- Can configure for PPTP and L2TP/IPSec as well
- No logs
- No IP leaks
- Android and iOS apps
- Netflix and BBC iPlayer support
- Solid encryption
- Perfect Forward Secrecy
- P2P support
Speed and Performance
All tests were performed using my Virgin UK 50 Mbps/3 Mbps fiber connection. My US and Netherlands tests used PremiumPlus servers.
My UK tests were performed on a “Premium” server rated at 10 Mbps max speed. The results I obtained, however, were closer to 25 Mbps. Rather worryingly, though, I also tested the UK “unlimited PremiumPlus” server, and found it considerably slower than the “Premium” server tested here. Make of that what you will. I think it fair to describe these results as disappointing.
Shellfire performed much better when it came to IP leaks. I detected none. Unfortunately, my ISP (Virgin Media) does not support IPv6 connections, so I was unable to test for IPv6 leaks.
Its DNS servers are run by Google. However, this is not the privacy nightmare it might at first seem, as all requests are proxied by Shellfire so Google does not know who made the DNS request.
Pricing and Plans
Shellfire VPN offers three pricing plans (not including the router, which I have reviewed separately). A free plan is available, but unsurprisingly is quite limited (as all such free plans are).
- Free users’ bandwidth is capped at 1 Mbps, and you are limited to servers in just two countries (Germany and the US). You must also wait 25 seconds for a nag screen to close each time you connect. Shellfire states that streaming is not available to free users, but I was able to stream even from US Netflix using a free account.
- The Premium plan costs $4.00 per month, or $3.20 per month if paid annually. Premium users’ bandwidth is capped at 12 Mbps, and they have access to 20 servers
- The PremiumPlus plan costs $9.00 per month, or $5.60 per month if paid annually. PremiumPlus users enjoy unlimited bandwidth, and servers in 31 countries. These include some more unusual options, such as Australia, Iceland (great for privacy) and South Africa. Do note, however, that full unlimited “PremiumPlus” bandwidth is only available on some servers.
In addition to the above benefits, VPN encryption improves with each upgrade in plan (more on this below). Disappointingly, all Shellfire users are limited to a single concurrent connection.
This review is for the PremiumPlus plan.
Ease of Use
The Windows Client
I have seen prettier looking software
Unfortunately, you cannot specify a location from with a country on this list…
…but you can by zooming in on this server map. This map would also look quite impressive if it wasn’t for the fact that my location is, in fact, in the UK…
An important thing to note is that only a limited number of servers offer unlimited “PremiumPlus” speeds.
This is simply a list of links to US streaming services
So the Windows client is very short on features, but it gets the job done. And as we see below, it does not leak your IP address.
Shellfire offers dedicated apps for Windows, Mac OSX, Android and iOS. Various manual OpenVPN, PPTP and IPSec setup guides are also available for these platforms, plus Ubuntu (OpenVPN). Of course, the settings outlined in these guides can also be used to configure any other device compatible with these protocols.
The Android app
The Android app wants permissions to access your Google Account identity and Photos / Media / Files. I guess your Google ID is needed for in-app purchases, but can think of no reason why the app needs access to my files.
The Android app certainly looks prettier than the desktop client!
There are no features as such to speak of, but the app works and I did not detect any IP leaks. Which is great
Privacy and Security
Shellfire states that “we don't log any connection data.” But then again, it also states that “you're surfing absolutely securely and anonymously!” I really wish VPN providers would stop saying this.
Shellfire knows exactly who you are via your IP address, and could keep logs any time it chooses to. So you are not in any way anonymous when using the service.
“Connection and usage data (for example file transfers, connection times) are only collected if they are required as means of accounting. This is not the case for flat rate tariffs.”
Given that all its VPN plans use flat rate tariffs, it does seem that Shellfire is a genuine no logs service. Yay!
Shellfire is based in Germany, which has among the strongest privacy laws in the world. New surveillance and mandatory data retention laws, however, are chipping away at this. Many fear the situation will get worse.
As I understand things, though, the new mandatory data retention laws do not currently apply to VPN providers.
In addition to the above issue, the German intelligence service (BND) actively monitors German citizens, and cooperates closely with GCHQ and the NSA.
Germany is therefore usually regarded as not being an ideal location to base a privacy-focused VPN service. However, there is some debate over the issue thanks to the reputation of its privacy laws.
P2P is permitted by Shellfire, but on the Finland server only.
Shellfire uses shared IP addresses.
“We use OpenVPN with AES-256-CBC as our cipher for Premium Plus, AES-192-CBC for Premium and AES-128-CBC for our Free accounts. We use 2048 bit RSA keys and certificates. DHE is used for forward secrecy.”
Handshake is unspecified in the .ovpn config files, so I will assume that it is the standard HMAC SHA-1, which is absolutely fine.
These encryption settings are nothing to get very excited about. PremiumPlus encryption matches our minimum recommendation for a “secure” VPN connection, which should be resistant against any known form of attack for the foreseeable future.
And the encryption used for other plans should be plenty good enough for most purposes.
Shellfire’s VPN service offers almost no bells and whistles. But it keeps no logs at all, uses decent encryption, and I detected no IP leaks at any time while using it. These are not things to be sniffed at.
The fact that I was able to stream US Netflix using even the free plan makes this provider worthy of consideration by those struggling to find a VPN service that isn’t blocked. Only one concurrent device is surprisingly miserly, however (many rivals allow five or more!), and those speed results are very off-putting.