The Romanian Virtual Private Network (VPN) CyberGhost has developed a reputation as one of the best budget VPNs around. Capable of unblocking popular streaming sites like Netflix, easy to use, and possessing a huge array of 5,700+ servers, CyberGhost certainly ticks plenty of boxes for VPN users. However, is CyberGhost safe?
After all, the major reason to use VPNs in the first place is to ensure privacy on the internet. And if VPNs can’t guarantee a decent level of security and privacy, they can’t claim to be worth much. As we’ll see, CyberGhost gets some things right here, but there appears to be room for improvement.
Introduction – Understanding CyberGhost’s security features
Before we get into issues like CyberGhost logs, it’s useful to summarize some of the standout security features that come with the VPN. So here’s a brief run down of what you’ll get:
- 256-bit AES encryption
The gold standard for encryption among VPNs, so there’s nothing to worry about here.
- OpenVPN is supported
Not all VPNs offer support for the OpenVPN protocol. But as this protocol is thought to be much more secure than alternatives like IPSec, this is a welcome addition from CyberGhost.
CyberGhost is based in Romania, which isn’t in the Fourteen Eyes extended surveillance network, making it less likely that American copyright holders or government snoopers will gain access to their network.
- Automatic network kill switch
The CyberGhost kill switch is an essential security feature, which cuts off your web connection if VPN coverage drops. It can’t be toggled.
- Excellent performance on DNS/IP leaks
IP and DNS leakage are key security glitches that afflict poor-quality VPNs. Thankfully, this isn’t an issue with CyberGhost (although that hasn’t always been the case).
- Works well with Tor
Tor (The Onion Router) allows users to add another layer of protection on top of their VPN by routing traffic through the Tor network. Not all VPNs work with Tor, but CyberGhost definitely does. Another big plus.
- Cryptocurrency payments are accepted
Cryptocurrencies like Bitcoin are a good way to pay for VPN coverage anonymously. Thankfully, CyberGhost provides easy Bitcoin payments via the BitPay portal.
What about privacy? Does CyberGhost keep logs?
All of the above features are excellent additions to the CyberGhost package, and they are what you would expect from a privacy-conscious VPN. But as any VPN veteran will confirm, they mean very little if the Virtual Private Network routinely logs user activity (and believe us, many do).
So what is the story with CyberGhost logs?
Officially, CyberGhost has one of the most strident anti-logging stances of any VPN
Officially, CyberGhost has one of the most strident anti-logging stances of any VPN. For example, they go out of their way to state that they “DO NOT LOG”:
- Real IP addresses
- Assigned servers (that you log onto via their network)
- The times you log in or log out
- Traffic data
- Any conversations carried out over the CyberGhost network
Moreover, they don’t “merge” data such as payment details (which could be used to identify your activity on the VPN, or leak to cybercriminals). Most importantly, they state very clearly that “it’s not possible to record which account logged into which server at what time or to connect a real person to a certain CyberGhost VPN account.”
So, on the face of things, the answer to does CyberGhost keep logs is a definite “no.” And that’s extremely reassuring, but is it the end of the story?
Have there been concerns about CyberGhost’s privacy practices in the past?
We’re not the first to ask the question, “is CyberGhost safe?” The VPN has been active for 8 years, and during that time several issues have arisen which cast some doubt on the current CyberGhost logs policy.
In 2016, researchers found that the CyberGhost VPN had installed a “root certificate” on Android and desktop versions. This would, in theory, grant the VPN privileged access to users’ traffic. It could even be used to stage Man-in-the-Middle style attacks. And root certificates are not routine among VPNs.
Some Redditors have also documented instances where CyberGhost had injected advertising cookies into their VPN. That’s not exactly the behavior you’d hope for from a trustworthy premium VPN.
Finally, and perhaps most crucially, CyberGhost is open about its willingness to hand over data to authorities
Now that’s not the same as saying, “We will let the FBI know everything you do when you connect to CyberGhost’s VPN,” but it’s another red flag.
But here’s the thing: when you add these issues together, they cast doubt on the CyberGhost logs question. Does CyberGhost collect too much?
CyberGhost: a popular, affordable VPN with some privacy flaws
CyberGhost gets a lot right when it comes to security. Their encryption is top-notch, they are happy for customers to pay in crypto-currencies, and they offer a kill switch and DNS leak protection.
We would say there are enough positives about CyberGhost to give it some consideration. All VPNs have some security and privacy weak spots. It’s just a question of trying them out, contacting their customer support, and making a judgment. So it’s worth sampling the CyberGhost 24-hour trial. It could still be the VPN for you.