Features
Simultaneous connections | 1000 |
Total servers | 3200 |
Server locations | 140 |
Routers supported | |
Split-tunneling | |
Number of countries | 100 |
Surfshark runs over 3,200 in over 100 countries worldwide. Besides all the usual locations, Surfshark has a strong presence in Asia, Latin America, the Middle East, and Africa. Some of the most recently added server locations include Ghana, Saudi Arabia, and Puerto Rico. Impressively, it claims that these are all completely diskless VPN server instances that run on volatile memory (RAM).
Having extensive coverage of server locations across the globe assures most people will be able to choose a connection close to their homes, offices, or a traveling destination. It allows a fast and, most importantly, secure and private browsing experience
This ensures that no server configuration files are stored locally and enables remote central management of the entire network. This also guarantees that Surfshark servers are always running the latest software and configurations – no matter whether they are. It also improves the security of the network by giving Surfshark better control over its infrastructure, and by ensuring that no information can ever be physically taken from its servers after a session ends (or if the plug is pulled on a particular server).
Surfshark's greatest selling point is that it permits unlimited simultaneous connections. This means you can connect as many devices as you want with just a single subscription. This makes it perfect for large families or people who own a lot of devices. Surfshark places a lot of trust in users, asking that users restrict access to family members and do not share account details with others – but it has no way to monitor this since it is a no-logs VPN (which is excellent for privacy).
Torrenting is permitted on all servers, with Surfshark automatically routing P2P traffic to its Canada or Netherlands servers, which are specially configured for the purpose. Plus, Surfshark has now introduced Two Factor Authentication (2FA), to improve authentication security for all of its users.
Surfshark One
Surfshark One is a suite of additional security and privacy tools offered inside the Surfshark VPN app for an additional $1.49 a month. This subscription gives you access to Antivirus, Search, and Alert. These tools will be covered in depth in a separate review, but they're all fairly self-explanatory.
Antivirus is Surfshark's own AV program which, as far as we can tell, is developed entirely in-house. In addition to Windows and Android, it is now available on macOS as well. Search is a Surfshark search engine designed to enhance privacy with the usual guarantees – no tracking, no sale of your data, and no privacy concerns.
Alert is slightly more interesting, however. This is Surfshark's identity theft monitoring solution, which provides real-time updates when your details appear on the dark web, monitors your credit cards for unusual transactions, and checks your passwords for matches against data breaches. This is quite the bundle for what Surfshark is charging, and the features of Alert alone would often command a much higher price.
Split-tunneling ("Whitelist" and reverse whitelist)
Split-tunneling is a useful feature that is currently available in the Windows and Android apps (though the company is working on adding the feature to other platforms in the near future). Surfshark's Whitelist feature allows you to route only selected programs/apps through the VPN, or to exempt them from a system-wide VPN connection. The Windows app also allows you to exclude selected websites and IPs from the VPN.
Smart DNS
Surfshark offers a Smart DNS service to all users. This is great for spoofing your location on devices that cannot run a VPN client, such as smart TVs, games consoles, and Apple TV. Just be aware of the fact that Smart DNS provides no privacy or security benefits as it doesn't provide any encryption, it's simply used for spoofing your location and unblocking content.
Static IP
Surfshark's static IP feature is available in the Windows and Android apps. If you connect to a list of servers based in Germany, Japan, the Netherlands, UK, or US, then whenever you connect to the same server you will be assigned the same IP address. This is very handy if you run an FTP server, games server, media server, or otherwise need to connect to a computer from the internet while the VPN is running.
WireGuard Encryption and manual WireGuard connection
Not did only Surfshark include the WireGuard protocol in all of its apps, but recently this became the primary protocol in all its major apps. This is a modern VPN protocol that is quickly being implemented by a number of market-leading VPNs due to the fact that it is highly secure, includes stealth by default, and can provide exceptional speeds.
Surfshark is already one of the fastest VPNs on the market, so the addition of this superb VPN protocol is bound to make any consumer who wants the best speeds extremely happy!
Manual WireGuard connection
Another great novelty that Surfshark added to its (already long) list of features is manual WireGuard configuration. The company is one of the few to offer this option. Most VPNs enable you to connect to WireGuard only with automatically generated public and private keys, but, thanks to Surfshark's new update, you can now pick them manually as well.
This extends Surfshark VPN usage to all your other devices that weren't previously compatible with the Surfshark app (VPN-compatible routers and such) and to countries that restrict VPN usage. Besides, the manual WireGuard connection puts you in control of protecting your devices, without sacrificing your speeds online.
Introducing Nexus
Surfshark has developed a brand new exclusive feature based on SDN (Software-defined networking) technology, which redefines the term "server network" and improves the overall VPN experience.
Most traditional VPNs allow you to connect to only one server at a time, which is sufficient for you to change your IP address or hide your digital footprint (to an extent). However, this standard method has its shortcomings, such as – dependence on a single IP address, potential speed and stability deteriorations due to overloading of a single server, and even occasional interruptions caused by server maintenance and such.
Nexus by Surfshark, on the other hand, takes a much more progressive approach to server networking and connections. It connects users to the entire network of servers and then routes their connection to a chosen location, avoiding disruptions, and improving the security and performance of your VPN connection.
Advantages of Nexus
Here are the main advantages of the Nexus feature in more detail.
- Improved privacy and security – This is achieved by a continuous exchange of IP addresses. For this, you don't need to change servers manually or disconnect from Surfshark VPN.
- More stable connections – You'll no longer get affected by network maintenance, upgrades, or server distances, as Nexus doesn't make you rely on a single server.
- Better speeds – Nexus enables you to connect to the best performing server and exit the VPN network at the exact place you wanted, ensuring the optimum speed and performance.
- More customization – You get more advanced options such as IP Rotator, IP randomizer, and Dynamic MultiHop, all of which further improve your privacy online.
Netflix and iPlayer unblocking
Netflix | |
iPlayer | |
Amazon Prime | |
Hulu | |
Disney+ |
Surfshark unblocks a wide selection of streaming services, including Netflix in over 30 different countries – which is quite an achievement. In our tests, it unblocked US Netflix and BBC iPlayer as advertised.
If accessing these services is your main goal, make sure you check out our comparisons of the best VPNs for Netflix and the best VPNs for BBC iPlayer for more information.
In addition to unblocking Netflix and BBC iPlayer, Surfshark also easily unblocks other popular streaming services like Hulu, Disney+, HBO, Amazon Prime, and many more!
Speed and performance
Surfshark | ExpressVPN | NordVPN | |
---|---|---|---|
Speed | 273.2 | 100 | 568.0 |
ProPrivacy.com SpeedTest (average) | 41.0 | 100 | 85.9 |
Performance | 9 | 10 | 9 |
Reliability | 8 | 9 | 8 |
At the time of updating this review, Surfshark is one of the fastest VPNs in our books in terms of average speeds, which is excellent for streaming content in HD and for data-intensive activities like gaming or torrenting. Max burst speed performance is decent and will be more than fast enough for pretty much any VPN use-case.
Take a look at the chart below to see how Surfshark stacks up against some of the other top names in the business. This chart represents the results from June 2024 to September 2024 using our scientific speed tests that we run on each provider three times a day. We can see that Surfshark boasts some of the fastest speeds compared to the others included in this chart, with an average speed of 41 Mbit/s and a max burst speed of 273.2 Mbit/s.
As mentioned earlier, Surfshark has also introduced (default) WireGuard on all platforms. This is a secure VPN protocol that leverages strong cryptographic primitives to create a robust tunnel for your data.
Best of all, WireGuard is known to provide exceptional speeds. So, if you want to get even better speeds than the (superb) ones quoted above – it is definitely worth trying it out. We tested it ourselves and found it to be very fast, and perfect for streaming in HD or gaming, so don't forget to give it a try!
Another great change has been announced in October 2024. Surfshark is gradually introducing 10Gbps (instead of the previously used 1Gbps) servers to all its locations, which will further improve your internet speed while using this VPN. Half of the server locations already have the upgrade, with the rest to follow in the upcoming months.
IP leak tests
We detected zero IPv4, IPv6, WebRTC, or DNS leaks (IPv4 or IPv6). Top marks.
It is worth noting that Surfshark only guarantees WebRTC leak protection if you use its Chrome and/or Firefox browser add-ons, although we detected no leaks without them.
For more information about the danger posed by IP leaks, please check out our complete guide to IP leaks.
Pricing
As is common these days, all Surfshark customers enjoy the same features. The per-month pricing is somewhat on the high end of the scale, but steep discounts are available for the longer-term subscription plans. Also, if you sign up for the service using this link an additional discount is on offer.
If you're a macOS, Android, or iOS user you can take part in a 7-day free trial, although you need to sign up for an account and provide payment details to take advantage of this. No payment will actually be taken if you cancel within the 7 days.
Surfshark now offers the Antivirus, Search, and Alert features (which we look at later in this review) as bolt-on extras for an additional $1.45 per month.
All users can also take advantage of a generous 30-day money-back guarantee. Surfshark assures us that there are no limitations on this, which is great, but be aware that payments auto-renew, so you do need to contact support in order to cancel them.
Supported payment platforms
Surfshark accepts payment via PayPal, credit/debit card, and Alipay, which are processed by Stripe. Google Pay and Amazon Pay options are also available. Other payment methods are supported via the Tenpay and Unionpay payment processing services.
Bitcoin, Litecoin, and Etherium payments are also supported via either Coingate or CoinPayments. Paying in Bitcoin or Litecoin can provide a certain degree of anonymity, but do remember that Surfshark will always be able to see your IP address.
Helping small businesses during COVID-19
The coronavirus pandemic has been devastating to all businesses, but smaller companies feel it more than their larger counterparts.
Ease of use
Other than payment details, the only information asked when signing up for the service is your name and email address. If you wish to sign up anonymously, you can do so by paying in anonymously purchased Bitcoin or Litecoin and using a disposable email address.
A confirmation email will be sent to you containing useful links, but everything you need is readily available on the website, anyway.
The Windows client
All of Surfshark's apps have recently undergone a major UI re-design and now look great. The service has also officially become a WireGuard-first VPN, meaning WireGuard became the primary protocol in all its key apps, including Windows (Linux is soon to follow).
Up until now, the Windows VPN app used IKEv2 as a default protocol with options to switch to OpenVPN and WireGuard. However, with the usability and popularity of the IKEv2 protocol on Windows fading (its primary usage is for mobile devices), Surfshark decided to remove this protocol from the Windows app altogether. With these latest changes, we should expect an overall improved user experience, especially in terms of the quality of the connection.
The app itself is simple to download, and once you're in you're presented with a standard login form, as well as the option to log in with a code from another device if you've already set up your Surfshark account elsewhere. As one of Surfshark's main selling points is unlimited devices under one account, we're glad to see there's an easy way to onboard new devices.
We took the code login feature for a test run and were pleasantly surprised by how easy it is to use. All you need to do is use a device where the Surfshark app is already installed. Log in, enter a six-character code, and the app on your new device will automatically log you in, too. This process worked flawlessly and was much more convenient than a normal credentialed login.
Surfshark's onboarding process walks you through some key features in a clear and concise way. Most VPNs come with Auto-connect, which ensures your VPN doesn't drop out when you switch between networks. As even a small gap in your VPN coverage can expose your IP to third parties, including government snoops and malicious hackers, highlighting this feature straight out of the gate is a plus for Surfshark.
The Auto-connect options menu is simple to navigate, presenting you with the Wi-Fi network you're connected to and an interface that allows you to add new networks to your trusted list on the fly, as well as a configuration for connection preference. Most users won't need to change this from Fastest Location, but again, it's nice to see that Surfshark is offering this level of customization.
Surfshark also makes you aware of the wide selection of servers ahead of time, giving you the ability to discern which servers have a higher use load at a glance as well as making you aware of the Favorite feature straight away. Favorites can be used to populate a quick-access list full of your most used VPN servers so you can get connected that much quicker.
When you're aware of all the primary features Surfshark has to offer, getting started is as easy as clicking the Quick-connect button and going about your day-to-day activities. Surfshark works out of the box with no extra configuration necessary, and we found the default connection settings worked just fine for browsing, streaming, and gaming.
The Surfshark interface itself is clean and minimalistic, striking a balance between white and grey backgrounds and the deep sea colors of Surfshark's house style. This makes it very easy to spot the feature you're looking for without much effort. All of your connection details are hidden under a quick-access pop-up tab, and it's easy to connect to a new server either by picking Fastest location or Nearest country to get started automatically. If you've got a particular need to connect from a certain country, a search bar gives you quick access to the servers you need.
By default, connecting to a new location through Surfshark will assign you a new IP as there will be several servers assigned to a certain location. This is fine for most users who don't need to worry about constantly appearing from the same address over time. However, it can be very annoying if you're in the middle of an online gaming session and your connection drops – you might be connected automatically, but with a new IP that screws up your matchmaking.
Surfshark does offer Static IP servers, however, which always have the same endpoint IP. If you're concerned about privacy, have no fear: all users connecting from a Static IP server have the same IP, so it's still very difficult to tell which individual user is doing what from a Static IP server.
On the other hand, if you're extremely concerned about privacy then it might be worth checking out Surfshark's MultiHop servers. This technology works by chaining together several separate VPN connections. So, you connect to one VPN and then use that connection to connect to your endpoint server. In practice, this means that a hacker would have to compromise both servers in order to work out where you're connecting from. While we noticed a slight degradation in connection quality while testing European servers, it was not enough to significantly impede our browsing.
Accessing VPN configuration options is easy, through a sidebar you always have access to from the Surfshark dashboard. Most of the configuration options are self-explanatory, but most of these options do not need to be touched in order to get the most out of Surfshark.
Surfshark implements the start-on-boot and kill-switch options that you'd expect from a modern VPN. The kill-switch is not enabled by default, but worked well in our tests. A simulated crash showed that the kill-switch modifies Windows system firewall rules, meaning that it continues to work even if the Surfshark client and OpenVPN daemon suffer an unexpected crash.
As per numerous users' requests, Surfshark is bringing the old kill-switch functionality to Windows apps, and they will be able to choose between Soft Kill Switch or Strict Kill Switch.
The client gives you the option to connect from WireGuard and OpenVPN. Users can switch from OpenVPN UDP to OpenVPN TCP (port 443) to make VPN traffic look like regular HTTPs traffic automatically with Surfshark's obfuscated servers in Camouflage mode. This is useful for evading VPN blocks, but will not fool more sophisticated detection techniques. WireGuard is now available too, both via UDP and TCP. While we recommend OpenVPN for connection stability and security, Surfshark's WireGuard implementation is blazingly fast and stable.
While default WireGuard implementations have some security flaws surrounding how user IPs are assigned on the VPN server, Surfshark has built a custom implementation of WireGuard that eliminates these issues to ensure your IP isn't logged while you're connected. Surfshark also has a few interesting features it's worth taking a look at, including the Bypasser and Speed Test.
Bypasser goes beyond a simple split-tunnel interface by allowing you to not only assign which programs are routed through your VPN and which bypass it, but also which websites and IP addresses you want to bypass the VPN. This is a step above most split-tunnelling features and is incredibly handy when you're dealing with a stubborn streaming service or a particularly suspicious banking website that wants you to connect from your home network, or when logging in to your work email.
Surfshark also offers an in-app speed test which allows you to either choose from a pre-populated list or create a list of your favorite servers, and then run a quick Speed Test on them to give you accurate and up-to-date information on which server is right for you. It might be that you're prioritizing latency while you're playing an online game or taking a voice call, or you might need maximum download for that hefty 4k video you're streaming. Whatever your use case, Surfshark's Speed Test gives you current connection information with absolutely no technical skills needed whatsoever, and all in an easy-to-read layout.
Surfshark VPN now comes bundled with Surfshark Antivirus in one package. While the system drivers and Antivirus definitions aren't installed by default to cut down on program size, it's as simple as clicking into the Antivirus tab and waiting a few minutes to get online.
We took the Surfshark Antivirus for a spin and found that it's quick and effective, offering both targeted file scanning and full system scanning. A full review of Surfshark Antivirus is beyond the scope of this review, but it's a nice addition that comes bundled with the two-year subscription to Surfshark VPN. The interface is pleasingly simple to use and features a real-time protection option that scans incoming files to ensure your downloads aren't malware.
Available with BlindSearch as a bolt-on extra, HackLock scans the web to see if your email address has been involved in a data breach. As such, it is very similar to our own data breach tool, except that it provides regular automated scans. It is available in the Windows and Android apps.
Finally, Surfshark gives you quick access to their proprietary search engine from inside the app, which is handy if you want to search privately without handing over your details to Mozilla, Google, or even DuckDuckGo. Surfshark Search offers completely ad-free, tracker-free, search-history-free results to all Surfshark users at no extra cost, and even hosts regional results that you can change based on your location!
IPv4 and IPv6 leak protection are built-in, although Surfshark says that you should use its browser add-ons to prevent WebRTC leaks. Although we didn't detect any leaks in our testing, this is still good advice.
The macOS client
Surfshark's macOS VPN app is available via the Apple App Store and as a stand-alone .dmg file from the website, and offers WireGuard, OpenVPN, or IKEv2, encryption protocols to choose from. Most features from the Windows app are present in the MacOSX version too, so you can browse in comfort and protection knowing you're not compromised on security just because you're not using Windows.
We are pleased to see that the Mac app features a kill-switch function. As with the Windows client, this uses system firewall rules, and so remains effective even if the Surfshark client suffers a crash. As with all the rest of Surfshark's apps, the Mac client offers its "CleanWeb" feature. It also features "Wi-Fi connect".
The Android app
Surfshark's Android VPN app for Android uses IKEv2 by default, but also supports OpenVPN (UDP and TCP). And it does what it says on the tin. A kill-switch (which is not enabled by default), Whitelisting, CleanWeb, and Shadowsocks are all present and correct. And the app also now provides WireGuard encryption, which is cool!
Very cool is a feature that overrides your Android device's built-in GPS location function, making apps that use GPS think you're in the VPN location.
The Android app also provides a unique functionality called Pause VPN. This handy feature, for now only available on Android devices, lets users pause their VPN connection for 5 minutes, 30 minutes, or 2 hours. So you no longer have to disconnect your VPN when accessing trusted local services or when you need your original IP, you can simply pause it for a while.
Linux app
A new graphic user interface (GUI) for Linux is now also available on Ubuntu 20.04 LTS, Debian 11, Mint 20, and their newer versions. This is a huge advantage and a great time-saver for all Linux users, who can now enjoy all the benefits of Surfshark's app advanced features, including IPv6 and DNS leak protection, quick connect, MultiHop, CleanWeb, Wireguard protocol, and many more.
Others, like the auto-connect feature and a kill-switch for Linux, are to be implemented in the next couple of months. Knowing Surfshark, a fast-paced VPN leader, dedicated to constant improvements, we can expect many more pleasant surprises in the future. Not to mention that the GUI interface for Linux is still a luxury that only a few VPN providers offer.
Previously, Linux users had to control the app via the terminal. While this was nothing unusual to the dedicated users, it was still less convenient than it could have been. But with the new GUI, Surfshark Linux users will be able to enjoy a fully functional app that allows them to do more than just switch VPN servers with a couple of mouse clicks.
Other platforms
Custom apps are available for Windows, macOS, Android, Android TV / Amazon Fire TV, iOS, and Linux. Interestingly, the iOS VPN app features a kill-switch and now supports IKEv2, OpenVPN, and WireGuard. All apps (including the browser add-ons) now use the same smart-looking user interface we can see above.
Good manual setup guides are also provided for all platforms, including macOS and Linux (Ubuntu, using NetworkManager). In addition to this, setup guides are available for DD-WRT, Tomato, and a number of popular routers that have OpenVPN clients built-in (AsusWRT, Netgear, TP-Link, and Linksys).
Browser add-ons
In addition to platform support, Surfshark offers browser add-ons for Chrome and Firefox that have been independently audited for vulnerabilities by security firm Cure53. These create secure HTTPS proxy connections in the browser to Surfshark's servers.
They also provide WebRTC protection. Now... we really wish VPN services would do more to warn their customers about the WebRTC issue and to warn them that they should be protecting themselves from unknowingly exposing their IP addresses online when using a VPN.
This includes Surfshark, although we can't be too harsh as we detected no WebRTC leaks using its software, anyway. That said, it is still safest to either install these add-ons or disable WebRTC in your browser manually.
The browser add-ons feature "CleanWeb" as an option (see later).
Customer service and 2.0 help center
Money-back guarantee | |
24-hour support | |
Live chat | |
Money-back guarantee length | 30 |
Free trial | |
Free trial length | 7 |
Live Chat support is available 24/7, or you can send in a ticket email request. We found Surfshark's Live Chat response times to be near-instant and were thoroughly impressed by the competency and quality of the answers.
Surfshark's help center keeps getting updated too, enabling you to browse its growing knowledge base faster and in a more efficient manner. The latest revamped version includes a set of FAQs, setup and troubleshooting instructions, "Surfschool" where you can learn another thing or two about Surfshark and VPNs in general, and other handy bits and bobs.
Furthermore, Surfshark is constantly expanding its availability, most recently adding Russian, Turkish, Korean, and Ukrainian languages to core pages on its website.
Privacy and security
Kill-switch | |
Obfuscation (stealth) | |
IPv6 leak protection | |
WebRTC leak protection | |
Bare-metal servers? | |
Self-hosted DNS |
Jurisdiction
Surfshark is registered in the British Virgin Islands (BVI) and its Terms of Service make it clear that all disputes will be resolved in BVI courts. The British Virgin Islands is a British overseas territory. It regulates its own internal affairs and has no mandatory data retention laws, but it remains under the jurisdiction and sovereignty of the UK government. This means it is reasonable to assume that the UK could put pressure on the BVI government and any businesses based there.
Whilst being based in the BVI is probably safer than being based in a 14-Eyes country, it is still not ideal.
Logs
Surfshark easily meets our requirements for a no-logs VPN:
We do not collect IP addresses, browsing history, session information, used bandwidth, connection time stamps, network traffic and other similar data.
Its apps do collect some anonymous diagnostic and crash data by default, although this can be disabled. This includes aggregated performance data, how often you use its services, unsuccessful connection attempts, and other similar non-personally identifiable information.
Basic account and billing information are stored in full compliance with GDPR for European customers.
Website tracking
Although web activity is not tracked when using the VPN itself, the Surfshark website performs quite a lot of tracking. This includes logging IP addresses and performing browser fingerprinting on visitors.
Surfshark uses a number of third-party trackers, including Google Analytics.
Technical security
PPTP | |
L2TP/IPSec | |
SSTP | |
IKEv2 | |
OpenVPN | |
WireGuard | |
Catapult Hydra | |
Shadowsocks |
Surfshark is a big fan of IKEv2, which it uses as the default VPN protocol in all its apps. IKEv2 is not as battle-tested as OpenVPN, but is regarded as being very secure, and is increasingly popular with VPN services because it is much faster than OpenVPN encryption.
As always, we look in detail at the OpenVPN settings this provider uses. Not only do they provide a good indicator of the care that a service takes over encryption, but it is the best way to compare like for like across VPN services. Surfshark uses the following OpenVPN settings in apps that support it:
Data Channel: an AES-256-GCM cipher. No additional authentication is required because authentication is handled by AES-GCM.
Control Channel: an AES-256-GCM cipher with the TLS key exchange secured using RSA-2048. No additional authentication is required because authentication is handled by AES-GCM, and perfect forward secrecy is provided by an ECDH-(384?) key exchange.
This is a highly secure setup. See VPN Encryption: The Complete Guide for more information on this subject. As already discussed, the Surfshark Windows, macOS, and iOS apps all feature kill-switches. We also detected no IP leaks of any kind on any platform,
It is worth noting that Surfshark makes something of a deal about being security-audited by Cure53, but just to be clear: it is only the Chrome and Firefox browser extensions that have been audited in this way.
Diskless Server Network
Surfshark is one of the first VPN providers to transition from traditional hard drive technology to a diskless RAM-only solution. This is important because the disk-based nature of hard drives means that configuration files are stored for operational purposes and can be accessed if seized by a third party.
Running completely on volatile RAM, however, means that this data is wiped the moment a server is turned off and your privacy is preserved. And it allows for a centrally controlled network, meaning it is always up-to-date with the latest patches.
The diskless server network effectively minimizes security risks of a hard-drive-based server infrastructure, and provides assurance in offering the highest quality privacy to our users. There are only a few VPN providers that have managed to move to a fully diskless VPN server infrastructure. However, focusing on user privacy and security has always been our top priority.
Other security features
The great news is that we detected no IP leaks of any kind on any tested platform, although it is still safest to use one of Surfshark's browser extensions to ensure against WebRTC leaks. The Windows, macOS, and iOS clients feature system-level kill-switches.
Surfshark has diskless bare-metal servers that are completely under its control. Those servers are set up in volatile RAM which means it can pull the plug on them at any time and they will be completely wiped. Some locations are virtual locations without a physical server presence, but these are a) clearly marked in the apps, and b) are run on diskless servers operated by Surfshark – which is perfect in terms of privacy. It also resolves all DNS requests itself on servers controlled by itself.
CleanWeb
All of Surfshark's software features the "CleanWeb" option. This is advertised as blocking ads, trackers, phishing, attacks, and malware, and is almost certainly a set of firewall rules that block connections based on a simple blocklist, which should work well enough.
Multihop
This feature is available in the Windows client. It allows you to "chain" VPN servers so that your data is routed between two VPN servers as it travels between you and the internet.
Your PC -> VPN server 1 -> VPN server 2 -> Internet
Surfshark offers several double VPN combinations, but you cannot chain any two of its servers.
Multihop VPN can provide some protection against end-to-end timing attacks against the end server, but will always result in a major loss of speed. We think the privacy/security benefits of multi-hop VPN are limited, but we know this can be more important to some users than others.
Shadowsocks
Again, this unusual anti-censorship feature is supported by Windows and Android apps. Shaowsocks "is an open-source proxy application, widely used in mainland China to circumvent Internet censorship". Basically it's a SOCKS5 proxy. To use it requires that you download the open-source Shadowsocks app and configure it so that you connect to Shadowsocks via a Surfshark VPN server. This process is a little fiddly but should be effective at evading VPN blocks.
Wi-Fi Connect
This feature, available in the Windows client, allows you to decide how the VPN app works when you connect to new Wi-Fi networks – ask, protect, or always protect.
Trust DNS
This Android app is available free of charge to everyone from the Play Store. It sends DNS queries from your device directly to Surfshark instead of your ISP in order to improve privacy and help defeat censorship. These queries are protected from prying eyes using the DNS over HTTPS (DoH) (by default) or DNS over TLS (DoT) encryption protocols.
Two-factor Authentication
Surfshark is one of the first VPN providers to add dual authentication (2FA) to its service. 2FA is optional for those who prioritize convenience, but users wanting the added security can choose to authenticate through email or an application, like Google Authenticator or Authy. We recommend using an application, as it is safer (cannot be intercepted) and much easier to use.
Conclusion
Surfshark is a great VPN service. It keeps no logs, is reasonably fast, and offers great technical security with no IP leaks. The fact that it offers a large selection of servers is good, and the fact that they are all diskless servers that can be instantly wiped is fantastic.
The fact that Surfshark allows unlimited simultaneous connections is also great, and we are thoroughly impressed with the quality of the provider's friendly and knowledgeable 24/7 Live Chat support.
The extras on offer, such as multi-hop VPN, Cleanweb, and Wi-Fi-connect, are decent additions that many users will find helpful depending on what they are using the service for. Although none of these are killer features, they are nice to have and the collection is growing all the time, which improves Surfshark's already great value proposition.
Overall, we found that Surfshark is an excellent, privacy-friendly VPN service that ticks all the important boxes with ease.
10 User Reviews
DoughnutsRGchq
JC (TrustPilot)
Leave a Review
Thanks for your review!
15 Comments
replied to VIJAYENDRAN SATHYANARAYANAN
Write Your Own Comment
Your comment has been sent to the queue. It will appear shortly.
Lars