Hotspot Shield is a popular VPN with enough cool and unusual features to help you stand out from the crowd. The basic service has a wide network of more than 1.800 servers in more than 80 countries and 115 cities. All servers are P2P compatible and built-in blocking of phishing and malware sites keeps you safe online. The company uses its proprietary Catapult Hydra protocol to deliver maximum performance and generally delivers great results. The downside is that it's not compatible with other software or operating systems, so you can use it mostly through Windows, Mac, Android, and iOS apps (there's no manual setup guide for Chromebooks, for example).
- AnchorFree Hotspot Shield subscription options:
- 36 month plan - €2.99 per month (€107.64 total cost)
Plans and prices
Today's Hotspot Shield pricing plan offers: The Hotspot Shield line starts with a very restrictive free plan: 2 Mbps speed limit, one location (US), and a daily data allowance of 500MB. It's useful for learning about apps, but it's pretty much everything. The paid VPN starts at €9.99 billed monthly, rising to €6.99 on the annual plan to protect up to five devices. The monthly price is fair, but the annual offer seems more expensive. Most providers charge €3-€5 per month for annual products, and some do even better (Private Internet Access charges €3.33 per month to protect up to ten devices). Also consider Bitdefender Premium VPN. It's almost featureless, but extremely easy to use, uses Hotspot Shield's fast network and Catapult Hydra protocol below, and costs a fraction of the price at just $2.50 per month for the first year, $4.17 when you renew. If you're happy with a simple service and don't care about anything other than speed and network, it might be worth a try.
Privacy
Understanding VPN security typically starts by looking at the details of authentication, encryption, and protocol support. It can be extremely complicated, but just seeing that a service supports a secure protocol like OpenVPN can give you reassuring feedback about its security. Hotspot Shield is more difficult to assess, because while it now supports the standard IKEv2 protocol, the service is primarily based on its proprietary Catapult Hydra technology. This is not as disturbing as it seems. The goal of Catapult Hydra is to improve performance, and the encryption side of the protocol uses pretty much the same standards as everyone else. For example, the Hotspot Shield website reports that Catapult Hydra is based on Transport Layer Security (TLS) 1.2, with AES-256 and AES-128 encryption, 2048-bit RSA certificates for server authentication, and keys exchanged over Elliptic Curve Diffie-Hellman. (ECDHE) for a seamless secret transfer (keys only last for one session, and new ones are generated the next time). Which, for you unencrypted geeks out there, is more than enough to keep you safe. One problem with proprietary technologies like Catapult Hydra is that there's no easy way to see what else is going on. OpenVPN is open source and any developer can look at the code, understand how it works, maybe find problems or suggest improvements, which is not possible here. However, that doesn't mean you have to accept Hotspot Shield's claims completely on confidence. The company notes that Catapult Hydra is used by "most of the large cybersecurity companies that offer VPN services from within their apps, such as McAfee, Bitdefender, Cheetah Mobile, and many more." In addition, "operators such as Telefónica and KDDI are also using Catapult Hydra to provide VPN services and Wi-Fi security to their customers." As a result, even though the code is not publicly available, that doesn't mean its functionality hasn't been reviewed. These corporate customers need to understand Catapult Hydra to successfully implement it themselves, and Hotspot Shield says the protocol has been ``reviewed by third-party security experts from more than 60% of the world's largest security companies who use our SDK to deliver VPN services to its users. ' Confidentiality is not just about low-level technicalities. The client application is also important, especially when it comes to blocking DNS and WebRTC leaks that could reveal your true identity. Fortunately, testing Hotspot Shield browser clients and attachments on IPLeak and DNSLeakTest revealed no problems, and the service protected us from spies at all times.
Recording
Hotspot Shield's privacy policy includes reassuring details about the company's logging practices: “Our VPN products do not record or log IP addresses, device IDs, or any other form of identification in combination with your VPN browsing activity. In a nutshell, this means that our VPN products do not store any information about what a specific user has browsed or accessed through a VPN connection. There is still a record, the policy explains, including:- 'the length of VPN sessions and the bandwidth consumed...'
`` which domains our users accessed, but anonymously, so we don't know which user accessed which domain (we also add this information roughly monthly)...''
Device hashes, used to identify devices and associate them with other data we collect... Device hashes are not related to VPN browsing activity.
'We collect and use fraud protection IP addresses in the context of financial transactions with us, derive non-identifiable pieces of information, such as your approximate geographic location and information about your Internet service provider or operator. "
This gives you some leeway to create a profile of how you use the service. For example, Company may keep a record of the time and date of each session, the device used, your approximate location, and the amount of data you transferred. Hotspot Shield makes it clear that none of this information can be used to link your account to VPN browsing activity, which is good to hear. But unlike some competitors, the company hasn't gone through any sort of privacy or public safety audit, so there's no confirmation of these privacy promises. We have yet to accept Hotspot Shield's words about trust.
