Douglas Crawford

Douglas Crawford

June 21, 2018

NordVPN: What’s new in 2018?

NordVPN is a no-logs VPN provider based in Panama. This alone makes it one of the best VPN choices out there for privacy fanatics, who will also appreciate NordVPN’s strong technical security.  It is also a very fully-featured service, with double VPN, VPN over Tor, DNS-based malware protection, Smart DNS, and more, all part of the very reasonably-priced package.

Pricing and Plans

NordVPN has just the one all-in account plan, although discount “plans” available for bulk time purchases:

1 Year5.75View Details
Best Deal
2 Years3.29View Details
1 Month11.95View Details

NordVPN offers a 30-day money-back guarantee. It also offers a 3-day free trial for desktop users and 7-day free trial for its mobile apps.

It accepts payment via credit/debit card or PayPal. It also accepts Bitcoin, which allows for potentially anonymous payment. However, as always, please remember that NordVPN will know your true IP address, regardless.

Features

NordVPN is based in Panama. All customers enjoy the following features:

  • Six simultaneous connections
  • Servers in 62 countries
  • Choice of IKEv2, OpenVPN, PPTP, L2TP/IPSec VPN protocols
  • P2P: yes
  • Smart DNS service
  • Double VPN
  • Tor over VPN
  • CyberSec anti-malwate protection
  • Encrypted proxy add-ons for Chrome and Firefox browsers
  • Web proxy (free)
  • Socks5 proxies
  • VPN access for China and other restrictive countries using XOR obfuscation
  • DNS servers (useful if manually configuring a secure VPN connection)
  • Dedicated IP addresses are available for $5.83 per month

As always, I recommend using the OpenVPN protocol where possible (although IKEv2 is also good).

Although six devices can be connected to the service at once, if you connect devices to the same server, you must choose different protocols for the VPN connections. TCP and UDP are counted as different protocols, so you can connect one device using  TCP and another using UDP. Personally, I do not consider this to be a major limitation, and permitting six simultaneous devices is generous.

The Socks5 proxy is particularly useful for downloaders who only wish to proxy their torrent clients, or double-proxy them with a VPN for extra protection!

Smart DNS (“Smart Play”)

Smart DNS is a technology that enables you to pretend to be elsewhere by resolving  DNS requests at a specified location. This makes it ideal for streaming geo-blocked content.

According to NordVPN, users can access over 150 streaming services using NordVPN SmartPlay. These include Hulu, Amazon Prime, ABC Go, Zattoo, Cartoon Network, Shudder, WeTV.com, Telemundo, VH1, Vevo, TNT Drama, Sundance.tv, StarTrek, Spike, PBS, Slacker, NBC Sports, FoodNetwork, DramaFever, Discovery, Crackle, and many more.

NordVPN’s implementation of Smart DNS is rather unusual. For a start, it uses an encrypted proxy connection. I am not sure what advantage this brings over an unencrypted connection, as Smart DNS is not really about security or privacy. On the other hand, though, it can’t do any harm.

For a second, it requires no additional configuration. It runs inside all NordVPN’s apps, and when you are connected to a VPN server it detects whether the streaming service requires additional DNS routing. In practice, this meant that I could watch US Netflix even when connected to a non-US server. I have not tested, but NordVPN says all its UK servers now work for BBC iPlayer (both for mobile and desktop).

One downside of this setup is that you cannot configure NordVPN’s Smart DNS to run on devices that cannot run a VPN client: such as your smart TV, games console, or Roku.

Double VPN

This rather unusual feature allows you to “chain” VPN servers so that your data is routed between two VPN servers as it travels between you and the internet.

Your PC/device -> VPN server 1 -> VPN server 2 -> Internet

NordVPN double-hop

As you can see, data is re-encrypted as it leaves each server. NordVPN  offers several double VPN combinations

Such chaining can provide some security benefits, but will always result in a major loss of speed. As I argue in this article, I think the privacy/security benefits of “double-hop” VPN are rather limited. But I understand that this is not a view shared by everyone. For those who value the feature, NordVPN is one of only a few providers to offer it.

Tor over VPN

For a full discussion on the pros and cons of using Tor over VPN (or Onion over VPN as NordVPN terms it), please see here. In this configuration, you connect first to a NordVPN server and then to the Tor network before accessing the internet:

Your computer -> VPN -> Tor -> Internet

NordVPN achieves this using an OpenVPN configuration file which transparently routes your data from the VPN tunnel to the Tor network. This means that your entire internet connection benefits from Tor over VPN.

This setup does offer some privacy and security advantages, but a similar effect can be achieved simply by using the Tor Browser while connected to the VPN. Crucially, such a setup is much more secure than the method offered by NordVPN.

Tor over VPN (however you do it) will seriously slow down your internet speeds as you get the combined hit of using both the Tor network (which is very slow) and the VPN.

XOR Obfuscated Servers

NordVPN runs obfuscated servers in a number of counties: the US, Canada, the UK, Germany, the Netherlands, Sweden, Hong Kong, Singapore, Turkey, the UAE, and Egypt.  These use the XOR encryption algorithm to overcome VPN censorship blocks put into place by authoritarian governments.

XOR is often used by malware to hide from detection, but it also works just as well for hiding VPN ciphers! This means users in places such as China and Egypt should be able to access the open internet by connecting to one NordVPN’s obfuscated XOR servers.

CyberSec

CyberSec is a new feature. It blocks DNS requests based on a real-time blocklist of harmful websites that may host malware. As such, it should shield you against malware, help prevent botnet control, and block many intrusive web ads. I can’t comment directly on its effectiveness, but the principle is sound and there is no reason to believe it does not work as advertised.

WiFiSec

This new feature will automatically initiate a VPN connection whenever a Wi-Fi network is joined. It can be set up to auto-connect to Nord on both secured and unsecured Wi-Fi networks.

Visit NordVPN »

Privacy

Logs and Legal situation

NordVPN is based in Panama and promises to keep no logs at all:

NordVPN does not monitor, store or record logs for any VPN user. We do not store connection time stamps, used bandwidth, traffic logs, IP addresses.”

Panama has a completely uncensored internet and zero government surveillance. It is also comfortably outside the direct influence of the NSA and GCHQ. Indeed, the simple fact that this no-logs VPN provider is based in Panama makes it one of the best choices available for privacy fanatics.

Website tracking

The NordVPN website uses a number of trackers, but these seem fairly benign and non-invasive. Importantly, there are no Google Analytics or Facebook trackers.

NordVPN privacy

Please check out BestVPN.com’s VPN Review Process Overview for a discussion on website tracking.

Payment Processors

All payments are handled by a company called CloudVPN, which is based in the United Staes. NordVPN explained the situation to us:

Being based in Panama has a downside. It complicates our ability to sign our apps, place them in stores and process our payments. Therefore, we’ve established a proxy based in the US, which in a nutshell acts only as our payment processor and has nothing to do with the actual service… It’s not a third party company, it’s under our control, and we use it to process our payments. In short – we handle payments ourselves, just through another company.

Security

NordVPN uses the following encryption settings for OpenVPN connections:

Data channel: an AES-256-CBC cipher with HMAC SHA256 hash authentication.

Control channel: an AES-256-CBC cipher with an RSA-2048 handshake and HMAC SHA256 data authentication. Perfect Forward Secrecy (PFS) is provided by a DHE-4096 key exchange.

OpenVPN Encryption
Cipher
AES-256-CBC
Data Auth
HMAC SHA256
Handshake
RSA-2048
Forward Secrecy
DHE-4096
Logs & Legal
Connection
None
Traffic
None
Country
Panama

This is a very strong setup.

NordVPN’s iOS app also uses IKEv2 with an AES-256-GCM cipher and HMAC SHA2-384 data authentication. PFS is provided by a DHE-3072 exchange. NordVPN’s older OSX client uses OpenVPN, but its newer Mac App Store Client uses IKv2 with Cisco’s NGE (Next Generation Encryption) protocol.

For more information on VPN encryption terms, please see here.

The NordVPN desktop apps have a system kill switch. The Windows app also features a per-app kill switch. The iOS app features a kill switch. They all provide  IPv4 and IPv6 DNS leak protection, plus WebRTC leak protection. Overall, it has to be said that NordVPN provides superp technical security.

The Website

The NordVPN website has a fairly attractive blue and white theme, and is generally well presented. A FAQ outlines what most of NordVPN’s services actually do, but tends to shy away from too much technical detail.

Support

24/7 customer support is provided via a ticket system (web form), Facebook, Twitter, or email. A live chat option is also available. When I contacted support via live chat, I usually received an instant or very quick response.

In the past, I have found the quality of its support to somewhat uneven, but NordVPN seems to have upped its game of late. So much so, in fact, that it won Best Customer Service award in our 2018  BestVPN.com Awards.  NordVPN provided fast, detailed, and knowledgeable responses to our battery of customer service tests.

A small knowledge-base, plus various setup tutorials, are also available. A regularly updated blog discusses internet security issues in general, plus NordVPN-specific topics.

The Process

Signing Up

Signing up for the service is a straightforward affair. A valid email address is required, but there is no reason this cannot be a disposable one. Unless paying in Bitcoin, of course, NordVPN will know your payment details anyway.

Once signed up, you can download NordVPN’s software immediately, and will receive a confirmation email containing some useful links.

The NordVPN Windows Client

The map is pretty. In order to connect to the fastest server for your needs, you should let the software pick a server for you. This is because individual servers can vary in performance, so picking one at random is unlikely to produce optimum results.

The NordVPN Client

As we have already seen, there are lots of servers to choose from.

The NordVPN Client

These include many specialized servers.

The NordVPN Client

The Windows client now features both a per-app kill switch and a system kill switch. The system kill switch passed a simple disconnect test with flying colors, but failed when I force-closed all running VPN proceses to simulate a software crash. NordVPN  explained that:

We already modify OS firewall but we still need one process running. That process is responsible for firewall only and is independent from the application. Means if the app or VPN process crash, the firewall continues to work . Making it without any extra process is on our roadmap as well, looking to deliver in a few months.

The NordVPN Windows client, then, is very fully-featured, looks good, and is easy to use.

Performance (Speed, DNS, WebRTC and IPv6 Tests)

Please see VPN Speed Testing Done Right for an overview of our groovy new scientific speed test system. We have now improved our speed testing algorithm to account for VPN services which as NordVPN whose software selects the best server for its users. This provides a much fairer comparison between this kind of setup and services that load-balance across a number of servers at a given location.

Average global download speed results are our baseline measure for how fast a VPN is (higher is better). Its average speeds are not going to win any awards, but are solid. Its Max speeds are great, however, so you will get excellent performance when connected to nearby servers.

DNS lookup time is a good measure of how fast users perceive their connection to be, as it affects web page loading times. Faster lookup time= faster web page loading (i.e. lower is better). NordVPN could score better on this metric.

VPN connection time measures how long it takes between hitting the “connect” button in your VPN client to the VPN connection being established. It is probably the least important of these speed measurements, but no-one enjoys hanging around. Lower = better.  Again, results are litttle unispiriing.

NordVPN provides solid Average download speeds and excellent Max download speeds. DNS lookup times could be better, but in all practical terms, you are unlikely to even notice this.

NordVPN Performance and Speed Test

No IPv4, IPv6,  or WebRTC leaks were detected. Please note that those Private RFC IPs are local IPs only. They cannot be used to identify an individual, and so do not constitute an IP leak.

As noted earlier, US Netflix will work when connected to any server thanks to smart DNS routing. I was pleased to note that BBC iPlayer also worked just fine when connected to a UK server.

Other Platforms

NordVPN provides custom apps for Windows, macOS, iOS and Android. It also provides manual setup guides for these platforms, plus Linux (Ubuntu and Raspberry Pi), Blackberry 10, Chromium, and various routers and NAS systems. These guides look a little on the bare-bones side, but should work well enough.

It is also possible to purchase a pre-configured NordVPN router from Flashrouters. Additionally, NordVPN offers browser add-ons for Chrome and Firefox.

The Mac apps

A little confusingly, NordVPN offers two different Mac apps: a new IKEv2 Mac App Store app is the default option, but a direct-download OpenVPN app is also available.

NordVPN Mac Client

The apps look almost identical to each other. The IKEv2  Mac App Store app has both a system kill switch and a per-app kill switch, but not much else. The OpenVPN app has these too, and also offers obfuscated servers, custom DNS settings, and CyberSec protection.

Neither app provides access to the full range of specialty servers. It may just be a quirk of my system, but neither app displayed the NordVPN server map correctly.

The Android App

The Android app looks remarkably similar to the Windows client, which is a good thing.

NordVPN Android App

It allows you to connect to NordVPN’s full range of specialty servers. The new CyberSec feature us also is fully supported.

NordVPN Android App

I detected no IPv4 DNS or WebRTC leaks while using the Android app. I was unable to test for IPv6 leaks. Overall, the Android app is smart looking,  very fully featured, and works flawlessly.

The browser add-ons

The Chrome and Firefox apps connect to a NordVPN’s HTTPS proxy servers. They provide many of the benefits of a true VPN, but limited to just the browser. These includes spoofing your real location and encrypting your internet connection so that you cannot be spied on. Which can be very handy!

NordVPN Android App

You need a full NordVPN account to use its browser add-ons. Interestingly, the Firefox add-on unblocked BBC iPlayer for me, but not US Netflix.

Other/Free Services

NordVPN offers a number of privacy features that are free to everybody (not just subscribers). These include a web proxy, a YouTube proxy, and a free proxy list. I would hardly trust my life to such tools, but it is nice of NordVPN to provide them.

Conclusion

 I liked:

  • No logs
  • Based in Panama (great for privacy)
  • Free trial + 30-money back guaranty
  • Six simultaneous connections
  • Great customer service
  • Servers in 62 countries
  • P2P: yes
  • Great speed performance
  • Accepts Bitcoin
  • Very good encryption
  • CyberSec anti-malware protection
  • WiFiSec auto-WiFi protection
  • VPN access for China and elsewhere via XOR
  • Smart DNS service (when it works)
  • Works with US Netflix and BBC iPlayer
  • Great Chrome and Firefox add-ons
  • Socks5 proxies
  • Dedicated IPs (cost extra)
  • Double VPN (I’m a bit dubious, but others like it)
  • System kill switch (all apps) plus per app kill switch (all desktop apps)

I wasn’t so sure about:

  • Tor over VPN (using the Tor Browser over VPN is safer)

I hated:

  • Nothing

NordVPN offers a very fully-featured service. The fact that it is based in Panama and keeps no logs is also a big draw for those who care about privacy. Its software looks good and works well. Speed performance is beginning to look great now that we have made our test algorithm fairer, and a 30-day money-back guarantee gives you plenty of opportunity to ensure that everything works for you as it should.

What you get with NordVPN is a very fully featured, privacy-friendly VPN service that is also very fast.

Visit NordVPN »

Douglas Crawford

Written by

Published on: June 21, 2018.

June 22nd, 2018

I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. You can now follow me on Twitter - @douglasjcrawf.

164 responses to “NordVPN Review 2018 – Nord speed test, pricing and more

  1. Hi Douglas, firstly I would like to thank you for answering every comment on this website. It is nice to see someone is managing community so well. I would like to ask if you have tried new nordvpn feature android tv app? Can’t find info about it here. Is it worth to try? I’ve heard different thoughts about it and can’t decide should I use it on my tv. Cheers!

    1. Hi Patrickson,

      I haven’t tried it yet, but it should work well. Android TV apps are simply Android apps that have been reskinned to work better on a large screen and with a remote control. The core functionality for NordVPN’s one should be identical to its regular Android app. When I get round to re-reviewing NordVPN I will include a look at its Android TV app.

  2. There is speculation on the internet that NordVPN is owned by Tesonet. Tesonet is a data mining company based in Lithuania. Which means it operates under EU Law.
    No comment from NordVPN as of yet but hopefully they can now finally tell us who their parent is.
    It would be great to get an offical answer from NordVPN and if they are owned by Tesonet, this review will reflect this.

    1. Hi Sam,

      We are monitoring the situation and performing our own investigations using our industry links.

    I just signed up for the 3 year deal, confident in the numerous good reviews for NordVPN.

    Installation:
    No problems…about as good as the other providers I’ve used (IPVanish, PureVPN, VPN Unlimited, ExpressVPN)

    Windows Software:
    Takes a relatively long time to connect, but I’ve noticed the same for the other providers as well. Sometimes it seems like a few minutes before a new ip is secured.

    I have already experienced a few instances where it says it has connected but I don’t have an IP address or connectivity. I have to disconnect then reconnect, sometimes wasting 5 minutes or more. I suspect that the popularity of NordVPN is degrading this service, but who knows?

    I tried the “auto connect on startup” feature once, then disabled it. Afterward, it always auto-connects upon system startup, even though the feature slider shows it’s disabled. This is not a big issue unless you want to use your connection immediately and not wait 2 minutes to connect, every time you boot.

    Site Connections:
    NO AMAZON FROM Nord U.S. SERVERS! I have not been able to connect to any Amazon servers while connected through any U.S. Nord servers, contrary to the statement on their support page. When I connected through Canada, the main Amazon page took a FEW MINUTES to load, and the site rendered incorrectly. This is a problem, as I would like to make purchases on Amazon while correctly localized in the U.S. (prevents erroneous card fraud notices). This is a NordVPN disqualifier for me.

    I submitted a support ticket, but I don’t expect Nord to give me a reasonable solution for such a fundamental problem. We’ll see.

    I signed up for ExpressVPN just to compare, and I have none of the software issues or Amazon connectivity issues described above, as well as ~100Mbps xfer speeds. I’ll probably cancel Nord and see how Express works for a while, despite the cost increase.

    1. I bought a new pair of Nike from Amazon today and I was logged to Nord during the payment. It worked without any issues for me. Not sure but maybe they solved your problem.

Leave a Reply

Your email address will not be published. Required fields are marked *

Want to add a star rating to your comment? Click here
Price
Features
Reliability
Speed
Customer Service