Ray Walsh

Ray Walsh

अगस्त 20, 2018

TunnelBear is a Virtual Private Network (VPN) that is both secure and trustworthy. It is a feature-packed VPN with software for all platforms that keeps extremely minimal and non-invasive connection logs about its users. The VPN is excellent for beginners because it is super easy to use. In addition, the VPN has a superbly written privacy policy that is up-to-date and transparent. The price is fantastic (especially if you commit for a year), and the free starter plan lets anyone try out the service at its full capabilities (with a usage cap).

One of the few drawbacks of this VPN is that it is based in Canada and does not work with US Netflix.  However, it provides excellent connection speeds (currently coming in at 5th fastest premium VPN service in the world). This is an area where the VPN has made some noticeable improvements since last year’s review: a testament to its hunger to keep improving the service.

फायदा:
  • Good encryption
  • Minimal connection logs
  • Five simultaneous connections
  • Reasonable speeds
नुकसान:
  • Email support only

Visit TunnelBear »

Pricing and Plans

In keeping with its excellent sense of humor (which users are treated to regularly in its emails), TunnelBear VPN has three different payment plans: Little, Giant, and Grizzly. The good news is that since we reviewed Tunnelbear last year,  the yearly plan (Grizzly) has come down in price (it used to cost $4.99 but now costs just $4.17).

सबसे अच्छा सौदासबसे अच्छा सौदा
Grizzly Plan4.17विवरण देखें

The Little plan is free and permits subscribers to make use of 500 MB of free data every month. Free users are given access to all servers apart from Australia (so 19 locations in total).

One thing worth remembering is that TunnelBear doesn’t offer a money back guarantee. This is because it lets people try the service for free. For this reason, we advise potential subscribers to test the Little TunnelBear VPN plan before purchasing a subscription.
TunnelBear refund

Payment can be made via credit card or bank card, and Tunnelbear is very specific about how it handles payment info in its privacy policy. Needless to say, it handles things in an extremely professional manner (operating exclusively with PCI compliant payment processors). PayPal is not accepted by TunnelBear VPN. The good news is that subscribers can pay using Bitcoin if they want.

Features

TunnelBear is a Canadian VPN that is endorsed by a number of high profile websites.

The firm first appeared back in 2011 when it was founded by Ryan Dochuk and Daniel Kaldor.

TunnelBear Servers

TunnelBear VPN has servers in 20 countries. This allows subscribers to pretend to be in any of those places to bypass geographic restrictions and local censorship. The paid plans give subscribers access to all of the servers. The Australian server is only available to paid users and cannot be accessed on the free plan.

Subscribers can access TunnelBear’s global network from a desktop PC, laptop, smartphone, tablet, or even using a VPN-friendly router. In fact, it is possible to connect using all of those options, because each premium account permits five simultaneous connections.
TunnelBear servers

VigilantBear (Kill Switch)

A kill switch stops data from being leaked outside of the VPN tunnel if the VPN connection drops out. This stops any unencrypted web traffic from leaking to your Internet Service Provider (ISP). This protects your privacy. Please refer to the privacy and security section later in this review for more information.

Peer-to-peer (P2P)

TunnelBear is based in Canada and it asks users not to break any of its local laws. For this reason, TunnelBear VPN technically does not permit P2P Torrenting.  As such, if you need a VPN for BitTorrent – this is not the ideal VPN service to use.

GhostBear

GhostBear is TunnelBear’s VPN obfuscation technology (also known as ‘stealth mode’.) It disguises OpenVPN traffic to help people get around firewalls (such as the Great Firewall of China). It does this by implementing obfsproxy. This makes VPN encryption less detectable by governments, ISPs, and businesses – by making it seem like normal HTTPS traffic.

Leaving GhostBear disabled doesn’t really make you less secure. However, it is an excellent extra feature for people that need to disguise their VPN use. Stealth mode also helps to stop ISP throttling in places where OpenVPN traffic is throttled.

In theory, GhostBear can slow down your internet traffic (during my tests it didn’t). For this reason, it is probably better only to use this feature if you actually need it. For everyone else, regular OpenVPN User Datagram Protocol (UDP) will provide the fastest speeds.

Visit TunnelBear »

Security and Privacy

TunnelBear stores some minimal logs for a month. This is what TunnelBear says about having to comply with the authorities in Canada:

“In the event TunnelBear is required to comply with law enforcement where subpoenas, warrants or other legal documents have been provided, valid under Canadian jurisdiction, the extent of disclosure is limited to the Personal information you provided upon registration as well as overall number of connections, overall MBs used that month.”

That is a fantastic privacy policy which means that no data about VPN usage, or a users IP address is linked to an account and can be used to mount a time correlation attack:

On the other hand, “total data used” statistics could allow TunnelBear to pinpoint subscribers who are breaking its no P2P clause (but not very easily considering that people use VPNs to stream on Netflix nowadays). Either way, it is better to stick to not using TunnelBear for Torrenting (as it asks). Why? Because despite not keeping logs it could monitor traffic for P2P use in real time and then ban an account before it receives a DMCA notice. If want a VPN to torrent, please head over to best VPN for torrents guide.

The highly minimal nature of what is kept by TunnelBear means that subscribers really never need to worry about what they use the VPN for. Even if served a warrant by the authorities TunnelBear VPN would have very little to hand over!

TunnelBear Terms of Service

Because TunnelBear VPN is based in Canada it is subject to some pretty invasive laws. This is far from ideal because Canada is part of the infamous Five Eyes Treaty. Canada has also been found to be snooping on citizens several times in recent years.

TunnelBear’s privacy policy means that even if approached by the authorities, TunnelBear will have no usage, or invasive connection logs, to hand over. As such, the most that the authorities should be able to get from the company is your name, email address, payment details, whether you have used the VPN in the last month, and how much data you consumed with the VPN.

However, it worth bearing in mind that TunnelBear does pretty much wash its hands of any responsibility for a number of things in its Terms of Service:

As you can see TunnelBear absolves itself of responsibility for just about everything. In addition, TunnelBear clearly states that users can’t:

It also asks users to always abide by the laws of their own country and of the country that they tunnel into. All points that are definitely worth bearing in mind (especially because it is based in Canada).

What Encryption does TunnelBear Have

TunnelBear encryption

When it comes to encryption, TunnelBear provides access to two different VPN protocols. The Windows, Android, and Mac OS X clients all implement OpenVPN.  iOS VPN users get the choice of either Layer 2 Tunneling Protocol (L2TP)/Internet Protocol Security (IPsec) or Internet Key Exchange version 2 (IKEv2). As such, anybody wishing to connect via OpenVPN on iOS will need to do so using the third party OpenVPN Connect software (which is free).

Strong 256-bit Advanced Encryption Standard (AES) encryption with SHA256 authentication is used across the platforms, apart from iOS 8 and earlier (which is encrypted with 128-bit AES encryption and uses SHA-1 for data authentication).

All this information is available on TunnelBear’s blog, which is a fantastic level of transparency. Also positive: TunnelBear does not provide Point-to-Point Tunneling Protocol (PPTP) – an out of date form of VPN encryption that is now considered insecure

OpenVPN Encryption
Cipher
AES-256
Data Auth
SHA256
Handshake
RSA-4096
Forward Secrecy
DHE-4096
Logs & Legal
Connection
None
Traffic
minimal
Country
Canada

In addition to strong encryption and a strong privacy policy, last year TunnelBear invested in a third-party audit. That professional security audit permits TunnelBear to confidently advertise the privacy and security provided by its platform. It also serves as evidence of the security and privacy claims that TunnelBear makes.

It is also worth noting that TunnelBear has released two Beta fixes for IP leak problems recently discovered. These improvements stop  IPv6 leaks and IP leaks when network adaptors are reconfigured. The fixes will be rolled out in the Windows and Mac OSX clients in the coming months.

Anybody wishing to make use of these IP leak improvements can get the beta version from the TunnelBear website right now, everyone else is recommended to use the Vigilant Bear (Killswitch feature).

The Website

TunnelBear review

TunnelBear VPN has an amusing and well-crafted website that is easy to navigate. The homepage is sparsely populated and is filled with images – serving primarily as a menu to navigate users to other pages. This makes it easier and less confusing for non-techy VPN users who arrive at the website.

From the homepage, it is easy to navigate to other pages to find out more details about the VPN’s features. At the bottom of the front page, you will find tabs leading to “Download”, “Features”, “Pricing”, “Help”, “My Account”, and “About Us” pages. A menu in the top right of the website navigates users to “Download”, “Teams”, Pricing”, and “Login” pages.
TunnelBear website

There are also dedicated pages for each supported platform. At the bottom of each page under “Company”, it is possible to navigate to  “Blog”,” About Us”, “Privacy Policy”, “Terms of Service” and other useful resources. It is particularly nice to so easily find TunnelBear’s terms of service and privacy policy on the website.

The TunnelBear blog in a nice addition. Although not updated that frequently, it has the necessary information and explanations about both key aspects of VPNs in general and the service that TunnelBear provides. With that in mind, it is a useful resource for customers looking for information about the VPN.

TunnelBear Support

TunnelBear has a dedicated Help page that can be found in the small menu at the bottom of any page. This resource consists of information regarding “Status Updates”, “Getting Started”, “Accounts & Payments”, “Browser Extension Help”, “Windows App Help”, “Mac OS X App Help”, “iOS App Help”, and “Android App Help”. These articles can be easily found using the page’s search button.
TunnelBear help section
For anybody that can’t find an answer on TunnelBear’s help page, it is possible to contact TunnelBear directly. Sadly, the firm doesn’t have a live chat feature, so you will need to use the online contact form. Subscribers and non-subscribers can use this feature to ask questions about the service.

To test TunnelBear’s customer support, I sent their representatives a question about encryption on the platform to see if anything had been changed or improved since the last time I reviewed them last year. As was the case last time I  received an email telling me to expect a response within 24 hours.
TunnelBear customer support
My response arrived within 24 hours, but I did have to ask for clarification on one point which wasn’t answered clearly. Despite this slight hitch, I found them to be very friendly and eager to help. What’s more, I did get the details I wanted in the second response. Not the best customer support in the world, but certainly not bad either.

The Process

Signing Up

Signing up to TunnelBear VPN is an easy process all round.  To access the free version, users must enter an email address and password. Following that, the site automatically redirects users to the downloads page. At this point, users can select software for the platform they require. Subscribing to a paid plan will require additional payment via credit card or Bitcoin (PayPal is not supported anymore).
create TunnelBear account
Once on the download page, simply download the TunnelBear client for the platform you need. The software downloads quickly and a setup wizard walks you through the process on installation without a hitch. Once installed, you can log in using your email and password.

After logging in, TunnelBear provides a quick walkthrough to explain the VPNs capabilities. Finally, it asks subscribers to check their inbox for an account confirmation email. As long as the account is verified, users can begin using the VPN software (free or paid).

The TunnelBear Windows VPN Client

The TunnelBear Windows VPN has been designed with great care. The client looks great and is fun to use: this is pretty rare. In keeping with its image, the software is filled with bear joes and amusing bear graphics. By default, TunnelBear connects to a random server situated close to you. If you require a specific location, then you will need to select it from the list of server locations and click connect.
TunnelBear VPN review

In the upper left corner, users can access a drop-down menu where they can change the VPN’s Settings. In “General”, subscribers can elect to set TunnelBear to run when they start up their computer. In addition, they can ask the client to send them notifications about various things (disconnections, disruptions to service, and network status information).
TunnelBear settings
In the Security tab, users can enable VigilantBear (the kill switch) and GhostBear (stealth mode) feature for bypassing firewalls. Using the kill switch is recommended at all times to stop data from leaking to your ISP: this guarantees your privacy. GhostBear is only necessary for people living in locations where VPN obfuscation is necessary (for getting around Firewall or bypassing ISP throttling). GhostBear is actually TunnelBear’s implementation of Obfsproxy.
TunnelBear security
Under Trusted Networks, users can add known networks and enable TunnelBear to connect to a VPN server every time they connect to an unknown network (perfect for people who use random public WiFi hotspots regularly).
TunnelBear client
Finally, the Account tab can be used to manage your subscription, request support using the ticket system, or to log out of TunnelBear VPN.

TunnelBear account

Performance (Speed,DNS, WebRTC, and IPv6 Tests)

This year, we tested TunnelBear using our purposefully setup VPN speed testing servers. For more information on how our new scientific speed tests work please check out our article here. The new speed test system, allows BestVPN.com to get much more accurate speed results than ever before, which are updated 3 times a day. This gives us a distinct advantage over all other VPN comparison websites.

Just like last year, we found Tunnelbear to be one of the fastest VPNs around (at the time of writing it is the fifth fastest VPN).

TunnelBear currently provides average download speeds of 28.2 Mbit/s and Max Speed/Burst Results of 118.1 Mbit/s.

As you can see, TunnelBear outperforms a number of popular VPN providers. Certainly, TunnelBear provides speeds that are plenty good enough for streaming video content in HD.

I didn’t find GhostBear (stealth mode via Obfsproxy) to slow down my speeds much more than the VPN without, though it is supposed to – so perhaps I got lucky.

I tested for IP leaks and DNS leaks using ipleak.net. The good news is that I didn’t detect any IP or Domain Name System (DNS) leaks while using TunnelBear. I also detect no Internet Protocol version 4 (IPv4), or Web Real-Time Communication (WebRTC) leaks either.

Unfortunately, I could not test for IPv6 leaks on my system because my ISP connection is incompatible. As far as I know, it is possible to get IPv6 leaks one some occasions. However, TunnelBear has new software updates (currently in Beta) to fix these issues. In addition, turning VigilantBear (killswitch) on successfully mitigates against these kinds of leaks.

Other Platforms

As well as Windows, TunnelBear is available for Android, OS X, iOS, and Linux. The client is very similar on all of those platforms (apart from Linux – which will require the third party OpenVPN client). The iOS client provides L2TP/IPsec encryption instead of OpenVPN encryption, so if you require OpenVPN you will also need the third party OpenVPN connect software. All the clients provide ease of use and identical connection speeds. For details about each of the platforms, you can find a guide on their website.

TunnelBear also has a browser extension that is free to download and can be used with either Chrome or Opera (but not Firefox). The browser extension is a nice addition, but remember that it is a proxy service as opposed to a full VPN service (it only proxies data within the browser). The browser extension is multi-platform (works with Linux, Chrome OS, OS X, and Windows).

Conclusion

I liked:

  • Five simultaneous connections
  • Great customer support
  • Servers in over 20 countries
  • Strong encryption implementation
  • Transparent privacy policy
  • Zero logs policy
  • Optional GhostBear (stealth) feature
  • VigilantBear (killswitch) feature
  • Browser extension (Chrome & Opera)
  • Easy to use on all platforms (Linux now compatible)
  • Above average connection speeds
  • New updated client currently in Beta

I wasn’t so sure about:

  • Based in Canada
  • Limited support options
  • Doesn’t unblock Netflix US

I hated:

  • Terms of Service section 8 “Disclaimer of Warranties”

TunnelBear is a lovely looking and easy to use VPN service that is ideal for beginners. The free plan permits users to get a taste of the service, though 500 Mb per month certainly won’t be enough to use the service for anything considerable (like streaming movies securely).  The free version is useful for people living in conflict areas, or locations where heavy censorship is in place. It will allow them to access news websites and do other none data-intensive tasks in times of need.

TunnelBear VPN has a good privacy policy and the trivial connection logs that the firm keeps are for internal use and cannot be used to interfere with subscribers’ privacy. Apart from being in Canada, the only thing that concerns me is TunnelBear’s Terms of Service, which (god only knows why) denies responsibility for just about anything and everything. Overall, the paid plans are solid VPN subscriptions that provide well above average connection speeds.

Visit TunnelBear »