CrypticVPN Review

Disclaimer: The below review is my opinion, which I will try to provide as many examples for and as much evidence as possible to support.  Readers can learn more about how I conduct my reviews, my methodology, etc – here.  More information on review badges here.

This review’s roll was #24 (at the time of the roll, CrypticVPN)

 

Last Updated Oct 20, 2016

Signing up for the service: Signing up for the service was quick and easy.  CrypticVPN requires you to provide an email address upon sign-up, which is the most I’m ever comfortable providing when doing so.  Prices were quite reasonable, with a month of service starting for $2.50.  Their website is very simple and provides you the bare minimum amount of information to use the service, which is fine by me.  The simpler the better – assuming you can quickly and easily find the information and files you need on site, which was the case.  Getting the manual config files was a snap.

 

Configuring the service: While getting the files for CrypticVPN was easy, one minor annoyance was the need to break the certs out of the ovpn files.  It kind of bugs me when this happens as I think it shows some short-sightedness on the part of the service.  I may be in the minority when it comes to manually configuring my VPN, but enough services out there support it, that I always raise an eyebrow when others don’t.  Regardless, I was able to get the service up and running with minimal issue.  This occurred in the last review as well, but after connecting, I looked through the log and found:

“WARNING: No server certificate verification method has been enabled”.

The server configs were not set up to verify the server certificate (to know for certain it’s connecting to the actual server and not one in disguise).  The cause of which, was that the files contained no lines to accomplish this task, which typically appears in one of the the following forms.  This is insecure, and they denied any problem or wrongdoing further down as you will see.

ns-cert-type server

or

remote-cert-tls server

broken

 

Speed & Stability tests: At the start of the tests, the speeds I was getting were quite respectable, but towards the end of the tests, I got a miss here and there with two of their international upload tests (UK, Desktop, Trial 3 and Hong Kong, Desktop, Trial 1), and then a whole messed up server (South Africa).  CrypticVPN’s website has a server status page, which did not indicate an outage for any of these servers.  All tests were run using UDP.

 

Speed Tests – CrypticVPN – Desktop
    Latency Download Upload
No VPN Trial 1 9 ms 96.02 mbps 11.97 mbps
Trial 2 10 ms 97.62 mbps 11.89 mbps
Trial 3 10 ms 96.97 mbps 11.87 mbps
Average 10 ms 96.87 mbps 11.91 mbps
               
US West Trial 1 64 ms 76.03 mbps 11.64 mbps
Trial 2 62 ms 85.64 mbps 11.64 mbps
Trial 3 61 ms 82.34 mbps 11.55 mbps
Average 62 ms 81.34 mbps 11.61 mbps
Comp to Bench +53 ms 83.96% 97.48%
               
UK Trial 1 316 ms 15.27 mbps 4.60 mbps
Trial 2 300 ms 15.41 mbps 3.33 mbps
Trial 3 293 ms 15.47 mbps 0.00 mbps
Average 303 ms 15.38 mbps 2.64 mbps
Comp to Bench +293 ms 15.88% 22.19%
               
Hong Kong Trial 1 412 ms 11.59 mbps 0.00 mbps
Trial 2 412 ms 10.93 mbps 1.39 mbps
Trial 3 404 ms 8.79 mbps 1.29 mbps
Average 409 ms 10.44 mbps 0.89 mbps
Comp to Bench +400 ms 10.77% 7.50%
               
South Africa Trial 1 635 ms 0.00 mbps 0.00 mbps
Trial 2 636 ms 0.00 mbps 0.00 mbps
Trial 3 628 ms 0.00 mbps 0.00 mbps
Average 633 ms 0.00 mbps 0.00 mbps
Comp to Bench +623 ms 0.00% 0.00%

 

Speed Tests – CrypticVPN – Mobile
    Latency Download Upload
No VPN Trial 1 11 ms 69.06 mbps 14.12 mbps
Trial 2 11 ms 72.66 mbps 14.15 mbps
Trial 3 10 ms 74.88 mbps 14.21 mbps
Average 11 ms 72.20 mbps 14.16 mbps
               
US West Trial 1 65 ms 23.03 mbps 13.47 mbps
Trial 2 64 ms 26.08 mbps 13.39 mbps
Trial 3 62 ms 21.69 mbps 13.25 mbps
Average 64 ms 23.60 mbps 13.37 mbps
Comp to Bench +53 ms 32.69% 94.42%
               
UK Trial 1 301 ms 6.25 mbps 11.14 mbps
Trial 2 296 ms 4.02 mbps 11.09 mbps
Trial 3 312 ms 3.43 mbps 10.19 mbps
Average 303 ms 4.57 mbps 10.81 mbps
Comp to Bench +292 ms 6.33% 76.32%
               
Hong Kong Trial 1 421 ms 2.35 mbps 7.03 mbps
Trial 2 432 ms 3.89 mbps 3.61 mbps
Trial 3 420 ms 3.10 mbps 5.93 mbps
Average 424 ms 3.11 mbps 5.52 mbps
Comp to Bench +414 ms 4.31% 39.01%
               
South Africa Trial 1 626 ms 1.99 mbps 4.36 mbps
Trial 2 629 ms 1.46 mbps 3.84 mbps
Trial 3 628 ms 1.34 mbps 4.35 mbps
Average 628 ms 1.60 mbps 4.18 mbps
Comp to Bench +617 ms 2.21% 29.54%

 

Getting support:  As mentioned, the website was quite simple.  There was a support desk tab in the sidebar of the main control panel.  At the bottom of the site was a “contact” link, however when clicked, a plain white page appeared indicating that the “Contact Form [is] coming soon.“, which felt a little unprofessional.  I sent a message using the form provided – however, after filling it out and submitting it, I got an error, saying “Title must not exceed 35 characters. Details must not exceed 255 characters.”  This erased my message that I had just been writing and wouldn’t let me change and resubmit, I had to rewrite the entire thing.  Very annoying and inconvenient.

I got a response back telling me to not submit the same ticket more than once (so, they were being submitted regardless of the warnings) and they closed the support ticket without responding.  This is a joke.

silent

 

Getting a refund: I followed up on the closed ticket with a refund request.   When I tried to go back to see the status of the ticket, my login credentials no longer worked and they provide no password reset option.  What company doesn’t provide a password recovery option?  This is unacceptable and useless…

 

Concerns in Terms & Conditions / Privacy Policy: While the terms on CrypticVPN’s site weren’t the longest I’ve seen, they were every bit as much disavowing any and all responsibility as some of the more obtuse ones.  They still earn the stamp.  Only a couple of standouts, but they’re doozies.

obtuse

 

The materials on CrypticVPN.com’s web site are provided “as is”. CrypticVPN.com makes no warranties, expressed or implied, and hereby disclaims and negates all other warranties, including without limitation, implied warranties or conditions of merchantability, fitness for a particular purpose, or non-infringement of intellectual property or other violation of rights. Further, CrypticVPN.com does not warrant or make any representations concerning the accuracy, likely results, or reliability of the use of the materials on its Internet web site or otherwise relating to such materials or on any sites linked to this site.

Make your VPN purchasing decisions accordingly, people.

 

The materials appearing on CrypticVPN.com’s web site could include technical, typographical, or photographic errors. CrypticVPN.com does not warrant that any of the materials on its web site are accurate, complete, or current.

Does that mean that there’s a chance that this statement was made in error?  If that’s the case, does that mean it’s not true?  And if that’s so, does that mean-…

 

Final thoughts: Like so many services, CrypticVPN strikes me as another dime-a-dozen bore.  They offer nothing that 75% of the other services on the comparison chart don’t.  A website being simple is fine, however so was their server config, to the detriment of the actual security of the user.  Being bare bones is okay when the core service is intact, and it WAS NOT in this case.  Their service department and tech setup was a joke that is clearly not taking their responsibility to their customers seriously.  I can’t really recommend CrypticVPN for anything other than it’s price.  Bottom line: There are much better VPN solutions on the market than CrypticVPN, including those that have heard of customer support.

pile-of-junk

 

Update (10-20-2016): CrypticVPN have reached out to me with the following updates.  I have not verified any of the following.

  • Server configs have been updated to enforce certs and no auth caching
  • Support ticket system has been updated – titles and content can now be a more reasonable length
  • Provider of the South Africa server has been dropped due to poor support.
  • Term declaring that CrypticVPN does not warrant the accuracy of any content on their site has been removed.

 

FROM THE VPN COMPARISON CHART
CATEGORY VPN SERVICE CrypticVPN
JURISDICTION Based In (Country) USA
Fourteen Eyes? Five
Enemy of the Internet Yes
LOGGING Logs Traffic No
Logs DNS Requests
Logs Timestamps No
Logs Bandwidth No
Logs IP Address No
ACTIVISM Anonymous Payment Method Email
Accepts Bitcoin Yes
PGP Key Available No
Meets PrivacyTools IO Criteria No
LEAK PROTECTION 1st Party DNS Servers No
IPv6 Supported / Blocked No
  Offers OpenVPN Yes
OBFUSCATION Supports Multihop
Supports TCP Port 443 Yes
Supports Obfsproxy
Supports SOCKS
Supports SSL Tunnel
Supports SSH Tunnel
Other Proprietary Protocols
PORT BLOCKING Auth SMTP
P2P
SPEEDS US Server Average % 83.96
Int’l Server Average % 8.88
SERVERS Dedicated or Virtual
SECURITY Default Data Encryption
Strongest Data Encryption
Weakest Handshake Encryption
Strongest Handshake Encryption
AVAILABILITY # of Connections 1
# of Countries 15
# of Servers 18
Linux Support (Manual) Yes
WEBSITE # of Persistent Cookies 0
# of External Trackers 0
# of Proprietary APIs 2
Server SSL Rating A
SSL Cert issued to CloudFlare
PRICING $ / Month (Annual Pricing) 2.09
$ / Connection / Month 2.09
Free Trial No
Refund Period (Days) 0
ETHICS Contradictory Logging Policies
Falsely Claims 100% Effective Yes
Incentivizes Social Media Spam
POLICIES Forbids Spam
Requires Ethical Copy
Requires Full Disclosure
AFFILIATES Practice Ethical Copy
Give Full Disclosure

 

If you like the project and find my work useful, please consider donating – your generous contributions help pay for the hosting, tools, and time I need to do my research and keep the data fresh.