Hide My Ass! is one of the the largest and most recognized VPN providers. They claim to have the world’s largest VPN server network, and arguably so. HMA! is also one of the oldest VPN providers having gone into operation in 2005. They are a UK based company and as such are subject to UK data retention laws.
HMA! supports many platforms and has their own custom software. Platforms they support include OS X, iOS, Android, Windows, Linux, and various routers. They support OpenVPN, L2TP/IPSec, and PPTP protocols.
Their pricing is pretty reasonable with deep discounts for multiple month packages and their service comes with a 30 day money back guarantee.
Included in the base price is the use of two simultaneous clients; you can make as many connections as you like, on as many devices as you like, the restriction is only on simultaneous connections. If you want more than that, you will have to pay for 5 or 10 clients. The extra client plans are only available with multiple month subscriptions.
They also keep various connection logs with timestamps and your IP address. Ostensibly, this is for service trouble shooting. They do state that they do not monitor content or destination addresses for users of the VPN service. After the 2011 so called Lulzsec Fiasco Hide My Ass! has clarified what may prompt the sharing of data with third parties.
If we receive a report from any person or organisation (including law enforcement) that leads us to suspect that your account has been used in connection with any wrong-doing, we may at our discretion suspend your account, but we will not disclose any personal information that may identify you unless we are legally compelled to do so.
Hide My Ass! makes it clear that user’s anonymity and privacy is of paramount concern. However, as they state, if they are legally compelled to do so, they will share your information with the proper authorities, but only with a UK court order – without one they will not provide information to any third party. As a UK company Hide My Ass! is subject to the UK’s Data Retention and Investigatory Powers Act.
Hide My Ass! offers a custom VPN client for Windows and OS X machines. Its nicest feature is the Speed guide function. The Speed guide provides a list of HMA!’s server farms around the world that can be sorted by geographical distance. It is important to remember that physical distance and network distance are two different things. In fact, the closest servers geographically to me did not turn out to be the fastest.
My initial speed guide tests missed the best servers for me because by default it only tests the ten geographically closest servers. It did not take me to long to figure this out and increase the number of servers I was testing. I would suggest running an express test on a hundred or so of their closest servers and then pick top 30. Then run a full test on those servers. The top 5 from that test will probably be the ones you want to use.
The full test can take a while to run, but it is the most accurate. In my tests it took about 16 seconds per server. So, running a full test on 30 servers might take you about 10 minutes, depending on your ISP speed. Tech support suggested running an express test on all of their servers. With more than 845 server farms around the world, this could take a long time. A feature I would like to see in a future release, would be the ability to select some results from the express test, and then have the ability to run an extended test on that selection.
Oddly, their client only supports OpenVPN and PPTP protocols. Even after working with support, I was unable able to get PPTP to work. I was able to get L2TP/IPSec to work with the built-in Windows networking.
They also have a custom L2TP and PPTP dialer program for use with Windows. I installed this during the troubleshooting of my PPTP connection, but again we were never able to make it work.
I do have my share of concerns with the Quality Assurance on their software. After the initial installation of their software, it soon stopped functioning. After uninstalling and reinstalling their software, it worked mostly as expected. One of the reasons I tend to recommend open source, peer reviewed clients, is that the QA is often better than VPN providers.
For some reason HMA!’s software leaves around a lot of network profiles in Windows. Some of them seem odd indeed, such as a PPTP connection they create to the localhost. Even after uninstalling their software the network profiles were left behind and I had to manually delete them.
A nice feature of their HMA! Pro VPN application is automatic load balancing. You can set a server load threshold and if the server you are connecting to surpasses that threshold, you will be asked if you would like to connect to a less loaded server automatically.
Yet another interesting feature is the ability to quickly change your IP address. This is great if you are trying to stay anonymous as you can hop around to different IP addresses, making it more difficult to track you. You can change IPs at the click of a button or set their software to randomly change your address after a specified period of time.
A feature I have not seen before is their client’s Secure IP Bind. This feature allows you to “bind” a specific application to their VPN. So, let us say you bind Firefox and then the VPN disconnects. As long as you are running their client Firefox will not be able to access the Internet, thereby protecting you from accidentally browsing outside your dropped VPN connection. However, if you exit their client, Firefox will be able to access your unsecured Internet connection.
Whilst the Hide My Ass! Pro VPN client does provide some very nice features, I am inclined to use it for its speed guide results only and then use the native OS networking or open source clients. I simply did not get the impression that their software quality assurance was up to my standards. Tech support informs me that their client has been in production for about a year, perhaps given a little more time it will mature. However, automatic load balancing, and IP changing is a compelling reason to use their client. It certainly will make the VPN setup much simpler for the average user.
After noticing dramatic differences in speed between the Linux open source OpenVPN client and the HMA! Pro VPN client, I decided to give the open source client a try on Windows. I had some issues getting the Windows open source OpenVPN client to work properly but after reading the Hide My Ass! tutorial I noted that they suggested running the OpenVPN client with administrator privileges and this did indeed solve my issue. The open source OpenVPN client runs fine, with similar speed results as the HMA! Pro VPN client. I was at a bit of loss to explain the significant difference between the Linux and the Windows and Android OpenVPN speeds.
I decided that the only real variable was the hardware differences. My Linux workstation is more powerful than my other platforms. However, I dual boot for occasions such as this. Windows 7, utilizing the HMA! Pro VPN client, on the same hardware came much closer to the speeds I observed in Linux. This leads me to believe that I am taking a speed hit due to processing power. It is likely that HMA’s use of the inefficient Blowfish cipher in OpenVPN is the cause of this. Hopefully, they will offer AES-256 in OpenVPN soon.
The Linux client is a bash script, which I think is brilliant. This enables the user to easily review the script to be sure nothing weird is going on. As well as ensuring portability across architectures, as long as the required programs are installed, and allows the user to use the open source OpenVPN binaries. The value add comes with the script downloading Hide My Ass!’s configuration files and the straightforward UI.
HMA! has easy to use custom OpenVPN Android app available in the Google Play store and its iOS analog that can be downloaded from the Apple App Store. Both are simple to configure and easy to choose from a list of servers. The app also makes verification of your IP address and changing your IP address as trivial as pushing a button. Their custom app is much simpler to use than the OpenVPN open source app.
Encryption & Protocols
Hide My Ass! supports three different protocols. OpenVPN, L2TP/IPSec and PPTP. Although, I would suggest only using OpenVPN or L2TP/IPSec as PPTP is considered insecure. HMA! supports OpenVPN over TCP but only on Linux or through the open source OpenVPN client.
I was somewhat disappointed to discover that Hide My Ass! only supports OpenVPN with the default Blowfish 128 bit cipher. I would much prefer that they support AES at 128 bit or 256 bit. There are no known vulnerabilities with Blowfish but AES is more efficient, much more widely used, and is generally considered more secure.
However, their L2TP/IPSec does utilize the AES-256-CBC cipher and my speedtests show it to work quite well. However, one of the Snowden revelations is that the NSA has deliberately weakened the L2TP/IPSec protocol. Hence, I recommend using the OpenVPN protocol.
One way to “measure” VPN network performance is through subjective user experience. In other words, fire up the VPN and try it out with various services. I did not notice any issues with HMA!’s service on any platform. TED talks and YouTube videos streamed fine. I had no latency issues with my SSH sessions. Streaming music on Spotify worked great, even while streaming 1080p YouTube videos at the same time, just because I can. :)
I have to say that from a subjective user experience I did not notice a difference between using their VPN or going unencrypted through my ISP. It is hard to give a better subjective result than that.
A more objective method is to run various speed tests and compare the results.
|None||None||None||Android||30.5 ms||24.16 Mbps||6.63 Mbps|
|OpenVPN UDP||BF-128-CBC||Chicago||Android||45.33 ms||6.02 Mbps||6.03 Mbps|
|L2TP/IPSec||AES-256-CBC||Chicago||Android||115.5 ms||9.97 Mbps||4.94 Mbps|
|None||None||None||Linux||60 ms||70.14 Mbps||7.33 Mbps|
|OpenVPN UDP||BF-128-CBC||Chicago||Linux||36 ms||65.9 Mbps||6.88 Mbps|
|None||None||None||Win7||41 ms||74.72 Mbps||7.26 Mbps|
|L2TP/IPSec||AES-256-CBC||Chicago||Win7||26.5 ms||25.49 Mbps||6.91 Mbps|
|OpenVPN UDP||BF-128-CBC||Chicago||Win7||41 ms||3.71 Mbps||6.65 Mbps|
My speed tests seem to paint a different picture from my subjective experience. I have a pretty good Internet connection, often exceeding 70Mbps download speeds. Using OpenVPN on Linux the VPN speeds came surprisingly close at 66Mbps to my ISP speeds. But on the other platforms OpenVPN download speeds fell pretty short. However, the upload speeds were pretty close to my maximum speeds. My educated guess as to why, is that my weaker platforms, simply could not keep up with the encryption overhead.
In any case, the throughput and latency of HMA’s network has proven to be sufficient for most uses.
Good technical support is often important with VPN providers and other technical services. Their web site has a great deal of information ranging from knowledge bases, to tutorials and videos. They offer 24/7 chat, phone, and online ticket support. During my assessment of their services I had a few occasions to contact chat support.
The wait time was bit long, often in the 10-15 minute range before a representative was available. However, I found their representatives to be knowledgeable and professional. Still, we were never able to get their PPTP connection to work. Since I do not consider a PPTP connection to be secure, this was not a deal killer.
One representative was quick to blame the broken PPTP protocol on my ISP, firewall, or something outside of their network, despite my repeated remarks that I have PPTP working fine with many other VPN providers. Having worked technical support, I understand how many times the problem is outside of your control, but I feel this representative was far too quick and certain that the problem did not lie on their end.
On smaller VPN providers, I often reconnect with the same representative but this did not happen with HMA!. I talked to somewhere around ten reps and never to the same one. As is to be expected, some reps were better than others. Overall though, my interactions with customer support were satisfactory, but I do wish the wait time was not so long.
Hide My Ass! has been in operation since 2005 and despite coming under fire in 2011 for cooperating with the FBI in singling out a Lulzsec hacker who used their service, they have since steadily regained their reputation as a heavyweight among VPN providers.
They really should be supporting OpenVPN with the AES-256-CBC cipher as the BF-128-CBC cipher is simply not efficient enough. I suspect that HMA! will roll out AES support for OpenVPN soon enough.
Be aware that using more than 2 clients is a violation of their Terms of Service and could result in the termination of your account. In my experience, using more than two clients, simply causes their service to stop working.
Their service has no data or throughput limits. They do not log content, but they do keep connection logs. As a UK company they are subject to the Data Retention and Investigatory Powers Act. Their technical support is good. Their OS X and Windows custom client has some very useful features, but could use some more QA.
Their continually expanding network has thousands of servers in the Americas, Europe, Asia, Australia, Africa and in many other remote locations. This means that it’s well capable of serving international customers as well as globe trotters. Likewise, HMA! is a globally recognized brand with years of service that has stood the test of time.
After reviewing their services I can see why Hide My Ass! is one of the world’s premier VPN providers. With servers across the world, reasonable pricing, and a 30 day money back guarantee, you should give them a try and see for yourself.
Share your own experience with Hide My Ass! or raise any questions you have about the service in the comment section below.