90 MACWORLD FEBRUARY 2020
WORKINGMAC REVIEW: OVPNSECURITY, SOFTWARE,
SERVERS, AND SPEED
OVPN starts with an OpenVPN
configuration. It uses AES-256-GCM for
data encryption, SHA1-HMAC for
authentication, and TLSv1.3 for the
handshake. What’s interesting about
OVPN isn’t so much the software, but what
its hardware is doing.
OVPN runs everything on its machines
in RAM. There are no hard drives or USB
sticks or any other kind of drives
connected to its servers. Everything,
including the OS, is running on RAM. The
company also made it
impossible to have
physical access to the
servers, with no way to
connect a keyboard and
no on-site console access.
As for privacy and trust,
the company is based in
Stockholm, Sweden, and
the company founder is
David Wibergh. OVPN’s
privacy policy says it
doesn’t log traffic,
timestamps, DNS requests,
IP addresses, MAC
addresses, or bandwidth. Those are the
privacy promises you want from a VPN
provider—and the promise to run
everything in RAM is the icing.
When you open OVPN on Mac, it offers
a fairly easy-to-understand interface. By
default it shows a drop-down list offering
to connect to the best-performing server
based on your location. Otherwise, you
can click on the menu and select from 12
countries. That’s a small selection, which
may not appeal to some, but companies
that own their own network tend to have
fewer choices. The country selection is
centered on North America and Europe,
with no options for other parts of the
world, though the company plans to add a
Singapore server soon. Once that
happens, OVPN will have 77 servers, total.
The OVPN app has four
tabs at the top including
Connection (the default),
Statistics, Support, and
Account. The Statistics tab
is interesting as it shows
your VPN usage for the
last hour and the last 24
hours. The Support tab
has a form you can fill out
for email support, and the
Account tab has nothing at
all to do with managing
your account, as you might
think. Instead this is where
the settings are. You can turn on or off
settings such as the internet kill switch,
DNSCrypt, IPv6, launch on boot, and so
on. There are also options to log out, and
to view the app’s on-device logs forOVPN with an active
connection.