Douglas Crawford

Douglas Crawford

June 18, 2018

Hide.me is a no-logs VPN based in Malaysia. It is rather expensive for what you get, so I had hoped to find a VPN that justified the cost. And in many ways Hide.me is indeed, good. It uses extremely strong encryption, is quite fully-featured, and has a great regard for privacy. I detected an IP leak, however, and speed performance is very unexciting.

Pricing and Plans

Hide.me offers three basic pricing plans – Plus and Premium. The Plus plan starts at USD $9.95 per month if paid monthly, but drops to $4.99 per month if paid annually. The Premium Plan costs USD $19.95 per month if paid monthly, but this drops to $9.99 per month if paid annually.

Hide.me prices

It has to be said that this makes Hide.me one of the most expensive VPN services on the market.

Hide.me offers a 14-day money back guarantee, but this is only valid if bandwidth usage is not more than a rather low 500MB.

Payment can be made via PayPal, credit/debit card, iDeal or Wire transfer. Hide.me also accepts payment via a range of cryptocurrencies.

This potentially allows you to pay for the service anonymously, but please remember that no matter how anonymously you pay, a VPN will always know your real internet (IP) address.

Features

The features on offer vary depending on which plan you choose.

  • No logs
  • 35 servers in 28 countries worldwide. This includes a few more unusual locations, such as Brazil, Mexico, India, and Morocco
  • 75 GB data (Plus plan) or unlimited data (Premium plan)
  • 1 connection (Plus plan) or 5 simultaneous connections (Premium plan)
  • PPTP, L2TP/IPsec, IKEv2, OpenVPN, SoftEther and SSTP VPN protocols
  • Apps for Windows, Mac OS X, Android, and iOS
  • Automatic WiFi protection
  • Kill switch
  • P2P on selected servers.
  • SOCKS proxy
  • Static IP (optional)

This is a decent feature list, but most VPNs offer unlimited data and multiple simultaneous connections for a half or less the price of Hide.me’s Premium Plan.

Note that the full range of VPN protocols are only supported in Windows, including SoftEther.  Most other apps primarily use IKEv2, although as this is a secure and fast protocol this is not a major issue.

Automatic WiFi protection

This automatically detects when your device connects to an unsecured WiFi network and offers to enable the VPN for you. I have not tested this feature, but it could be useful protecting you from hackers when using public WiFi hotspots.

SoftEther

Hide.me is notable for supporting the SoftEther VPN protocol, an open source alternative VPN platform that is also referred to as SSL-VPN. This is because it is based on HTTPS and therefore uses SSL/TLS encryption and TCP port 443.

Much like running OpenVPN over TCP port 443, this makes SoftEther VPN traffic look similar to regular secure HTTPS traffic. This makes it difficult for firewalls to block.

The SoftEther SSL-VPN protocol is therefore great for overcoming VPN blocks, and I have heard reports of it being effective at defeating VPN censorship in China and Egypt. As already noted, please be aware that SoftEther is supported on Windows systems only.

Privacy

Logs and Legal

One of Hide.me’s strongest points is that it keeps very few logs. “Non-persistent” connection logs are “securely erased every few hours,” but even these do not record your real IP address or timestamp.

Again, this is not connected to your real IP address. It almost goes without saying, of course, that Hide.me does not monitor your internet activity (it keeps no usage logs).

So other than keeping track of bandwidth, I think Hide.me’s claim to have a “0% Log Policy” is fair. It can do this because Hide.me is based in Malaysia. The internet in Malaysia is quite censored but this does not appear to affect VPNs, who are not required to keep logs. Which is great.

Payment processors

Payments are processed by Paymentwall Inc. and Cleverbridge AG. In many ways this is good, as it means that Hide.me does not know your payment details. It does mean, however, that some payments are processed by a US company, which might worry the more NSA-phobic out there.

It is also worth noting that neither of these companies is known for protecting customers’ privacy.

Website tracking

The Hide.me website uses only a single Google Analytics tracker, and “to enhance your anonymity, hide.me have opted to only allow Google to collect only a portion of the IP address. Google Analytics may also store a web cookie to facilitate the identification of users who revisit the site.”

Hide.me Privacy

This is, of course, not as good as using no trackers at all, but is nevertheless quite non-invasive.

SOCKS Proxy

The SOCKS5 proxy offered by Hide.me is itself unencrypted, as it is intended to be used with the VPN which secure encryption.  The primary advantage doing this is that if the VPN connection is interrupted, then the proxy will lose the connection.

This means the SOCKS proxy can act as a per-app kill switch for any app that supports the SOCKS5 protocol. Which includes almost all browsers and P2P torrent clients.

Hide.me also claims that running P2P torrent traffic through the SOCKS proxy with the VPN running will optimize traffic, resulting in “much higher transfer rates with P2P-Applications.”  I have never heard of this before, so cannot comment on how true this claim is.

For more information on SOCKS proxies, please check out my Ultimate Proxy Server Guide.

Static IP

You can assign each device a static IP if you wish. These may be shared with other users, so although they are static IPs, they are not dedicated IPs.

This is good for privacy, but not so useful for evading website VPN blocks. It is handy for bypassing NAT firewalls, however, including the one used by Hide.me. Universal Plug and Play (UPnP) is fully supported.

Hide.me Devices

Security

The real test of a VPN provider’s technical security is in the details of the OpenVPN encryption it uses. By default, Hide.me uses the following settings:

OpenVPN Encryption
Data Cipher
AES-256-CBC
Control Cipher
AES-256-GCM
Data hash auth
HMAC SHA256
Control hash auth
HMAC SHA384
Handshake
RSA-8192
Forward Secrecy
DHE
Logs & Legal
Connection
none
Traffic
None
Country
Malaysia

Control channel: an AES-256-GCM cipher with RSA-8192 handshake encryption. Additional authentication is not required with GCM, but HMAC SHA384 hash authentication is also specified in the encryption suite. Perfect Forward Secrecy is ” is enabled by default.” I will assume this means a standard Diffie-Hellman Exchange (DHE) is used, but it may be higher.

Data channel: an AES-256-CBC cipher with HMA SHA-256 hash authentication.

This is a great setup and is extremely secure. In fact, it is the first time I have ever encountered ultra-strong  8192-bit RSA keys. I asked Hide.me about this;

I can positively confirm that we are using 8192 bit RSA key. You can verify that by connecting to our OpenVPN server. At hide.me, we know that might be an overkill, but we want to make sure that even the most security-conscious user gets what he or she wants.

As we shall see, however, other security aspects are much more worrying. The desktop clients have a kill switch, but they will not survive if clients crash. I also detected a WebRTC IPv6 DNS leak, even when the Windows DNS leak protection option was enabled. This is not good.

The website

The Hide.me website is has a stylish design. It is somewhat short on technical details but does feature a battery of well-written setup guides for a host of platforms.

It is also good to see strong multi-lingual support, with English, Hindi, Bahasa Indonesian, German, Spanish, French, Dutch, Polish, Portuguese and Russian versions of the website available.

Hide.me Server list

The online console is very user-friendly. Here we can see lots of dandy server information clearly presented.

Hide.me’s support

Other than the setup guides, support is primarily via 24/7 live chat, although a ticketed email option is also available. I initially found the live chat staff to be friendly and knowledgeable, but this experience soured somewhat as time went on.

As expected, when I asked a highly technical question I was asked to submit a ticket to the tech department. Again, initial imprisons were undermined by poor responses later.  It was only when, rather annoyed, I told support that I was reviewing Hide.me for BestVPN.com that I regained their full attention.

I would, therefore, characterize the quality of support as rather uneven.

The Process

Signing-up for Hide.me is very easy. A valid email address is required, but there nothing to prevent this from being a disposable one.  If paying in a conventional way the payment processor will know your payment details, but not Hide.me.

The Windows Client

You must have the Windows .Net framework 4.6.1+ installed to run the client. If not then you will be prompted to install it, which may require restarting Windows. When you first start the client another window opens which gives a quick run-through on how to use the software. This is a nice touch.

Hide.me Connecting

The client itself looks good and has a simple “one-click connect” interface.

Hide.me Disable

If using OpenVPN you can choose between UDP and TCP and select port number.

Hide.me Settings

The Windows client features a kill switch. I ran a couple of tests to ensure the kill switch works correctly. The client was running inside a Virtual Machine (VM). Disconnecting then reconnecting the host machine’s internet connection is a good way to simulate a standard VPN drop-out.

Hide.me settings

In this test the internet cut out, and I was offered the option to reconnect to either the VPN or just the internet. Unfortunately, clicking “Reconnect to the VPN” simply enabled the internet, and I had to re-enable the VPN manually after.

Had I been using a BitTorrent client or similar, then for a short while my true IP would have been exposed for all the world to see. This can be fixed simply by killing all such programs before enabling the internet, but it can easily catch you off-guard.

Hide.me VPN Connection

I also tested to see if the kill switch would survive a software crash. This is done by force-closing the VPN client and seeing if an internet connection is still available. Worryingly, the internet did not cut out and my true IP was revealed.

There is a DNS leak protection option and the client should disable IPv6.  Even when DNS leak protection was enabled, however, I detected a WebRTC IPv6 DNS leak. See below for more details.

A good selection of VPN protocols is on offer, with IKEv2 being the default.

Hide.me Settings

“Fallback configuration” allows you to select one or more alternative VPN protocols to automatically fall back on if your first choice is somehow blocked. It only saves you from manually disconnecting and reconnecting using a different protocol, but is nevertheless quite nice.

I would prefer a kill switch that can survive software crash, but the Hide.me Windows client is otherwise easy to use and fully featured.

The Mac OSX client

Unlike the newer but cut-down Apple Store macOS app (see below), Hide.me’s full desktop (OSX) client does not feature the same styling found in most of its other apps. It supports IKEv1 (Cisco) and IKEv2, although I must admit that I can think of very little reason to use IKEv1.

As with the Windows client, the Mac client opens a guide window when you first start the app.

Hide.me Mac

The client features a kill switch, DNS leak protection and fallback protocol options. Note that these options are disabled (and IKEv1 is used) by default. You will therefore probably want to change these settings before first using the client.

Hide.me VPN Settings Mac

As with the Windows client, the kill switch worked well when I simulated a VPN dropout but provides no protection in the event of a crash.

Performance (Speed, DNS, WebRTC, and IPv6 Tests)

Speed tests

BestVPN.com has recently introduced a groovy new speed test system that provides a scientific and objective way to measure and compare VPN speed performance. Please see here for more details.

Average global download speed results are our baseline measure for how fast a VPN is. It must be said that Hide.me’s results here are not amazing. Even when connected to a nearby server people with fast internet connections will likely be disappointed to find speeds capped at a little over 50 Mbits/s.

Hide.me speed

DNS lookup time is a good measure of how fast users perceive their connection to be as it affects web page loading times. Faster lookup time= faster web page loading (i.e. lower is better). Although not the fastest we have recorded, Hide.me’s DNS lookup times are pretty good.

Hide.me Speed Test

VPN connection time measures long it takes between hitting the “connect” button in your VPN client, and the VPN connection to be established. It is probably the least important of these speed measurements, but no-one enjoys hanging around.

Hide.me Speed Test

IP leak tests

We run basic test IP leak tests by visiting ipleak.net. These include IPv4 and IPv6 DNS leak tests and Ipv4 and IPv6 WebRTC leak tests.

Please see A Complete Guide to IP Leaks for a full discussion of what all this means. Basically, though, if we can see our real IP address or an IP address belonging to our real ISP when using the VPN, then fail.

Hide.me Your IP

That UK IPv6 WebRTC address in this Windows test belongs to our ISP (BT Broadband). Oops. Fail. Note that the test was performed with the “Prevent DNS leaks” setting enabled.

Both Netflix and BBC iPlayer blocked me when using Hide.me.

Other Platforms

Hide.me offers custom apps for Windows, macOS, Android, iOS, and Windows 10 Mobile.

Somewhat confusingly, in addition to full desktop clients for Windows and Mac, Hide.me offers cut-down apps for Windows 10 Store and macOS App Store.

Hide.me also provides detailed manual setup guides using various VPN protocols for Windows, macOS, Linux (Ubuntu and Fedora), iOS, Android, Windows Phone, Blackberry 10, a selection of routers, Kodi, and more.

The Android App

The Android app has a similar look and feel to its desktop cousins.

Hide.me App

Settings options, however, are very basic. The internet did cut off until a VPN connection was re-established upon a regular disconnect so it can be said to have a kill switch, but this did not survive a force-closing of the Hide.me app.

Hide.me V{N Settings for Android

There is no explicit DNS leak protection option, but I did not detect any IP leaks. Overall, the app is simple works well.

The Windows and macOS Store apps

Hide.me tells me that new features are slowly being added to these apps, although at present they are fairly basic. The Windows app supports IKEv2 and PPTP, while the macOS app supports IKEv2 with IKEv1 as fallback. They otherwise appear to be identical.

Hide.me VPN Settings

I found the Windows app to be very buggy – it crashed every time I tried to change location away from ”default” –  but the macOS app worked well.

Neither app features a kill switch per se., but both apps cut my internet connection when I simulated a disconnect. Interestingly, they also maintained my connection to the VPN server even when I force-closed the apps.

This must be because they leverage Windows’ and macOS’ built-in VPN functionality, which act independently of the apps.

Hide.me Free Plan

Users are limited to three sever locations (Canada, Netherlands and Singapore), 2 GB data transfer per month, and 1 connection (although I can see no reason why different accounts cannot be used on as many different devices as you like).

Windows users do not have access to the OpenVPN and SoftEther VPN protocols, although this is not a major problem as IKEv2 is very good.

The pricing page says that bandwidth is also severely limited for free users, although it promises a minimum of 3 Mbits/s.

A quick non-scientific test on speedtest.net produced the following results:

Hide.me VPN Mac

The first result is without a VPN, the others to the nearest VPN server from my UK location.

These results are not bad for a free VPN service and are likely the result of busy servers rather than any deliberate throttling.

The plan must be renewed every 14 days but, it is still a good service. Overall, the plan is fine for checking your email and web surfing, but the 2 GB per month restriction limits its usefulness.

Conclusion

I liked:
  • No logs
  • Very strong OpenVPN encryption
  • 35 servers 28 countries
  • Apps for Windows, Mac OS X, Android, and iOS
  • Automatic WiFi protection
  • Kill switch (but will not work if the app crashes)
  • P2P on most servers
  • SOCKS proxy
  • Static IP (optional)
  • Minimal website tracking
  • Good cross-platform support
I wasn’t so sure about:
  • Uneven support
  • Netflix and BBC iPlayer blocked
  • Speed results are meh
I hated:
  • Expensive
  • IP leak detected

There is much to like about Hide.me. It offers a no logs VPN service with a decent feature list and 24/7 live chat support. Unfortunately, I found the quality of that support to be rather uneven and was disappointed by Hide.me’s speed test results.

And the fact that my real IP was exposed via a WebRTC IPv6 DNS leak when using the service is very worrying!

The elephant in the room, however, is Hide.me’s pricing. For $10 per month (base price) I expect a hell of a lot more than a measly 1 connection and 75 GB data limit. And $20 per month (base price) for 5 connections and unlimited bandwidth is insanely expensive!

It is said that you get what you pay for, but Hide.me does not live up to this promise.

Douglas Crawford

Written by

Published on: June 18, 2018.

August 6th, 2018

I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. You can now follow me on Twitter - @douglasjcrawf.

28 responses to “hide.me Review 2018 – Is Hide.me VPN Secure and Private?

  1. I have used Hide.me VPN (Both free and Premium Plan). According to my practical experience, I must state that Hide.me’s client is one of the easiest and most user-friendly software/app in industry. Speeds of different VPN-server-networks are very stable and good than many other competitors. I found Its client capable of hiding my real IP assigned by my local ISP, of preventing WebRTC IP leak and DNS leak. Its Kill switch works perfectly. I am not sure about its capability of preventing IPv6 leak because my ISP does not support IPv6 traffic.

    Note that if you randomly install and use many VPN services on your same operating system (for example: Windows 8) of your PC and if your operating system manages to configure firewall to partially disable any proper functionality, you may experience DNS leak, disorder of IPv6 leak protection several times, even your OS may block you from figure it out manually. In this case, if you set up a fresh OS, then might not get such leak or disorder of configuration until your OS causes same thing mentioned above.

Leave a Reply

Your email address will not be published. Required fields are marked *

Want to add a star rating to your comment? Click here
Price
Features
Reliability
Speed
Customer Service