Using a VPN is a definite must, just make sure it’s not Private Internet Access

There may be many reasons for wanting to keep your traffic and browsing history private: in my case, it was the prospect of Comcast (where greed meets incompetence) of selling my browsing history; personal data; and private information to the highest bidder (or the first half-assed hacker who manages to break into their system) that spurred me into action.
I had initially signed up with SaferVPN, which worked well enough, but then failed to work in any reliable way while traveling to Europe this winter: as setting up a VPN is not a terribly sophisticated business (technically) I figured they just couldn’t be trusted any longer.
So, I signed up a few months back with Private Internet Access (no link by design — google’em up, if you will, but before signing up, please read further, then think twice).
They seemed competent enough, provided easy to install (if not particularly pleasing to the eye) clients for all platforms (including a point-and-click widget for Ubuntu — which really was a winner for me) and, to their credit, provided also reasonably easy-to-configure OpenVPN setup for my Asus router.
Alas, the way they deploy their infrastructure is such that the resulting geo-location of their egress servers’ IPs is completely upside down.
This has been an issue for many users for months, and they don’t seem to either be able or care enough to solve the problem.
As of right now, for example, if one tries connect to “UK, London” — this is what one gets from http://formyip.com/:
Your IP is 104.238.169.35
Your host is: 104–238–169–35.choopa.net
Your Country is: -
Same for “Italy:”
Your IP is 196.52.32.8
Your host is: ip-8–32–52–196.it.amsterdamresidential.com
Your Country is: SOUTH AFRICA
and this is “France”:
Your IP is 196.54.55.39
Your host is: ip-39–55–54–196.fr.amsterdamresidential.com
Your Country is: SOUTH AFRICA
(either their network is messed up, or the whole of Europe has been annexed to South Africa — I wish it were the latter, actually: they have great beaches and awesome windsurfing, I’m told!)
Having reached out to their customer support asking for clarification, and whether there was a workaround; or were they working on a fix; or what was going on… crickets, for three weeks — and then:
To explain, this difference between the server you connect to via our VPN versus how you actually appear is due to us making changes to our infrastructure.
followed by a “form” with a number of questions that (a) were largely irrelevant and (b) they could’ve figured out the answers to themselves, had someone in the Tech Support or QA bothered to do some trivial testing.
Now, that would be a fine explanation for something that goes on for a weekend; or, say, a week (I mean, really? this is all DNS and software changes rollout: longer than an hour and I’d say you don’t know what you’re doing…) — but this has been going on for at least two months, and probably longer!
Suffice to say that to set up a VPN termination in the UK (or wherever Amazon has a presence), using AWS and a CloudFormation template takes one less than 10 minutes and costs close to nothing.
In the end, making sure that one is on a VPN at all times is critical these days, especially on your laptop, and even more so if you connect to public, “open” WiFi networks, where all your traffic can (and will) be intercepted by hackers and you are also left open to “man-in-the-middle” attacks —geo-location may not be much of a concern in this case; however, if the additional motivation for you is to be able to shadow your presence in a particular country, then I would strongly argue against considering Private Internet Access as your provider.
(well, or even just if you care about good customer service, too!)
Update: while writing this up, this gem came from their tech support:
the information that you provided to me can often be caused by the ports the VPN is trying to connect over being restricted or blocked.
which I’m not sure whether to be angry about or just fall off the chair laughing: the guy then proceeds to tell me how to change the settings for the protocol/port connection — either he really has no idea what he’s talking about, or he’s just winding me up.
Dammit, I feel really stupid to have signed up for the yearly plan — I recommend you be smarter than me!