PureVPN

PureVPN Review

Overall Rating

PureVPN is a Hong Kong based provider that began offering services in 2007. It boasts over 1 million customers, with hundreds of servers in over 140 countries, across six continents. Its network contains more than 77,000 IP addresses to anonymize your Internet presence and the service guarantees a 99.9% uptime while offering 24/7/365 live chat support.

Since we wrote our original review, PureVPN has expanded considerably and has risen to become a major player in the global market. In this review, I will take a closer look at what PureVPN has to offer today.


Quick Links

  1. Privacy Policy
  2. Encryption
  3. Server network
  4. Software and compatibility
  5. Speed
  6. Add-ons

Privacy Policy

As a Hong Kong based corporation, PureVPN is subject to looser data retention laws than the EU. The company states it understands that security and privacy are very important to its customers. The following is an excerpt from its privacy policy:

We do not log any user activity (sites visited, DNS lookups, emails etc.) We only log access attempts to our servers (for security and troubleshooting). We do not get involved in any form of censorship. We do not give your personal info to any third parties. We do not cooperate with any requests for information unless we are ordered by a court of competent jurisdiction and the vast majority of these requests would not be from a court of competent jurisdiction We will protect you to the max and our system is setup to automatically do so. There are hundreds of good reasons for being anonymous and we respect them fully.

Hong Kong VPN
PureVPN is based in Hong Kong, where there are no strict data retention laws to force VPN providers to retain customer logs.

PureVPN does, however, retain operational (connection) logs for a period of 30 days. According to the provider, these are collected strictly to improve the service, keep out spammers and to process payments.


Visit Provider


Encryption

Whilst, reviewing PureVPN’s service I tested on Android, Linux, and Windows 7, utilizing various built-in, open source, and PureVPN custom apps. During the course of my testing I was confused over exactly what ciphers and strengths each protocol was using. Its web site only contained vague information such as “encrypt your data with up to 256-bit encryption keys”. Fortunately, its customer support is excellent and quickly explained to me how the service’s encryption works.

According to support, when using anything but its Windows application, PPTP is set to 128 bits and all other protocols are AES-256-CBC.  Its Windows application defaults to “no encryption”. Support reports that this is to enable the fastest streaming experience. I would suggest setting at least 128 bit encryption, and I will talk about this some more later on in the platforms section of the review.

PureVPN supports PPTP with 128 bit keys, and L2TP/IPSec, SSTP, IKEv2, and OpenVPN with the AES-256-CBC cipher, but since PPTP is not a secure protocol, anyone interested in security should use a different protocol. AES-256-CBC is considered to be very secure, although you might take a performance hit using it. I also address this later in the performance section.

Server network

PureVPN servers
PureVPN server locations count

At the time of writing this article, PureVPN features over 500 servers in 141 countries, making this provider among the largest in terms of network size.

Key clusters are located in the United States, UK, Canada, the Netherlands, Germany, Australia, Hong Kong and numerous other counties. It offers access to a handful of very remote island locations such as Saint Lucia, Barbados and the Cayman Islands.

PureVPN also provides what they call “virtual servers“. As an example, let’s say you are in China and want to connect to a US server. However, due to the distance, you are getting poor performance. You could connect to a virtual server located in Asia that has a US IP address. This would give someone located in China the ability to stream US TV. However, the virtual servers only seem to show up under the Windows client.

Round-robin DNS
Example of round-robin DNS. Given the use of round-robin DNS if performance is not up to snuff, try reconnecting and you will get a new server.

Software and compatibility

Windows

PureVPN’s support of Windows is excellent. The website has many tutorials on how to set up various protocols using the Windows built-in networking support. Its also offer its own custom app.

PureVPN Windows app server map
Server map

I would not normally recommend using a provider’s custom client. Most providers do not have a lot of value-add in their clients over the built-in OS settings or open source clients, such as OpenVPN. Typically, there is very little reason to trust that the providers programmers are as careful as the open source or proprietary software practices. In other words, sloppy programming could open you up to vulnerabilities. However PureVPN’s Windows client has a lot of value-add and looks to be well written.

One of the nicer features of the client, is the ability to automatically find the fastest server based on your purpose. For example, if you wanted to unblock Netflix US, you could select this purpose and the software will tell you the best server and protocol for this particular use.

PureVPN unblock Netflix
Filtering server selection down by purpose

There are other purposes to choose from as well, such as files-haring, enhanced privacy, unblocking and streaming.

Something that I did not like about this client, is that it does not report what encryption cipher and strength it is connected with. Instead, it indicates relative “speed” and “security” based on a rating out of five icons:

PureVPN Windows client
Browsing through the app’s settings

Aside from the latest desktop client, PureVPN customers can likewise download and use the old client, which features some tools and settings, like Split Tunneling for instance, which were retired and not included in the new app.

Linux

Its Linux support is excellent.  It is utilizing both the Network Manager OpenVPN plugin and the OpenVPN command line client.  Which means you can use all open source code. In addition, it provides *.ovpn configuration files for TCP and UDP servers.

PureVPN uses 2048 bit RSA key lengths and the additional OpenVPN TLS authentication. OpenVPN UDP is running on port 53, which is the well known DNS port and highly unlikely to be blocked. Its OpenVPN servers are using the AES-256-CBC cipher, which is very secure. However, it does not use ephemeral keys by default, though I had no problems enabling them on my setup.

Interestingly, I was unable to set my cipher to AES-128-CBC. Tech support informed me that only by utilizing the Windows custom client can you change the default encryption settings.

On OpenVPN TCP it is using port 80, the well known HTTP port. Which again, can not really be blocked. For some reason it chooses SHA-1 for HMAC authentication. SHA-256 or SHA-512 would have been a more prudent choice. PureVPN does not offer a custom Linux client but this is not a detraction as they work well with OpenVPN’s open source client, and with Network Manager’s OpenVPN plugin. PureVPN has many tutorials for setting up the service on various flavors of Linux.

Android

Android is also well supported by PureVPN with many tutorials on how to set up connections using the operating system’s built-in VPN support. Following them tutorials went smoothly for me. The provider also offers a custom app that is available in the Google Play store.

On the first look, PureVPN’s Android app looked pretty good but it did not take very long for me to switch to the OpenVPN open source app.

PureVPN Android    PureVPN Android app

The first thing I noticed is that there is no option to manually choose a server location. You pick a country and then the app finds the fastest server for you. But if the app chooses poorly, there is no way to change servers. To my surprise, the  app only supports the OpenVPN protocol. You will have to manually set up other protocols.

The Android app is not as mature as the Windows software. I opted to install OpenVPN Connect from Google Play instead. Then I imported the OpenVPN configuration files from PureVPN’s Linux downloads. The OpenVPN config files are a little tricky to find. I found them by searching for “openvpn files” in the support area of the PureVPN website.

At this time I would recommend using the OpenVPN Android client over PureVPN’s Android app. It is mature and offers many nice features, and it is open source!

OpenVPN Android App
You can set up PureVPN on your Android with the help of the official OpenVPN app in Google Play Store

You can likewise set up a manual L2TP/IPsec connection using the built-in VPN client on your Android device.


Visit Provider


Speed

We now know that PureVPN supports many protocols and platforms, but how well does its network perform?

Network metrics can be tricky as there are a lot of factors involved, many that are out of your control. But there are ways to get some ideas on how well the network performs.

One way, is to simply use the service and see how it goes in a normal browsing session.

On my hard wired Linux box I initially noticed some very high latency, in the over 600 ms range. Switching VPN servers fixed that. I watched some 1080p YouTube videos. Streamed some music. Surfed the web. Opened up some SSH sessions, downloaded software and did what I do. The user experience was good. If I ran into problems, switching to a different server took care of it.

But we engineers like to see numbers. So, I ran various speed tests, threw out the ‘way out there’ numbers, and averaged the rest.

Network Speed Tests
Protocol Encryption VPN Server Platform Ping Download Upload
None None None Android 23 ms 49.10 Mbps 6.57 Mbps
OpenVPN UDP AES-256-CBC NYC Android 109 ms 9.19 Mbps 5.67 Mbps
L2TP/IPSec AES-256-CBC NYC Android 106 ms 15.73 Mbps 5.80 Mbps
None None None Linux 18 ms 65.70 Mbps 6.13 Mbps
OpenVPN TCP AES-256-CBC NYC Linux 63.4 ms 32.47 Mbps 5.74 Mbps
None None None Win7 66.5 ms 65.81 Mbps 6.54 Mbps
L2TP/IPSec AES-256-CBC NYC Win7 104 ms 45.90 Mbps 6.21 Mbps
OpenVPN UDP AES-256-CBC NYC Win7 212 ms 3.36 Mbps 2.74 Mbps
OpenVPN UDP AES-256-CBC Chicago Win7 67 ms 4.67 Mbps 6.41 Mbps
SSTP None NYC Win7 141 ms 27.39 Mbps 4.30 Mbps
SSTP AES-256-CBC NYC Win7 70 ms 20.87 Mbps 6.03 Mbps

The numbers in red are raw throughput for each operating system. This table offers some relative throughput comparisons. Since my Android device is utilizing wi-fi, it does not achieve the throughput of my hard lined computers. 

OpenVPN performance on all platforms seems sub-par. It is working well enough for streaming, and web surfing. L2TP/IPSec performance is more on-par, but still not as good as it could be. SSTP is performing better than OpenVPN, but again not as good as I had hoped.

I found great differences depending on the server farm that I used. Interestingly, my upload speeds were much closer to my raw ISP rate than my download speeds.

It could be possible that my rather high, often in the 70 Mbps range, ISP rates are just more than PureVPN’s network can match.

Add-ons

PureVPN is truly innovative. It offers a wide variety of add-ons, though most of which cost an additional fee. Add-ons that cost more are Smart DNS, NAT Firewall, StealthVPN Browser, Dedicated Streaming, Dedicated IP, and DDoS protection. Free add-ons include Split Tunneling and an Internet Kill Switch.

Smart DNS

Smart DNS is a useful add-on for those who only need geo-unblocking services. Let’s say you are in the US and you want to watch your favorite BBC shows on iPlayer. The BBC restricts viewing to computers that are located within the UK.

BBC iPlayer blocked.
BBC iPlayer blocked outside UK

But by utilizing the Smart DNS, your connection to select sites are proxied through an unblocked IP address. This is not a VPN. There is no encryption.

Basically, you replace your DNS server on your device with one of PureVPN’s, which then routes you through the appropriate proxy.

Since there is very little overhead on the proxy, you should be able to achieve nearly your ISP speeds. In addition, if you are accessing a site that is not proxied by PureVPN, such as your bank, or google.com, you should see no loss in throughput at all as you will connect normally without a proxy. This makes Smart DNS a great feature for people who only need to bypass geo-restrictions.

In my speed tests, this is exactly what I saw. I was able to watch my favorite shows on BBC from outside of the United Kingdom, with no loss of throughput.

Split Tunneling

Split Tunneling is another interesting add-on offered by PureVPN. Split Tunneling allows you to create a VPN connection on a per application basis. Note that the feature is only available in the old version of its Windows software.

PureVPN’s old client showing split tunnels configuration.

So, maybe you only want to encrypt your browser traffic. You can launch Firefox inside of its own VPN tunnel. This will anonymize and encrypt your Firefox traffic, but you could listen to Spotify with no degradation in speed.

Technical Support

With any service, good customer support is paramount. PureVPN does not disappoint in this area. It offers 24/7/365 online chat support. I found that I typically only had to wait a minute or two before a representative was available. I found the assistants to be helpful and efficient. In addition its website is loaded with tutorials and helpful information. It was not always the easiest to find, but using the search option, I was often able to locate the information I needed.

Conclusion

PureVPN is an innovator in the privacy, security, and geo-unblocking tools market. It offers many add-on services for user’s specific needs and excellent support for all major platforms.

Network performance did not meet up to my expectations, but still performed well for most uses. In addition, with add-ons like Smart DNS and Split Tunneling, it’s able to handle your high throughput applications. Additionally, users can connect to the VPN from five different devices at the same time.

Encryption levels are excellent, utilizing AES-256-CBC, and 256 bit SSL

PureVPN is not the least expensive provider out there, but you get what you pay for. It also offers great discounts for the six and twelve-month plans. Likewise, there are specials throughout the year that are well worth taking advantage of. With its add-on pricing structure, you need only pay for the features you want.

It accepts a wide variety of payment methods including credit cards, Bitcoin, PayPal, mobile payment and more.


Visit Provider


Like this article? Spread the word!
Tweet about this on TwitterShare on Facebook2Share on Reddit0Share on Google+0Share on LinkedIn0Share on VK

My hacking career began at age 12, when my father brought home a Sinclair ZX-81 computer kit and a lifelong fascination with computing was born. I became a privacy and security advocate after learning of the US Government’s criminal investigation against Phil Zimmermann. Years later I found myself in Silicon Valley being paid to hack Phil’s PGP code. I soon tired of the rat race and moved to the Northwoods of Minnesota where I have over 2 million acres of protected wilderness to roam. Here I indulge in my passions for wilderness and technology and as an advocate for computer security and privacy.

3 thoughts on “PureVPN Review

    • Hi Wesley,

      Assuming you already have an account, but can’t access your control panel from China: Send an email to enquiry(at)purevpn(dot)com. Let them know you are in China, and that you need direct download links for the software. Also, mention which operating systems you are using.

  1. Split tunneling on the Mac application is very useful, can keep the VPN running only on the torrent client.

Leave a Comment