b.VPN Review

Alternative Choices for You

Features

• VPN is based in the Netherlands
• 18 servers in 11 countries are available
• You may connect two devices at once, but only one using OpenVPN and one using L2TP
• OpenVPN via SSH tunnel
• “SMOKE tunnel”
• 24/7 customer support
• P2P permitted

OpenVPN via SSH tunnel

This feature allows you to hide OpenVPN connections inside a TLS/SSL tunnel. TLS/SSL is the encryption used by HTTPS. VPN connections routed through these TLS/SSL tunnels are therefore very difficult to tell apart from regular HTTPS traffic. This is because the OpenVPN data is wrapped inside an additional layer of TLS/SSL encryption. As Deep Packet Inspection (DPI) techniques are unable to penetrate this “outer” layer of encryption, they are unable to detect the OpenVPN encryption “inside.” This is a very useful feature, as it should be able to defeat many forms of VPN block.

SMOKE tunnel

In addition to being able to hide OpenVPN inside an SSH tunnel, b.VPN offers another technology aimed at defeating VPN blocks. Named “SMOKE,” this is a custom protocol that adds extra obfuscation for every packet. b.VPN claims that SMOKE can get this VPN in China, Iran, Oman, Turkey, and Russia. I asked b.VPN’s support team for more details:

 “It's a polymorphic UDP tunnel that has much wider range of capabilities to go through DPI. It's the only thing that works stable in China now unlike Obfsproxy which doesn't work already for almost a year. Smoke has defence tactics against GFW (Great Firewall of China) that throttles packets and can jump across big range of network IPs and ports without disconnections. Also, it has packet backup mechanism for restoring corrupted packets by the GFW. We are very confident it's only thing that work stable as we have a test team out there.”

b.VPN gave me TeamViewer access to a PC located in China. So I can confirm I was able to connect via SMOKE and access websites that are usually censored there.

Visit b.VPN »

Speed and Performance

Tests were performed using a UK 50 Mbps/3 Mbps fiber connection. I selected an OpenVPN UDP connection using b.VPN’s “Strong” encryption level.

The graphs show the highest, lowest and average speeds for each server and location.See our full speed test explanation for more detail.

I also ran some tests to compare performance of the different protocols on offer. These results are decent enough, but do not match those offered by top-tier VPN providers.

I detected no IPv4 DNS leaks or WebRTC leaks while using the b.VPN Windows client. Yay! Note that my ISP (Virgin Media UK) does not support IPv6, so I cannot test for IPv6 leaks. As you can see from the screenshot above, b.VPN leverages Google DNS in order to perform DNS translation. 

All DNS requests are proxied by b.VPN, however, so Google does not know who made them. I, therefore, do not consider this to be a problem. US Netflix detected that I was using a proxy and refused to play. This includes when I routed the connection through an SSH tunnel. BBC iPlayer worked just fine, however, when connected to a UK server.

Other Platforms

Pricing and Plans

b.VPN offers a simple 'one size fits all' plan. It starts at $9.99 per month, and goes down to $7.50 per month if you purchase a year’s subscription.

As a very annoying and rather unclear pop-up banner on every page of the website tries to tell you, b.VPN is currently offering a discount. This gets you an annual subscription for just $36 ($3 per month). The software can be downloaded and used for a completely free trial for one hour. No payment details are required for this. This is not very long, but should be enough to confirm the service works for you, and to run some performance checks should you be so inclined. During the free trial you can access many, but not all, of b.VPNs servers.

Security and Privacy

OpenVPN users can choose between two levels of encryption: Normal (Blowfish-128 cipher with SHA-1 hash authentication) and Strong (AES-256 with SHA-256 hash auth). All OpenVPN connections use RSA-2048 and Perfect Forward Secrecy. Please see this article for a full discussion of VPN encryption terms. The tl;dr version is that the encryption used by b.VPN is good. Especially if Strong encryption is chosen. b.VPN is based in the Netherlands. The Netherlands is a Nine Eyes NSA spying partner, and the Dutch government performs a fair amount of its own surveillance. 

VPN providers in the Netherlands, however, are not required to keep logs. Unfortunately, although it keeps no usage logs, b.VPN does keep some connection logs: “We keep no logs whatsoever of users' activity (we don't inspect or log user traffic) we keep infrastructure needed logs which is (Connection IP, time, Duration, bandwidth usage).” In general, I am not too bothered by this level of log-keeping. But the truly paranoid should be aware that, at least in theory, such logs could be used to identify an individual with known internet behavior through an “end to end timing attack.” b.VPN has no problem with torrenting while using its service.

Ease of Use

The website looks smart enough, and provides all the information required to join-up and connect to the service. A pop-up banner that appears on every page advertising b.VPN's yearly discount offer is very annoying, however. I would also prefer that more technical information was available, and that the privacy policy (“Agreement”) clearly spelt out that some connection logs are kept. It is instead primarily concerned with telling you what is not permitted while using the service. The English used on the website is often clearly not written by a native speaker, but is understandable.

Support

Live chat support is available 24/7. The response was quick, friendly, and helpful. For more technical questions I had to email b.VPN's technical team, but generally received a knowledgeable response with half an hour or so.

Signing Up

As noted earlier, you can download the VPN client and test the service for an hour before needing to sign up. This is a painless enough process, although I do not approve of the amount of personal information requested. Only the email address needs to valid (and a disposable one will do), but I would still prefer not to be asked.In addition to the usual payment methods, b.VPN accepts potentially anonymous payment via Bitcoin. This is great, but always remember that a VPN provider will know your real IP address anyway.

The b.VPN Windows VPN client

The custom Windows client is OpenVPN only. The potential issue with this is that you are only permitted one VPN connection at a time. It looks fairly unassuming, but gets the job done. Encryption level, OpenVPN via SH Tunnel and Smoke Tunnel can be chosen in the Advanced Settings menu. Unfortunately, no kill switch is included.

Custom OpenVPN apps are available for Mac OSX, iOS and Android (+4.0.3). Manual L2TP/IPsec and/or OpenVPN setup guides are also available for those platforms, plus a few others (for example L2TP for Linux and Windows phone). Customizable .ovpn files can be used on any system that supports an OpenVPN client.

The Android App

The Android app uses OpenVPN. As with the desktop client, I have seen more swish-looking apps, but it works well. You can route the OpenVPN connection through an SSH tunnel. This is the only Android VPN app that I am aware of to offer this feature. Unfortunately, this feature is not supported in the iOS app. It is not possible to select the Strong encryption level using the mobile app. But to be honest, Regular (Blowfish-128 cipher with SHA-1 hash authentication) encryption will be more than enough for most users. I detected no DNS or WebRTC leaks while using the app.

Final Thoughts

I am particularly impressed by the 24/7 customer support and the advanced obfuscation technologies offered. SMOKE works well from inside China, and b.VPN’s Android app is the only one currently available to offer VPN through an SSH tunnel. This means that b.VPN would make a great choice for users in places such as China that attempt to block VPN use.

Visit b.VPN »

 

 

0 User Reviews