• Thu. May 13th, 2021

    Tech News

    The Latest Tech News

    Hotspot Shield VPN – Review 2021

    ByTech News

    Feb 23, 2021 , , ,

    A virtual private network, or VPN, shields your web traffic from the prying eyes of your ISP, making it harder for spies and advertisers to track you online. Hotspot Shield VPN has a handsome app and an array of security services that go far beyond VPN protection. It also boasts an impressive collection of servers around the globe, giving you many options for spoofing your location. The core VPN product is expensive, however, and its privacy policies are transparent but hurt by a few tradeoffs. While other VPNs have worked to make clear and concise arguments about how they protect their customers, Hotspot Shield continues to be a complicated story.

    How Much Does Hotspot Shield Cost?

    Hotspot Shield is one of the few VPN services that offers a free subscription tier. That comes with limitations, however. The free Basic subscription of Hotspot Shield restricts you to only US VPN servers, one simultaneous connection, and 500MB of bandwidth per day. That’s generous, compared to TunnelBear’s free version, which limits users to 500MB per month. Editors’ Choice winner ProtonVPN, meanwhile, places no limit on the amount of data free users can consume.

    The generosity ends there, though. Hotspot Shield takes the unusual measure of throttling free accounts to just 2Mbps. That’s extremely slow, even for mobile devices. Hotspot Shield also monetizes its free version on Android. See below for more on the privacy implications of this practice.

    The Premium subscription offers five simultaneous connections, provides full access to Hotspot Shield’s servers, and has no data limit. It costs $12.99 per month and is the tier I used in testing. The highest tier, called Premium Family, increases the number of simultaneous connections to 25 across five member accounts and costs $19.99 per month.

    At $12.99 per month, Hotspot Shield is significantly more expensive than the $10.05 per month average from among VPNs we have tested. You can also opt for a one-year subscription. The Premium subscription costs $95.88 per year and the Premium Family subscription costs $143.88 per year. Again, that’s pretty hefty compared to an average of about $71.93 among the services we’ve tested. We advise readers to avoid long-term subscriptions—at least at first. You won’t know whether a VPN will work for you until after you try it. So, grab the short-term deal or free version and then upgrade if the service works well for you.

    Other standalone VPNs come in significantly less costly than Hotspot Shield. Mullvad, an Editors’ Choice winner, costs a mere €5 ($5.55 USD at the time of writing) per month, and a limited ProtonVPN account can be had for just $5 per month. 

    You can pay for a Hotspot Shield subscription by using a major credit card or PayPal. Other services offer more privacy-friendly options. ProtonVPN, Mullvad, and Editors’ Choice winner IVPN accept cash mailed to their corporate HQs. Cryptocurrency support is also fairly common among VPNs, but it’s not an option with Hotspot Shield.

    As with nearly every VPN service we’ve reviewed, Hotspot Shield lets you use P2P file sharing and BitTorrent on its network. It also includes a split-tunneling feature, which lets you designate what traffic flows through the tunnel and what can travel in the clear—handy for streaming video or using a bank that frequently blocks VPN traffic.

    The split-tunneling settings screen

    As noted, a Premium subscription with Hotspot Shield lets you use five devices simultaneously, which is average for the VPNs we’ve tested. That seems to be changing, however. Several competitors now offer more, and some have ditched this limitation altogether. Avira Phantom VPN, Encrypt.me VPN, Ghostery Midnight, Surfshark VPN, and Windscribe VPN all place no limit on the number of simultaneous connections.

    (Editors’ Note: Encrypt.me is owned by J2 Global, the parent company of Ziff Davis, the publisher of PCMag.com.)

    Hotspot Shield doesn’t provide access to the Tor anonymization network. That’s okay, since you don’t need a VPN to access this free anonymization network. Hotspot Shield also doesn’t include multihop connections, which route your traffic through a second server for enhanced security. Both Editors’ Choice winner NordVPN and ProtonVPN offer these rare—if also rarely needed—features.

    It’s important to know what a VPN can and can’t do, however. To really disguise yourself online, you should route your traffic through the labyrinthine Tor network. You should also protect your machine with standalone antivirus, protect your accounts by activating two-factor authentication wherever it’s available, and use a password manager to create unique, complex passwords for every site and service.

    The Allure of Aura

    With a paid Hotspot Shield VPN subscription you get free subscriptions for 1Password password manager, Robo Shield call blocker, and Identity Guard identity theft protection service. Recently, Hotspot Shield’s parent company also launched an antivirus product as an optional add-on purchase for $5.99 per month or $39.99 per year. 

    These additional services are offered by Aura, which absorbed Hotspot Shield in July 2020. While the previous branding, called Pango, has disappeared, the services appear to remain the same. A representative assured me that customers will not be charged extra for these services, and that they will remain available for as long customers maintain a Hotspot Shield account.

    All the apps available with an Aura account

    This review focuses on Hotspot Shield as a standalone product, but it’s impossible to ignore this sizable bundle. It’s certainly a lot for your dollar, and nearly puts Hotspot Shield in the same category as a security suite that includes a VPN, or a more privacy-focused tool like Ghostery Midnight. 

    Some other VPNs offer additional services. ProtonVPN is the sibling of ProtonMail and a host of privacy-focused tools. Editors’ Choice winner TunnelBear offers a password manager, as does NordVPN, which also throws in an encrypted file locker. The difference is that most of these add cost to the VPN subscription, while everything you get with Hotspot Shield is included.

    Hotspot Shield’s VPN Protocols

    For years, we considered OpenVPN the best option for creating an encrypted VPN connection. A new player, WireGuard, uses newer encryption technology and seems to offer better speeds. It hasn’t seen widespread adoption yet, and Hotspot Shield supports it only on Linux. That’s alright for now, but WireGuard is poised to become an industry standard.

    Hotspot Shield created its own protocol, called Catapult Hydra, and, until recently, used it exclusively to power Hotspot Shield. To be clear, the company didn’t create a new encryption protocol. A new encryption protocol would require an enormous amount of scrutiny since an undiscovered flaw could be used to break it. A company representative explained that Catapult Hydra uses the Open SSL library to encrypt the data and that the new protocol is simply “an enhancement of the transport protocol.” The company had also previously told me that Hydra creates multiple channels for data to travel to increase speed and reliability.

    The protocol selection screen

    IKEv2, a secure and modern option, is available on Windows and iOS. OpenVPN, the open-source protocol which I prefer, is available only on routers. Notably, Hotspot Shield took the title of fastest VPN in 2020, and while it didn’t manage a repeat performance in 2021 (see below) it held its own against other services equipped with WireGuard.

    Servers and Server Locations

    Hotspot Shield says it provides servers in “80+” countries. That’s a strong selection, and not far behind the 94 countries served by ExpressVPN. Servers in more places gives you more options for spoofing your location, and it means there’s likely to be a server near your location.

    Especially notable is the variety of locations served by Hotspot Shield. It has servers in four African countries and servers across South America, two regions frequently ignored by VPN companies. Hotspot Shield also provides servers in regions with repressive internet policies, such as China, Russia, Turkey, and Vietnam. 

    Hotspot Shield has a respectable 1,800-some servers available. CyberGhost has the biggest fleet we’ve seen, with over 6,800. Having more servers doesn’t necessarily mean better service, but it does generally mean you have more options to find something that works.

    The app's server selector

    Many VPN services use virtual servers, which are software-defined servers. A single machine could play host to several virtual servers. Similarly, a virtual location is a server that’s configured to appear somewhere other than where it physically resides. Neither is inherently problematic, but we prefer that companies be clear about their infrastructure and where it is located. If your data passes through a given country, you might be subject to that country’s laws or surveillance regimes.

    Hotspot Shield tells me that it relies only on hardware servers. That said, it was more vague on virtual locations, saying only that 90% of its fleet was physically located where it appeared to be. The company needs to be more transparent about these practices, especially in its app. In contrast, Mullvad VPN lets you know exactly where the server is, whether it’s owned or rented, and what company physically possesses the server.

    An Aura representative confirmed for me that Hotspot Shield shares server infrastructure with five other VPN companies owned by Aura. They are: Betternet, Hexatech, TouchVPN, VPN360, and VPN in Touch. Hotspot Shield VPN has been white-labeled in the past, so it’s not surprising to see that it’s sharing space with sibling companies.

    The company takes measures to secure its infrastructure but does not own all its servers, which is not unusual. Some VPN companies, such as ExpressVPN, have migrated to RAM-only servers to prevent tampering. Hotspot Shield says it has other security mitigations in place.

    Your Privacy With Hotspot Shield

    If it were malicious, a VPN could see everything you do online. That’s why it’s important to understand what efforts a company makes to protect your privacy. Remember that security is built on trust. If you do not feel that you can personally trust a VPN company, you should switch to one you do. There are plenty to choose from.

    Hotspot Shield VPN is owned and operated by Pango Inc. dba Aura, which is incorporated in the US state of Delaware. The company says it has a “distributed workforce” in the US and Ukraine. The parent company for Aura is WC SACD Holdings Inc. Some companies tout their offshore HQs as a check against requests for information by governments and law enforcement, but Aura does not. 

    Many VPN companies release third-party audits of their products to establish security and privacy bona fides. Hotspot Shield VPN has yet to release the results of an audit. TunnelBear, on the other hand, has delivered annual audits for several years.

    READ  Apple Backtracks, Allows Amphetamine App to Remain in App Store

    Hotspot Shield company issued a lengthy and detailed transparency report for 2016 through 2018, which indicates it has never released user information despite numerous requests. However, this report is not easy to find—here’s a PDF link to it—and the company should commit to releasing updated reports annually.

    Two documents cover your privacy with Hotspot Shield. The first is a broader policy related more to Aura’s overall operation. The second is focused solely on VPN products. I looked at both documents. There’s been some effort to bridge the gaps between the two, with the former calling out specific differences with the latter. To its credit, the company is transparent in all of its documents. I absolutely understand what the company says it’s doing and why, even if I don’t always agree with it. 

    The company says that it does not store any information on users’ browsing activity. The company does gather your IP address to match you to the best VPN server, but that information is encrypted during use and deleted at the end of your VPN session. The company says it does not have the ability to connect activity at a given server with a specific person using that server. This is a better practice than some other VPNs.

    The company does log session duration and the amount of data used, to enforce its policies. It also stores device hashes (that is, theoretically anonymous identifiers), but the company says these are not linked to user activity. The company says that it must collect this information because it does not require users to create an account to use the product. Other companies can provide services without these practices.

    Company representatives explained to me that Hotspot Shield also logs the domains—but not complete URLs—of sites accessed by each VPN server, with a timestamp. This is also outlined in the privacy documentation. The company tells me there is no way to connect this information to individual users, and that this is done to improve service. Some competitors have similar practices, but I’d like to see Hotspot Shield find creative ways to further protect user data.

    A Thorny Question of Free Privacy

    It’s always difficult to ascertain whether a VPN is acting in its customers’ best interests, but even more so with Hotspot Shield, because it chooses to monetize its free subscription in a way that other companies we’ve reviewed simply do not. Hotspot Shield deserves credit for its efforts at transparency, but the consequences of the company’s decision to profit from its free users mean that its efforts toward privacy will always come with an asterisk. 

    In all of my conversations with the company over many years, representatives have stressed that they feel a moral obligation to provide a free VPN product to help people living under oppressive regimes. But they also insist that they must pay for it with ads on the Android version of its app. 

    This is done with ad network SDKs and Google Ads, both of which gather user information to target advertisements. I should stress that this is only an issue for the free Android version of the app; these privacy concerns do not apply if you purchase a subscription or use the free subscription on a different platform.

    You could argue that targeted advertising in the free Hotspot Shield Android app is no worse than any other ad-supported app, or even browsing most websites, and that the cost in privacy is weighed fairly against free VPN protection for everyone. Yet ProtonVPN and TunnelBear both also offer free subscription tiers but do not monetize their users. A VPN is intended to improve your privacy, and we believe it must be held to a higher standard than the average mobile game. The company has gone to great lengths to minimize the privacy concerns that stem from monetizing its free version, but a far simpler solution would be to simply not serve ads.

    Hands On With Hotspot Shield

    Hotspot Shield provides apps for Android, iOS, macOS, and Windows. Several streaming devices, including Android TV and Amazon Fire Stick, also support Hotspot Shield apps. There’s also a command line app for Linux, and the company provides instructions on how to configure your router to use Hotspot Shield. In my testing, I used an Intel NUC Kit NUC8i7BEH (Bean Canyon) desktop running the latest version of Windows 10.

    The Hotspot Shield client looks much more at home on Windows 10 than other VPN apps. It’s a simple, dark blue window with snazzy cyan highlights. It looks and feels solid and modern. 

    Opening the app for the first time, I was greeted by a large button labeled Connect to VPN. A menu in the lower right corner displayed which server would be used. I really like this approach, since it gave me an obvious action to take and made clear what would happen.

    The app when not connected

    Once you connect your device to a server, the main page shows upload and download speeds, latency, the load on the server you’re using, and your apparent IP address. A map in the upper left shows a stylized view of the world. You can select a new location from the menu above. There are also panels showing your daily data usage and what network connection is active. Easy to miss is a Stop button at the very bottom of the app. This disconnects your device from the VPN server.

    When you go to select a new location, you see a grid of available server locations with the flag of that region. A search bar at the top makes short work of the numerous server locations. If there is more than one location within a region, you can choose where you’d like to connect—usually nothing more fine-grained than a city. This is pretty good, but we prefer services that let you choose specific servers and display information on the usage load of a server or region. 

    The Settings section is fairly light but has useful tools. You can choose your preferred VPN protocol from the Protocols section or let the default setting make that choice for you. There’s a Kill Switch, which cuts off all internet traffic should your VPN become disconnected. Perhaps the most powerful tool is the Smart VPN (aka split-tunneling), which lets you designate which apps or URL domains must use a VPN connection or must bypass the VPN. If you have an app or service that’s frequently blocked when using a VPN, this could help. The problem is that the app confusingly uses “Bypass” and “Pause” as the possible actions for apps and URLs, instead of something more descriptive.

    When you use a VPN, you expect that your IP address and DNS information are not leaked. To confirm that’s the case, I use the DNS Leak Test tool. My tests showed that my IP public address was changed and that my DNS information was secure. Keep in mind that I only tested one server. Other servers may be incorrectly configured. 

    Using a VPN often prevents you from accessing Netflix, even if you’re connected to a VPN server within the US. Unfortunately, when I tried streaming video from Netflix while connected to a US-based server I was only able to access Netflix Originals content. This might not always be the case. Services that work one day are frequently blocked the next, so keep that in mind when looking to purchase a VPN.

    The app's list of specialized servers

    Speed and Performance

    VPNs usually have a negative effect on your internet speeds. To get a feel for the impact of using a VPN, we perform a series of tests using the Ookla SpeedTest website, and find a percent change between test results with and without the VPN. You can read more about my testing, including its limitations, in the aptly named article How We Test VPNs. Note that Ookla is owned by PCMag’s publisher, Ziff Davis.

    In 2020, I determined that Hotspot Shield was the fastest VPN available. That’s no longer the case, but it is remarkable how well it held up against services using WireGuard. My testing showed that Hotspot Shield VPN reduced download and upload speed test results by 31.3% and 60%, respectively. It increased latency by 42.9%.

    In previous years, we conducted all VPN speed tests back-to-back for a bird’s-eye view. This year, we’re using a rolling system that will bring you fresher data. This new approach is also necessary because of COVID-19 restrictions that limit my access to the PCMag Labs test network. The most recent results are below.

    The latest VPN speed test results

    In general, we don’t believe that speed is the most important factor when choosing a VPN. Price, privacy, and trustworthiness are far more valuable than a quick download. It’s also worth noting that my tests can’t be viewed as the final word on speed. Our tests are just a snapshot, and your experience will almost certainly differ. 

    A Shield for Your Hotspot?

    All products have tradeoffs, but Hotspot Shield has more than average. It boasts strong speed test scores but doesn’t offer WireGuard on the most popular platforms. It’s expensive but offers a free option. That free subscription option is fairly generous, but it throttles data and pushes ads to free users on Android. It has an excellent collection of servers, but you can’t select individual servers. It offers access to a range of other privacy and security services, but that may not be valuable to you. Its privacy policy is quite transparent, but what’s in there isn’t always great.

    What hurts Hotspot Shield the most, and why its score has dipped slightly, is that other companies offer VPN protection without all those caveats. Some competitors have even decided to forgo customer data and monetization in the name of better privacy. Hotspot Shield is still a compelling product, but its competitors are simply able to make clearer arguments for their value and security.

    PCMag has several Editors’ Choice winners to recommend. ProtonVPN offers the best free subscription option, which may appeal to Hotspot Shield users. IVPN and Mullvad VPN both offer outstanding privacy protections for far less than Hotspot Shield. TunnelBear VPN has an interface that could not be friendlier, or easier to use. Lastly, NordVPN has a similar price to Hotspot Shield, but has a large server network and just about every tool you could want in a VPN.

    Leave a Reply

    Your email address will not be published. Required fields are marked *