One of the few drawbacks of this VPN is that it is based in Canada and does not work with US Netflix. However, it provides excellent connection speeds (currently coming in at 5th fastest premium VPN service in the world). This is an area where the VPN has made some noticeable improvements since last year’s review: a testament to its hunger to keep improving the service.
In keeping with its excellent sense of humor (which users are treated to regularly in its emails), TunnelBear VPN has three different payment plans: Little, Giant, and Grizzly. The good news is that since we reviewed Tunnelbear last year, the yearly plan (Grizzly) has come down in price (it used to cost $4.99 but now costs just $4.16).
The Little plan is free and permits subscribers to make use of 500 MB of free data every month. Free users are given access to all servers apart from Australia (so 19 locations in total).
Giant is TunnelBear’s monthly plan. It gives subscribers unlimited use of its service for $9.99 per month. As mentioned Grizzly is by far the best value for money (and is its best-selling plan). It gives users access to all of its services for just $4.16 per month ($49.88 per year). Both the paid plans are identical in terms of features and both provide unlimited, log less use of all the servers.
One thing worth remembering is that TunnelBear doesn’t offer a money back guarantee. This is because it lets people try the service for free. For this reason, we advise potential subscribers to test the Little TunnelBear VPN plan before purchasing a subscription.
TunnelBear VPN Features
TunnelBear is a Canadian VPN that is endorsed by a number of high profile websites.
The firm first appeared back in 2011 when it was founded by Ryan Dochuk and Daniel Kaldor.
TunnelBear VPN has servers in 20 countries. This allows subscribers to pretend to be in any of those places to bypass geographic restrictions and local censorship. The paid plans give subscribers access to all of the servers. The Australian server is only available to paid users and cannot be accessed on the free plan.
Subscribers can access TunnelBear’s global network from a desktop PC, laptop, smartphone, tablet, or even using a VPN-friendly router. In fact, it is possible to connect using all of those options, because each premium account permits five simultaneous connections.
VigilantBear (Kill Switch)
A kill switch stops data from being leaked outside of the VPN tunnel if the VPN connection drops out. This stops any unencrypted web traffic from leaking to your Internet Service Provider (ISP). This protects your privacy. Please refer to the privacy and security section later in this review for more information.
TunnelBear is based in Canada and it asks users not to break any of its local laws. For this reason, TunnelBear VPN technically does not permit P2P Torrenting. As such, if you need a VPN for BitTorrent – this is not the ideal VPN service to use.
GhostBear is TunnelBear’s VPN obfuscation technology (also known as ‘stealth mode’.) It disguises OpenVPN traffic to help people get around firewalls (such as the Great Firewall of China). It does this by implementing obfsproxy. This makes VPN encryption less detectable by governments, ISPs, and businesses – by making it seem like normal HTTPS traffic.
Leaving GhostBear disabled doesn’t really make you less secure. However, it is an excellent extra feature for people that need to disguise their VPN use. Stealth mode also helps to stop ISP throttling in places where OpenVPN traffic is throttled.
In theory, GhostBear can slow down your internet traffic (during my tests it didn’t). For this reason, it is probably better only to use this feature if you actually need it. For everyone else, regular OpenVPN User Datagram Protocol (UDP) will provide the fastest speeds.
TunnelBear stores some minimal logs for a month. This is what TunnelBear says about having to comply with the authorities in Canada:
“In the event TunnelBear is required to comply with law enforcement where subpoenas, warrants or other legal documents have been provided, valid under Canadian jurisdiction, the extent of disclosure is limited to the Personal information you provided upon registration as well as overall number of connections, overall MBs used that month.”
On the other hand, “total data used” statistics could allow TunnelBear to pinpoint subscribers who are breaking its no P2P clause (but not very easily considering that people use VPNs to stream on Netflix nowadays). Either way, it is better to stick to not using TunnelBear for Torrenting (as it asks). Why? Because despite not keeping logs it could monitor traffic for P2P use in real time and then ban an account before it receives a DMCA notice. If torrenting is why you want a VPN, please head over to best VPNs for torrenting.
The highly minimal nature of what is kept by TunnelBear means that subscribers really never need to worry about what they use the VPN for. Even if served a warrant by the authorities TunnelBear VPN would have very little to hand over!
TunnelBear Terms of Service
Because TunnelBear VPN is based in Canada it is subject to some pretty invasive laws. This is far from ideal because Canada is part of the infamous Five Eyes Treaty. Canada has also been found to be snooping on citizens several times in recent years.
However, it worth bearing in mind that TunnelBear does pretty much wash its hands of any responsibility for a number of things in its Terms of Service:
As you can see TunnelBear absolves itself of responsibility for just about everything. In addition, TunnelBear clearly states that users can’t:
It also asks users to always abide by the laws of their own country and of the country that they tunnel into. All points that are definitely worth bearing in mind (especially because it is based in Canada).
What Encryption does TunnelBear Have
When it comes to encryption, TunnelBear provides access to two different VPN protocols. The Windows, Android, and Mac OS X clients all implement OpenVPN. iOS users get the choice of either Layer 2 Tunneling Protocol (L2TP)/Internet Protocol Security (IPsec) or Internet Key Exchange version 2 (IKEv2). As such, anybody wishing to connect via OpenVPN on iOS will need to do so using the third party OpenVPN Connect software (which is free).
Strong 256-bit Advanced Encryption Standard (AES) encryption with SHA256 authentication is used across the platforms, apart from iOS 8 and earlier (which is encrypted with 128-bit AES encryption and uses SHA-1 for data authentication).
All this information is available on TunnelBear’s blog, which is a fantastic level of transparency. Also positive: TunnelBear does not provide Point-to-Point Tunneling Protocol (PPTP) – an out of date form of VPN encryption that is now considered insecure
Logs & Legal
It is also worth noting that TunnelBear has released two Beta fixes for IP leak problems recently discovered. These improvements stop IPv6 leaks and IP leaks when network adaptors are reconfigured. The fixes will be rolled out in the Windows and Mac OSX clients in the coming months.
Anybody wishing to make use of these IP leak improvements can get the beta version from the TunnelBear website right now, everyone else is recommended to use the Vigilant Bear (Killswitch feature).
TunnelBear VPN has an amusing and well-crafted website that is easy to navigate. The homepage is sparsely populated and is filled with images – serving primarily as a menu to navigate users to other pages. This makes it easier and less confusing for non-techy VPN users who arrive at the website.
From the homepage, it is easy to navigate to other pages to find out more details about the VPN’s features. At the bottom of the front page, you will find tabs leading to “Download”, “Features”, “Pricing”, “Help”, “My Account”, and “About Us” pages. A menu in the top right of the website navigates users to “Download”, “Teams”, Pricing”, and “Login” pages.
The TunnelBear blog in a nice addition. Although not updated that frequently, it has the necessary information and explanations about both key aspects of VPNs in general and the service that TunnelBear provides. With that in mind, it is a useful resource for customers looking for information about the VPN.
TunnelBear has a dedicated Help page that can be found in the small menu at the bottom of any page. This resource consists of information regarding “Status Updates”, “Getting Started”, “Accounts & Payments”, “Browser Extension Help”, “Windows App Help”, “Mac OS X App Help”, “iOS App Help”, and “Android App Help”. These articles can be easily found using the page’s search button.
For anybody that can’t find an answer on TunnelBear’s help page, it is possible to contact TunnelBear directly. Sadly, the firm doesn’t have a live chat feature, so you will need to use the online contact form. Subscribers and non-subscribers can use this feature to ask questions about the service.
To test TunnelBear’s customer support, I sent their representatives a question about encryption on the platform to see if anything had been changed or improved since the last time I reviewed them last year. As was the case last time I received an email telling me to expect a response within 24 hours.
My response arrived within 24 hours, but I did have to ask for clarification on one point which wasn’t answered clearly. Despite this slight hitch, I found them to be very friendly and eager to help. What’s more, I did get the details I wanted in the second response. Not the best customer support in the world, but certainly not bad either.
Signing up to TunnelBear VPN is an easy process all round. To access the free version, users must enter an email address and password. Following that, the site automatically redirects users to the downloads page. At this point, users can select software for the platform they require. Subscribing to a paid plan will require additional payment via credit card or Bitcoin (PayPal is not supported anymore).
Once on the download page, simply download the TunnelBear client for the platform you need. The software downloads quickly and a setup wizard walks you through the process on installation without a hitch. Once installed, you can log in using your email and password.
After logging in, TunnelBear provides a quick walkthrough to explain the VPNs capabilities. Finally, it asks subscribers to check their inbox for an account confirmation email. As long as the account is verified, users can begin using the VPN software (free or paid).
The TunnelBear Windows VPN Client
The TunnelBear Windows VPN has been designed with great care. The client looks great and is fun to use: this is pretty rare. In keeping with its image, the software is filled with bear joes and amusing bear graphics. By default, TunnelBear connects to a random server situated close to you. If you require a specific location, then you will need to select it from the list of server locations and click connect.
In the upper left corner, users can access a drop-down menu where they can change the VPN’s Settings. In “General”, subscribers can elect to set TunnelBear to run when they start up their computer. In addition, they can ask the client to send them notifications about various things (disconnections, disruptions to service, and network status information).
In the Security tab, users can enable VigilantBear (the kill switch) and GhostBear (stealth mode) feature for bypassing firewalls. Using the kill switch is recommended at all times to stop data from leaking to your ISP: this guarantees your privacy. GhostBear is only necessary for people living in locations where VPN obfuscation is necessary (for getting around Firewall or bypassing ISP throttling). GhostBear is actually TunnelBear’s implementation of Obfsproxy.
Under Trusted Networks, users can add known networks and enable TunnelBear to connect to a VPN server every time they connect to an unknown network (perfect for people who use random public WiFi hotspots regularly).
Finally, the Account tab can be used to manage your subscription, request support using the ticket system, or to log out of TunnelBear VPN.
TunnelBear Performance (Speed,DNS, WebRTC, and IPv6 Tests)
This year, we tested TunnelBear using our purposefully setup VPN speed testing servers. For more information on how our new scientific speed tests work please check out our article here. The new speed test system, allows BestVPN.com to get much more accurate speed results than ever before, which are updated 3 times a day. This gives us a distinct advantage over all other VPN comparison websites.
Just like last year, we found Tunnelbear to be one of the fastest VPNs around (at the time of writing it is the fifth fastest VPN).
TunnelBear currently provides average download speeds of 28.2 Mbit/s and Max Speed/Burst Results of 118.1 Mbit/s.
As you can see, TunnelBear outperforms a number of popular VPN providers. Certainly, TunnelBear provides speeds that are plenty good enough for streaming video content in HD.
I didn’t find GhostBear (stealth mode via Obfsproxy) to slow down my speeds much more than the VPN without, though it is supposed to – so perhaps I got lucky.
I tested for IP leaks and DNS leaks using ipleak.net. The good news is that I didn’t detect any IP or Domain Name System (DNS) leaks while using TunnelBear. I also detect no Internet Protocol version 4 (IPv4), or Web Real-Time Communication (WebRTC) leaks either.
Unfortunately, I could not test for IPv6 leaks on my system because my ISP connection is incompatible. As far as I know, it is possible to get IPv6 leaks one some occasions. However, TunnelBear has new software updates (currently in Beta) to fix these issues. In addition, turning VigilantBear (killswitch) on successfully mitigates against these kinds of leaks.
As well as Windows, TunnelBear is available for Android, OS X, iOS, and Linux. The client is very similar on all of those platforms (apart from Linux – which will require the third party OpenVPN client). The iOS client provides L2TP/IPsec encryption instead of OpenVPN encryption, so if you require OpenVPN you will also need the third party OpenVPN connect software. All the clients provide ease of use and identical connection speeds. For details about each of the platforms, you can find a guide on their website.
TunnelBear also has a browser extension that is free to download and can be used with either Chrome or Opera (but not Firefox). The browser extension is a nice addition, but remember that it is a proxy service as opposed to a full VPN service (it only proxies data within the browser). The browser extension is multi-platform (works with Linux, Chrome OS, OS X, and Windows).
TunnelBear Review: Conclusion
Five simultaneous connections
Great customer support
Servers in over 20 countries
Strong encryption implementation
Zero logs policy
Optional GhostBear (stealth) feature
VigilantBear (killswitch) feature
Browser extension (Chrome & Opera)
Easy to use on all platforms (Linux now compatible)
Above average connection speeds
New updated client currently in Beta
I wasn’t so sure about:
Based in Canada
Limited support options
Doesn’t unblock Netflix US
Terms of Service section 8 “Disclaimer of Warranties”
TunnelBear is a lovely looking and easy to use VPN service that is ideal for beginners. The free plan permits users to get a taste of the service, though 500 Mb per month certainly won’t be enough to use the service for anything considerable (like streaming movies securely). The free version is useful for people living in conflict areas, or locations where heavy censorship is in place. It will allow them to access news websites and do other none data-intensive tasks in times of need.