Does encryption still work?
The first question is whether encryption still works. A few weeks ago many VPN users got concerned after they read that the NSA had compromised privacy software and cracked encryption algorithms.
So does that mean VPNs can no longer be trusted? While the various providers all have different opinions, they agree that the most secure encryptions are impossible to crack on the fly. Similarly, most providers warn that PPTP is flawed and should be avoided wherever possible.
“OpenVPN is the best choice when available on your device. It’s easy to check that your VPN provider is using strong encryption algorithms and keys (like 256bit keys and AES encryption) by looking at the OpenVPN configuration files supplied by your VPN provider. Also it can be configured to use TCP on port 443 which makes it extremely difficult to block as it looks like standard HTTP over SSL traffic.”
“OpenVPN is slightly more effort to setup (download and install a client for Windows, OS X, IOS 5+ & Android 4+) but it should be the default way for most people to connect to their VPN. We have been using OpenVPN securely (2048 bit RSA keys and AES-256) since our beginning in 2009 so previous traffic should still be secure from decryption.”
“L2TP/IPSec is a good choice if you want a quick and easy setup. However the encryption algorithms and keys used depend on your VPN provider and your device, and it is difficult to know if secure or insecure encryption is being used. Your data could be encrypted with AES-256 (more secure) or with 3DES (not secure) and you wouldn’t know. An evil or silly VPN provider could force all clients to use 3DES. Also Windows XP does not support AES and would use 3DES encryption instead.”
“PPTP has known security weaknesses and should only be used as last option or where nothing else works with your device. There are no good reasons to use PPTP unless IPSec traffic is being blocked and you cannot install openVPN on your device. We would recommend only use PPTP if your security and privacy are not a concern – for example if you just want to access websites or content blocked in your country.”