CyberGhost is a Romanian VPN service that takes great pride in the overall security level it currently provides to its users. The legal situation in Romania is very favorable for VPN companies despite their membership in the EU and bilateral cooperation arrangement with the US. Their Constitutional Court revoked several legal attempts at data retention, even when the EU sued the country for not implementing their directives, threatening a 30,000 EUR fine on a daily level.
We took upon ourselves to test the safety of the service and “filtered” CyberGhost through our standard battery of tests. Security is your number one concern when it comes to VPNs since its absence defeats the purpose of using one. Keep on reading to see how the company fared against our trials.
Logging Policy
CyberGhost claims a zero-logging policy, but this is not entirely true.
It does not record logs of any information that can identify you as an individual or put you in any sort of danger. This includes your login/logout times, IP address (not the one you get after login but your real address, the one you started with), assigned servers, telephone calls, chats, and any other form of online communication.
Having said that, the company does collect and store personal data such as your name, email, domicile address, and payment information. We are not big fans of this practice since your real name and address are not exactly required for the company to provide you with its service. However, the collected data is always stored in an anonymized manner, which means it can never be associated with your online traffic and sessions. In other words, there is no way to determine what you are doing while in the VPN tunnel since nobody can connect your traffic with your personal information.
The company also collects information needed to observe the average usage of its platform, such as how many times you logged in during the month. This is needed purely for statistical purposes and cannot endanger you in any way.
The service implements Bitcoin payments, which further increases your anonymity during the whole process.
Encryption
CyberGhost states that it uses military-grade encryption, which is just a fancy way of saying it implements AES-256 cipher. Extra connection settings include HTTPS redirect and automatic data compression.
They also use RSA-4096 and SHA-256 which replaced HDMAC MD5 as the option of choice. The company utilizes ECDH-4096 perfect forward secrecy, which generates a secret random key for every session, making your VPN connection much more difficult to compromise.
Note that CyberGhost no longer installs a root certificate on your system in order to block advertising and similar unwanted content, so this potential problem is no longer a threat.
P2P
Downloading torrents is allowed by CyberGhost, but only on some of its servers, which are particularly equipped to withstand the massive P2P traffic. However, US servers do not support this possibility.
The company currently offers more than 4,600 servers spread across 60+ countries.
DNS Leaks
Apart from offering a very sleek and smooth experience and pretty fast speeds, CyberGhost’s client comes with IP and DNS leak protection. It is worth noting that the client features an auto kill switch as well.
App Protection
CyberGhost comes with a very interesting feature called App Protection. VPNs usually protect your Internet connection in its entirety, but this feature allows you to protect only certain apps and choose a particular “connection profile.”