannot be seen as bulletproof in its security, as 2014’s Heartbleed vulnerability very publicly showed.
It’s worth adding that Private Tunnel swiftly announced after the initial Heartbleed disclosure that its implementation of OpenVPN included perfect forward secrecy (PFS), such that an adversary can only access captured data from one decrypted session. In other words, to have your VPN link compromised the session key must be cracked each time you use the service.
Private Tunnel has an unusual business model in its commercial VPN service. Rather than sell you VPN server access by the month, it meters the data that you use. So you simply need to top-up your account with however much data you need.
The first hit of 100MB is for free. That’s handy, to enable you to try with no obligation to see if the service works for you. Thereafter data packages are sold at $12 (£8) for 50GB, $20 (£13.40) for 100GB and $50 (£33.50) for 500GB. According to Private Tunnel, and ‘average’ user transfers around 90- to 120GB per year, although it’s not clear if that’s a median, mode or mean user. Traffic is measured as the sum of up and download data. Alternatively you can try referring other people to the service. For every person you get to use the service, you receive 200MB for free. And thereafter for every data purchase they make, you get 10GB added to your account.
Server choice is much more limited than most other services. We counted three US servers (New York, San José and Chicago), and one each in the UK, Switzerland, Canada and the Netherlands.
Using the New York server, we measured 26Mb/s download and 16Mb/s upload, a good transatlantic result even if latency rose to an understandably higher 78ms. Moving ourselves back to London we hit 50Mb/s down and 43Mb/s up, with 25ms ping.
Software
Ease of use Features Privacy
Value
Overall
Private Tunnel only officially supports its own proprietary software to connect to its VPN servers, and this is available for Windows and OS X. Dig more deeply into its website and you learn that you can use other platforms, providing there is existing OpenVPN software support. For Mac users, for example, there is the open-source Tunnelblick interface released under GPLv2. To enable this you will still need to download your personal profile as a .pvn file from the Private Tunnel website, and import this into your system.
The provided software is minimalist, just providing a means to log in and authenticate, and switch between the seven available server locations. There is a Settings tab in the program’s interface, but whenever we clicked on it we were instead logged out of the service.
Most troubling though is a data leak in the Mac OS X version, which makes a connection to Google’s servers without even the benefit of an encrypted tunnel. When we reported this to the company we were told its engineers were now addressing these issues and plan to have a fix in the next release due late March 2015. VERDICT: Private Tunnel provides a minimalist software client for its users of Windows PCs and Mac. Server selection is sparse but those we tried were suitable fast. If you value your privacy, you may like to avoid the OS X issue until its data leak has been plugged.