Hi mobitar. Thanks for the highest score in regard to the objective measures. Regarding the subjective impression and experience, I'd like to let you know what's going on. If you feel that this changes your impression, it would be great to update accordingly!
The HTTP connection upon startup is for the region data request which is signed and verified upon receipt. It's tamper proof, but you can read it. It's something that anyone with the client can read, and the client is free to download.
Arguably, it's more secure to entrust the communication from PIA to the client software itself than to blindly entrust it to HTTPS which has provably been compromised due to bad actors in the past.
We're in #privateinternetaccess on irc.freenode.net to discuss anytime as well!
Thanks for everything mobitar and for taking the time to produce this report.
Sorry mobitar, I forgot to address the pings. This is to find the best (closest by network latency) path to you. We're really focused on providing the best possible experience, and that experience is simply providing what we do best, in the most unobtrusive way possible.
And to that extent, when it comes to your privacy and fighting for your internet civil liberties, we'll be second to none.
I've seen PIA being very active and friendly, along with supporting FOSS which I love, so I say good work.
That said, a question: is there a way for a power user to control this startup ping mechanism in favor of using a single server they have selected as the best? The only reason I see to not do this would be if your IP ranges are volatile time-wise for some reason. Or perhaps I'm missing another factor?
If you're using the app, I know you can choose a server instead of "Auto". Not sure if it does the pings.
You can bypass the app. I've identified some servers that work good and are close to me and just use a separate app with the profiles/configuration I need. (You can use the built in VPN on your OS or use the OpenVPN app directly for example if you want).
Hi Andrew! I've used PIA for a few years now. I'm very happy with it.
There's just one thing that's kind of a deal breaker. I recently switched to Mac and the Mac PIA Client is quite far behind the Windows, Android and iOS versions.
I'll list all my issues together here:
Major issues
- slow to start
- slow to connect (often tries forever). This is my biggest issue. On other platforms (or connecting directly with the built in Mac vpn function) it takes like 2-3 seconds. With the Mac client it takes many times longer. There's also no feedback about what stage the connection is in, unlike on every other OS.
- doesn't reconnect if network changes, so internet just stops working
Minor issues
- can't see pings for servers
- not as sexy as Windows client
I switched to using the built in Mac VPN feature to connect which is much faster, but occasionally stops working altogether for 20-30 minutes. So right now I don't have a good reliable VPN solution.
Can you please fix the mac client so that when I wake up my macbook after couple days of sleep I don't have HUNDREDS of "disconnected" messages from PIA to dismiss? I understand it connects and then disconnects every time the computer wakes up briefly during sleep, but the onslaught of notifications is.....A lot.
The HTTP connection upon startup is for the region data request which is signed and verified upon receipt. It's tamper proof, but you can read it. It's something that anyone with the client can read, and the client is free to download.
Arguably, it's more secure to entrust the communication from PIA to the client software itself than to blindly entrust it to HTTPS which has provably been compromised due to bad actors in the past.
We're in #privateinternetaccess on irc.freenode.net to discuss anytime as well!
Thanks for everything mobitar and for taking the time to produce this report.