From the article:
| VPN | HQ & Eyes Alliance | Latest Independent Audit | Real-World Test | Retention Verdict* |
|---|---|---|---|---|
| ExpressVPN | British Virgin Islands (no data-retention laws) | KPMG ISAE 3000 Type I, Feb 2025 (ExpressVPN) | Split-tunnelling DNS leak disclosed Feb 2024 (patched) | Gold-standard. RAM-only fleet, annual audits, BVI jurisdiction. |
| NordVPN | Panama | Deloitte 5th audit, Dec 2024 (NordVPN) | 2018 server breach – no logs leaked | Regular audits and positive breach outcome. |
| Surfshark | Netherlands (9-Eyes) | Deloitte, Jan 2023 (Surfshark) | TunnelCrack Wi-Fi leak (Aug 2023) → patched in <7 days. | Strong audit hygiene but concerning jurisdiction. |
| Proton VPN | Switzerland | Securitum, Apr 2024 (securitum.com) | N/A | Open-source clients + Swiss privacy laws. |
| Mullvad | Sweden (14-Eyes) | Assured AB config audit 2023 | Swedish police raid Apr 18 2023 left empty-handed (Mullvad VPN) | Minimal-data design proven in the wild. |
| Private Internet Access | USA (5-Eyes) | Deloitte, Apr 2024 (Private Internet Access) | Multiple US subpoenas produced no logs | Paper-trail-verified despite US HQ. |
| CyberGhost | Romania (EU, outside Eyes) | Deloitte, May 2024 (CyberGhost VPN) | N/A | Second audit boosts trust. |
| TunnelBear | Canada (5-Eyes) | Cure53 7th audit, Dec 2023 (TunnelBear: Secure VPN Service) | N/A | Longest unbroken audit streak. |
| Windscribe | Canada (5-Eyes) | Cure53 server image audit 2022 | 2025 Greek/Canadian court case upheld no-logs stance (Tom’s Guide) | Policy tested – passed. |
| Hotspot Shield | USA (5-Eyes) | Performance/security review by AV-Test only; no dedicated no-logs audit (vpnMentor) | AV-TEST performance audit only; no no-logs audit to date. (CVE Details) | Speed king, privacy laggard. |
Archived links:
Proton does… but you need to use a shell script to enable it on Linux. It’s easy enough and documented on their site, but it’s annoying. Mullvad does not, that’s why I moved away from them. Can’t speak for others
This is why I moved from Mullvad to Proton. Mullvad worked great for me, but then I started my own media server, and port forwarding goes a long way for torrenting Linux ISOs. Proton also offers double the active connections as Mullvad, which helps when hooking it up to various Gluetun containers which are mostly routed through different servers for one reason or another. And despite how gimmicky the marketing for it is, the “VPN accelerator” fuckin works.
That being said, Proton sketches me out - their CEO has said some awful bullshit last year, and it just feels like enshittification is around the corner. But their VPN is proven and works great.
I’d love to go back to Mullvad for those reasons, but the feature set Proton offers right now is unmatched imo.
Not anymore. Port forwarding now works from the app, been using it for months now.
Agreed the script was a pain in the ass
deleted by creator
Proton is too fucking expensive.
Same price as Mullvad, about a fiver a month, if you buy a year at a time. Annoying that you have to buy a year upfront but works out to the same price
Paid for itself for a year in like 2-3 movies!
Do you know if Proton’s port forwarding times out and needs to be reconfigured every so often in the same way the other commenter mentions about Windscribe?
It’s pretty solid, but if you reconnect to a different server then you’ll likely have a different port number. There’s an add-on script for docker qbittorrent though that auto updates the port number.
I have it alias the external port to local port 2000 and point qbittorrent at 2000
For Linux it does timeout and basically just need to run a bash while loop to keep open. I’m not sure if windows is the same way, but from what I hear it’s more integrated.
Overall the port forwarding is not that big of a hassle on Linux. It’s an opt in feature and I just have bash aliases to enable the port forwarding when I need it.
Same