Psiphon VPN Review
Psiphon is a specialist open source tool for bypassing web censorship, dealing with everything from simple business network restrictions to the industrial-strength firewalls of repressive regimes.
This VPN service supports thousands of servers across twenty countries, and offers additional proxy and protocol options to maximize the chance of successfully accessing your chosen websites.
Is My Privacy Protected with Psiphon?
“Psiphon is designed to provide you with open access to online content. Psiphon does not increase your online privacy, and should not be considered or used as an online security tool.”
Psiphon is designed to provide you with open access to online content. Psiphon does not increase your online privacy, and should not be considered or used as an online security tool.
What user information does Psiphon collect?
From time to time Psiphon may have to record additional information in order to resolve a problem with our service. When this occurs, we will add an entry to the Privacy Bulletin describing what was recorded, how long it was kept, and why.
Psiphon Client Software
We use Google Analytics on some of our websites to collect information about usage. The information collected by Google Analytics will only be used for statistical analysis related to your browsing behavior on this specific website. The information we obtain from Google Analytics is not personally identifying, nor is it combined with information from other sources to create personally identifying information.
Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit the website, but this cookie cannot be used by anyone except Google, and the data collected cannot be altered or retrieved by services from other domains.
Storage Access Logging
We use Amazon S3 to store assets such as website files and Psiphon server discovery lists. We sometimes enable logging of downloads of these files. Analyzing these logs helps us to answer questions like “how many users are starting but not completing the download of the server discovery list?”, “how is the downloaded data split between website assets and server discovery?”, and “is an attacker making a denial-of-service attempt against our websites?”
S3 bucket access logs contain IP addresses, user agents, and timestamps. These logs are stored in S3 itself, so Amazon has access to these logs. (However, Amazon already serves the files, so they can already access this information.) Psiphon developers will download the logs, aggregate and analyze the data, and then delete the logs. Raw data will be kept only long enough to aggregate it and will not be shared with third parties.
How Much is Psiphon? Is There a Free Trial?
The Windows version of Psiphon is free. It is also possible to “sideload” the Android and iOS apps for free.
In countries which don’t ban it, you can also download Psiphon for your Android device from the Google Play Store. This, however, is where things start to get complicated…
The basic Psiphon app from the Play Store is the same as one you can download from the website, except that it displays some ads. Bandwidth in all free versions of Psiphon is limited to 2 Mbps.
There is also a Psiphon Pro app, which shows even more prominent ads. These can be removed, and the 2 Mbps speed limit increased, for a fee. A “maximum speed” subscription costs £4.99 for a seven-day pass, or £9.99 per month. A “high speed” subscription costs £4.99 per month.
The only place I can find these prices is in-app, so they may vary depending on region. Annoyingly for British users, apps sold for £9.99 in the UK often sell for $9.99 in the US. However, I don’t know if that is the case here.
All subscriptions come with a 30-day free trial. Just cancel via the Play Store before the trial is over and Psiphon won’t charge you.
The “maximum speed” plan increases your speed limit to 5 Mbps. I am not sure by how much “high speed” increases your speed.
Psiphon Speed Test
Our performance tests delivered some odd results. Most Psiphon locations were limited to download speeds of around 2Mbps, but a few gave us significantly more, with Singapore consistently reaching 8Mbps. We’re unsure whether that was a temporary issue or perhaps a flaw in our speed tests, but keep it in mind, if you test the service – the nearest location won’t necessarily be the fastest.
Although these speeds are far lower than you would expect from a decent VPN, real world testing showed they were adequate for basic browsing. We were also able to watch standard definition video clips without difficulty, and 720p movies were just about viewable, though with occasional pauses for buffering.
Psiphon’s unblocking abilities proved reasonable in our simple checks, with the service giving us access to BBC iPlayer and protected YouTube videos, but not Netflix.
Our final leak tests showed that Psiphon correctly allocated IP addresses in our chosen locations, and replaced our ISP’s DNS servers with a local equivalent.
• It is free to download and use
• The system is easy to set up and use
• Comes in many different languages
• Works with Windows and Android
• Number of Server Locations (countries) – 9
• Number of servers – 1000
• Number of IP Addresses – 1000
• Does VPN keep logs – Partially
• Includes Kill Switch – No
• Devices per license – 1
Is Psiphon Safe?
By default, Psiphon uses SSH in order to provide a secure connection to its servers. This is secure enough for bypassing the most forms of censorship. Organizations such as the NSA and CIA, however, are known to have tools that can decrypt SSH, allowing them to read the content of SSH sessions.
For VPN connections, Psiphon uses the L2TP/IPsec VPN protocol. Despite some largely theoretical issues, this is generally regarded as being secure. The Psiphon website does not explain which cipher or key length is used to secure data, but whatever is used will be fine for simply bypassing censorship.
The Psiphon website provides SHA1 cryptographic hashes for its Windows and sideloaded Android apps. This is a relatively weak form of data integrity compared to PGP digital signatures, but should provide some confidence that the files downloaded have not been tampered with.
Psiphon will automatically change your Windows Domain Name System (DNS) settings to point to a whitelist of vetted DNS servers. This should ensure that you do not suffer a DNS leak while using Psiphon.
Psiphon’s free service is slow, but worked reliably for me, and it could be worth keeping the client around as a backup service. The commercial Psiphon Pro product is fast but expensive, and most users will get better value from a standard VPN.