marbian wallyce futurya
Ogier Dudley
Point-to-Point Tunnelling Protocol (PPTP) is one of the most commonly available VPN protocols around, mainly due to its wide compatibility on numerous devices. It has been around since the year 2000, and since then has completely been discredited by the internet security industry as it has a number of well-known security flaws.
The vulnerabilities that PPTP has are caused by the PPP authentication protocol and the MPPE protocol that is used. This includes the way that both MPPE and PPP are used for session key establishment.
MS-CHAP-v1 that is used for authentication is fundamentally insecure, with various tools available that can easily pick out NT password hashes taken from captured MS-CHAP-v1 communications. MS-CHAP-v2 is also just as vulnerable, but this time to dictionary attacks on challenge-response packets. Again, tools are readily available to perform these attacks.
The MPPE protocol uses RC4 stream cypher for encryption. This means there is no way to authenticate the ciphertext stream, meaning that it is vulnerable to a bit-flipping attack. This means that an attacker can modify the traffic without the possibility of being detected.
Layer 2 Tunnelling Protocol (L2TP) is another very popular protocol that has had some inherent security weaknesses. It is used quite often by mobile users because of the native support on both Android and iOS. Its origins come from the aforementioned PPTP and its latest iteration L2TPv3 comes from back in 2005.
The first version of the Internet Key Exchange (IKE) protocol is what laid the groundwork for IKEv2 to become one of the most secure and fastest VPN protocols currently available. The first version though has inherent security vulnerabilities that cannot be avoided.
Leaked NSA presentations that were released by Der Spiegel show that IKE is being exploited in a currently unknown way to decrypt IPSec traffic. Researchers also discovered a Logjam attack that could break 1024-bit Diffie-Hellman encryption. This was a huge discovery as it meant that 66% of VPN servers, 18% of the top million HTTPS, and 26% of SSH servers were vulnerable. Though this discovery is quite disputed in the internet security industry, though it is worth considering when choosing a VPN protocol.
As mentioned above, the recent discovery of key-reuse vulnerability over IKEv1 makes the protocol really insecure. Exploiting the key-reuse vulnerability on Hide.me servers is not possible due to our design of IKEv1 deployment (we do not use the vulnerable RSA based authentication mechanism). Due to this fact our IKEv2 implementation is also secure.
When IKEv2 exists, which improved immeasurably over the first version, there is no reason not to go with it. IKEv2 brought about the likes of Denial of Service attack resilience, SCTP support, and NAT traversal.
The easiest way to set up a VPN connection on your device would be to use the Hide.me VPN app. It is available on Windows, macOS, iOS, Android, and Windows Phone. On our app, you can choose between all of the VPN protocols that we offer, including even SoftEther. So you can just connect to your server of choice and not have to worry about staying secure. You can even setup fall-back protocols, in case the protocol of your choice goes down.
Here at hide.me we are all about internet freedom, and we are happy to be in a position to bring that to everyone. That is why we give you a 30-day money-back guarantee on our Premium plan. No questions asked and no logs recorded.
Keeping our users best interest in mind, we would like to announce that we will discontinue IKEv1, L2TP & PPTP protocols. These protocols will no longer be supported by hide.me VPN after 31st December 2019 for all our paid users. We are discontinuing support for these protocols for all free users from October 25, 2019. Users can connect to much better protocols including SSTP, IKEv2, OpenVPN and SoftEther,
Users who use these protocols by manually configuring them with hide.me for different use cases can now rely on much better, secure and faster VPN protocols like OpenVPN and SoftEther. OpenVPN is many times better in speed and security compared to PPTP and L2TP/IPSec.
Taking this into account, it may be a good time to upgrade your router to something new with more features. Even cheaper routers nowadays come with an impressive array of capabilities, including OpenVPN support. Not to mention other up to date security and performance features.
As corporations and security services collect ever-larger amounts of data, the desire for digital anonymity continues to grow. VPN providers like hide.me make it easier than ever before to conceal your identity with just a few mouse clicks. However, not every VPN is created equally.
Hide.me* is a Malaysian VPN provider that professes not to create logs, prioritizing the security and privacy of its users. Unlike most of its competitors, a free version of hide.me is offered, which is meant to familiarize new users with VPNs. Below, we'll discuss what the free and paid versions offer, as well as how each performs.
Hide.me offers apps for Windows, Android, macOS, iOS, and Linux, as well as Android TV and Amazon Fire TV. Beyond that, the service also provides browser extensions for Chrome and Firefox, and on its website, installation guides for routers and other devices.
Since hide.me, unlike most other VPN providers, offers a free version of its software, users don't need to supply payment information when registering. Simply select and download the client for your operating system (and, if manually installing, select a VPN protocol) before installing the application. Within a matter of minutes, thanks to the instructions on hide.me's website, we were able to get the desktop client running.
The desktop app is uncluttered and provides a nice overview of the program. In the interface's center, you'll find a large "Enable VPN" button that automatically creates a VPN tunnel between you and the best location. On the bottom left, you can see your IP address, while at the top left and right, you'll find a notifications bell and a gear icon that takes you to the settings menu.
To connect to a different server, simply click on the "Change" button in the bottom right of the main screen. Hide.me's server list is divided into three areas: Favorites (which you can augment by clicking on the star symbol next to a server), Recommended Servers, and finally, a Full Server List. Servers can be arranged alphabetically, or on the basis of their ping (descending).
Beyond that, there are two additional server categories. As the name implies, Streaming servers are designed for usage with on-demand platforms, such as Netflix or Disney+, allowing you to view foreign content (we'll discuss how well this works below in the "Performance" section). Alternatively, multi-hop servers allow you to create a connection over two VPN tunnels simultaneously, providing enhanced security.
So far, so good. If you want to dive into the more complicated side of hide.me, click on the gear symbol at the top right of the main window to open the settings menu. Here, more advanced users can set auto-start preferences, location selection, or modify how the program behaves. For example, auto-start can be set to interact differently with trusted and untrusted WLAN or Ethernet networks.
You'll also be able to make use of the platform's extra features here. These include the ability to manually configure a DNS server or exempt certain programs and apps from your VPN connection through split tunneling.
Added security is provided by "Stealth Guard", which works similarly to split tunneling, but designates which apps or programs should never run without a VPN tunnel. Not just for programs, you can even include your Internet connection, meaning that you'll only have connectivity if a VPN tunnel through hide.me can be established.
The platform also features a classic kill switch, that completely severs your connection whenever there are disruptions, but, with a unique twist: You can run user-defined scripts once the kill switch is activated.
Mobile versions of hide.me are offered for iOS, Android, Windows Phone, and Blackberry. Similarly to the desktop version, these offer a clear but somewhat boring overview of the program's services and features.
The footer includes buttons that allow you to alternate between VPN, Location, Settings, and Extend, the expanded menu view. For both the Location and Settings buttons, options are not as extensive as in the desktop client (for example, Stealth Guard is missing). With that said, split tunneling is offered as well as the ability to manually configure a DNS server.
In sum, hide.me perfectly blends simplicity with advanced settings, catering equally to those who want to surf anonymously with as little fuss as possible, as well as others interested in creating a more personalized VPN experience.
Hide.me possesses a network of around 1,900 servers spread across 49 countries. Most servers are located in the US and Europe, with Brazil, Singapore, Morocco, and South Korea serving South America, Africa, and Asia, respectively. In comparison to other VPN providers, the network is not particularly extensive, lacking coverage in both Africa and South America.
Even though the number of servers on offer is decent, we would have liked to see more variety, especially considering that other VPN providers host servers in twice as many countries. Particularly in Asia, hide.me's base, the trend has been for greater development and growth. Still, we're hopeful that the service will expand more in its backyard.
The speed of all VPNs from our sample is evaluated using a server in Europe with a 1 GB/s connection. We tested random hide.me servers in the US and Germany at different times of the day in order to gauge the service's performance. More information concerning our methodology can be found in our VPN speed test.
c01484d022