Security & Privacy
HideMyAss uses AES 256-bit encryption — the standard used by the US government to protect classified information — and OpenVPN DNS servers, which are owned by security behemoth Cisco. Testing on www.dnsleaktest.com confirmed that turning HideMyAss on — ahem — did hide our asses, with no DNS leaks:
There’s also a killswitch which shuts your connection down should the VPN get disconnected. While many other VPNs also have a killswitch, HideMyAss’s is unique because it allows you to specifically select which apps to kill and which apps to keep running, instead of shutting everything down indiscriminately.
When it comes to privacy, HideMyAss came under fire from Privacy International back in 2011 for releasing a user’s data to the FBI, albeit under a court order. Even today, their logging policy remains somewhat broad.
- a subnet of your IP address (though HideMyAss assert that the last octet is anonymised)
- the IP address the VPN assigns you
- a timestamp of each and every one of your sessions
- the amount of bandwidth you used during the session
This information is saved for up to 3 months.
“Privax does NOT store the originating IP addresses of our users when connected to our VPN service, and thus cannot identify users when provided the IP address of one of our servers.
We are also completely unable to disclose any information about the applications people use, the services they employ, or the websites they visit while using our VPN. We simply do NOT store this information.”
That said, the more privacy-minded individuals may still feel uncomfortable.