CyberGhost VPN Review 2024: A Buggy App and Iffy Privacy Take Away From an Otherwise Decent VPN for Streaming


CyberGhost is a decent virtual private network for folks who like to watch international streaming content from across the globe. The well-established Romainia-based VPN provider is also a good choice for anyone who needs servers in many unique international locations — whether you’re living in or traveling to a region that isn’t typically included in VPN server location lists.

Hand holding a remote pointing to a tv screen with tiled streaming service icons overlaid with a VPN shield graphic. Hand holding a remote pointing to a tv screen with tiled streaming service icons overlaid with a VPN shield graphic.

Viva Tung/CNET

I thoroughly tested CyberGhost’s VPN over the course of several weeks in June 2024. While getting hands-on, I evaluated the performance of its apps on various devices, ran more than 250 speed tests, assessed its overall value and examined what it does to protect user privacy. I constantly communicated with CyberGhost representatives throughout the process via email and videoconferencing.

Overall, I found that CyberGhost is excellent for streaming and can be a decent VPN for casual users. But the apps were far too buggy for my liking, and the company seems to engage in a few questionable practices that don’t necessarily serve the interest of user privacy. Though there are some things to like about CyberGhost, it’s not a VPN that I would recommend for privacy-conscious users, and it ultimately falls short of cracking CNET’s list of the best VPNs at this time. Read on for my full take on my experience with CyberGhost VPN.

Speed: Huge server network with OK speeds

  • 30% speed loss in June 2024 tests
  • Number of servers: 11,500-plus
  • Number of countries: 100

Considering that many VPNs can cut your internet speeds by 50% or more, the 30% average speed loss I registered with CyberGhost is comparatively speedy. However, given that NordVPN (the fastest VPN in our latest tests) registered a mere 11% speed loss, CyberGhost’s 30% speed loss is rather sluggish. In addition to NordVPN, other top VPNs have demonstrated better speed results than CyberGhost, including Mullvad’s 13.5% speed loss, Surfshark’s 17%, Proton VPN’s 21% and ExpressVPN’s 25%. 

I tested CyberGhost’s speeds on Windows using WireGuard and OpenVPN. On MacOS, I used  WireGuard and IKEv2 because OpenVPN is not available for CyberGhost’s MacOS client. As expected, I measured the fastest speeds on MacOS through WireGuard, where I calculated an impressive 13.4% speed loss. However, each of the other OS/protocol combinations hovered around 32% to 38% speed loss.

MacOS WireGuard speeds were snappy, humming along at above 340Mbps to CyberGhost servers in NY, the UK and Europe on my 370Mbps internet connection. However, speeds were a bit shaky to Singapore, where they fluctuated between 85Mbps and 315 Mbps — which is to be expected — but I’ve seen much better speeds to distant locations from other providers, including Mullvad, which consistently achieved plus-300Mbps speeds to both Singapore and Australia. When testing speeds through the IKEv2 protocol on Mac, speeds to Singapore were horrendous at less than 1Mbps, which was the main contributor to the mediocre 38.6% speed loss through IKEv2. 

Windows speeds were uneven, dipping to around 100Mbps and jumping to more than 350Mbps from one test to another in several locations on both OpenVPN and WireGuard. That said, I found CyberGhost’s speeds to be mostly capable and fast enough for almost anything you’d want to do online, even data-heavy activities like streaming, gaming or torrenting. 

Speeds will generally be faster to VPN servers closer to your physical location because the data you’re sending and receiving travels a shorter distance than when you’re connecting to a VPN server halfway across the world. In my testing, that mostly held true for CyberGhost, with speeds being consistently fast to servers relatively near my testing location in Ohio. CyberGhost delivered impressive speeds to New York and even across the ocean to the UK and Europe. My speed readings tapered off more significantly when I connected to distant servers in Singapore and Australia.

I’m impressed with CyberGhost’s massive network of servers that cover nearly every corner of the globe. This can ensure more people around the world get access to fast and stable VPN connections through CyberGhost. It can also deliver fast speeds wherever you may be traveling. In addition to servers in the usual locations like the US, UK, Australia and Japan, CyberGhost boasts the most diverse set of server locations I’ve seen in a VPN. A few of the uncommon locations you won’t find with most VPNs but that CyberGhost offers include Andorra, the Bahamas, Bangladesh, Cambodia, China, Kenya, Laos, Liechtenstein, Macao, Malaysia, Moldova, Mongolia, Myanmar, Nepal, Qatar and Sri Lanka. This makes CyberGhost a solid choice for people living in or around these regions or anyone traveling to these locations.

Key takeaway: CyberGhost’s speeds are average but not exceptional. However, there’s a lot to like about its humungous offering of servers, especially in such a unique set of locales. 

Cost: Buggy apps and limited features drag down CyberGhost’s overall value

  • $13 per month, $42 every six months, $57 for the first two years (then $57 annually)
  • Money-back guarantee: 14 days on the monthly plan and 45 days on two-year and biannual plans
  • Payment options: Credit card, PayPal, Google Pay, Amazon Pay, Bitcoin
  • Apps available for Windows, MacOS, Linux (CLI), iOS/iPadOS, Android, Fire TV, Android TV
  • Seven simultaneous connections

CyberGhost sits right in the middle of its two sister VPNs ExpressVPN and PIA (parent company Kape Technologies PLC owns all three VPNs) when it comes to price. But in terms of overall value, CyberGhost is far behind. 

CyberGhost’s monthly subscription plan costs $13 per month, which is on par with others like ExpressVPN and NordVPN but more expensive than more budget-friendly options like Proton VPN ($11), PIA ($12) and Mullvad ($5). If you want a longer-term subscription, CyberGhost offers two options: A biannual plan at $42 every six months or a two-year plan that costs $57 for the first 28 months, then renews annually at $57. 

If you go with the biannual plan, you’ll pay more for half a year with CyberGhost than for a full year for PIA. And if you renew your biannual subscription with CyberGhost, you’ll pay more for one year of CyberGhost than you would for three years of PIA. If you choose the two-year plan, the $57 you’ll pay annually after the initial 28-month term is about what you’d pay for a year of Surfshark or a year of Mullvad, but considerably less than the $100 you’d pay for NordVPN or ExpressVPN.

However, the difference between CyberGhost and any of the other VPNs mentioned above is that the others are all well worth their price. 

CyberGhost is a no-frills VPN

If you’re looking for tons of features or unique privacy tools, you won’t find them with CyberGhost. The “Advanced Features” listed in the MacOS app include the adblocker and the Wi-Fi protection settings, which are standard settings offered by many VPNs. CyberGhost’s Windows app provides the most options for customizing your experience, but nothing that sets it apart from the pack. 

The Windows app offers quick access to servers optimized for gaming, torrenting and streaming, as well as CyberGhost’s fleet of NoSpy servers — which are wholly owned and operated by CyberGhost and therefore offer “better speeds and stronger security” according to the company. Confusingly, the NoSpy servers are only accessible on CyberGhost’s other apps if you search for Romania in the server search bar and tap on the arrow to display the list of servers in Romania. The NoSpy servers are only accessible to users who purchase the six-month or two-year plans.    

Overall, I was thoroughly disappointed in GyberGhost’s meager feature set and its shaky app performance — especially considering how smoothly other VPN apps like NordVPN, ExpressVPN and Surfshark perform across platforms. The others are a breeze to use, but I couldn’t wait to get CyberGhost off my devices.  

CyperGhost’s streaming capabilities are impressive but…

CyberGhost conveniently offers servers optimized for streaming that are easily accessible in the app via the sidebar. A few other VPNs, like PIA, have servers optimized for streaming, but I like how CyberGhost’s servers are optimized for specific streaming platforms across the globe and how vast the international streaming selection is. CyberGhost has servers optimized for various countries’ Netflix and Disney Plus libraries, Paramount Plus, Peacock, RTVE in Spain, Now TV and BBC iPlayer in the UK, DRTV in Denmark, TV4Play in Sweden and C MORE in Finland — just to name a few. In all, there are more than 100 servers optimized for various international streaming platforms, which is impressive and great for anyone looking to access a literal world of streaming options. 

During my testing, I was able to access content from various regional Netflix libraries and watch titles like Dexter, Breaking Bad and Your Honor. I also watched Schitt’s Creek and The Old Man on Hulu, Fallout and Spongebob Squarepants on Amazon Prime Video and Aladdin on Disney Plus. Although CyberGhost doesn’t have servers optimized for Apple TV Plus, I was still able to access content on the platform and stream The Reluctant Traveler with Eugene Levy and a documentary on dads, appropriately titled… Dads.

Streaming with CyberGhost was a breeze on a laptop, mobile device and Amazon’s Fire TV Stick. Although CyberGhost boasts on its website that it’s the best Apple TV VPN, it still doesn’t have an actual app for Apple TV devices. To be fair, VPN support on Apple TV is still in its relative infancy, and not every VPN has an app for the device yet. However, many of the big players like ExpressVPN, NordVPN, Surfshark and PIA have had an app for Apple TV for some time now. A CyberGhost representative told me via email that the VPN should have an Apple TV app sometime in the second half of this year — which should make CyberGhost an even more attractive VPN for streaming.

…its apps are a mess

The apps look cool, but they’re buggy and a pain to use. After extensively testing CyberGhost for several weeks, it was evident how superior all of CNET’s best VPN picks are to CyberGhost’s offering. The app bugginess is perhaps most apparent on the MacOS app, which consistently takes over a minute to launch after clicking the icon in the dock to open the app. I’ve been critical about Surfshak’s app taking some time to connect, but CyberGhost is on another level. The app seems to take forever to connect to a server, and sometimes stalls completely. And when the client stalls, the internet connection on my Mac is totally severed, even after I quit the app. It’s only after I reboot my system that I can regain my internet connection on that machine. As an Apple user, I’m used to a slick, responsive and intuitive interface — CyberGhost’s MacOS app is the opposite, making for an incredibly frustrating experience. 

CyberGhost’s Windows app wasn’t much better. It was marginally more responsive than the MacOS app, but connection times were still sluggish and I encountered a rather bothersome bug while attempting to use the OpenVPN protocol. The Windows app connected just fine when I had set the client to connect via OpenVPN, but when I went to use the internet, I was blocked from accessing any website I tried to visit. I tried multiple servers with the same result. It was only after I disabled the kill switch (a crucial privacy feature) that I could access the internet through OpenVPN on CyberGhost’s Windows app. Every time I clicked on the Send Feedback button to gather connection logs to send to CyberGhost engineers to diagnose the issue, the app completely crashed. I was eventually able to access the internet using OpenVPN on Windows with the kill switch on when I enabled the “Use new OpenVPN network driver” beta feature. CyberGhost told me that engineers are rolling out an update to the Windows app that should resolve the issue by enabling the WinTUN adapter by default.      

During my testing, CyberGhost’s iOS app was the only app that was halfway somewhat OK to use. It’s the only app I had no explicit issue with. CyberGhost’s iOS app routinely connected swiftly and was easy to navigate. Servers were easy to locate, and selecting between standard servers and streaming-optimized servers was convenient. However, other than that, the app is mostly devoid of feature settings. You can pick between WireGuard and IKEv2 protocols and choose whether the app automatically connects or disconnects to secure Wi-Fi or public Wi-Fi, but that’s essentially it.     

Minutes after installing and beginning to use CyberGhost’s Android client, the app became unresponsive, and I couldn’t connect to any server I tried, regardless of which protocol I selected. I had to uninstall and reinstall the app to get it working properly again — not the end of the world, but quite unsatisfactory nevertheless from a user’s perspective. Once I reinstalled the Android app, I was able to give the app a proper evaluation. Like its iOS counterpart, CyberGhost’s Android app connects quickly (when it’s working) and is simple to navigate. It also has the same Wi-Fi protection feature and a protocol selection feature (WireGuard and OpenVPN), but it has a couple of extras that aren’t included in the iOS app. CyberGhost’s Android app has a split tunneling feature alongside an ad, tracker and malware blocker — both of which worked as expected during my testing. 

Key takeaway: CyberGhost’s streaming performance is its biggest strength and one of the few bright spots with the service. Unfortunately, it doesn’t quite make up for the failings of its apps. For a similar price or less than you’d pay for CyberGhost, you can get far superior performance on basically every front and a fuller feature set with any of the VPNs on CNET’s list of the best VPNs. CyberGhost offers a 45-day money-back guarantee, which is more generous than what most other providers offer. But, honestly, you might not need the full 45 days to figure out whether CyberGhost is right for you.  

Privacy and security: CyberGhost’s transparency efforts are admirable, but its privacy policy is questionable

  • Jurisdiction: Romania
  • Encryption: AES 256-bit (OpenVPN), AES 128-bit (IKEv2), ChaCha20 (WireGuard)
  • Protocols available: OpenVPN, WireGuard, IKEv2
  • Latest tests: No leaks detected

CyberGhost does a lot of things right when it comes to privacy, security and transparency. It also does a few things that have left me perplexed. Like most VPNs articulate in one way or another, CyberGhost says that it is “hyper-paranoid” about your privacy, but I don’t always see that ethos play out in practice. 

CyberGhost has privacy-friendly jurisdiction, but its privacy policy may negate that

While I like that CyberGhost is headquartered in Romania (a privacy-friendly jurisdiction and outside the 14-Eyes), the company’s privacy policy states that it may communicate personal data “to a member of our group of companies (this means our subsidiaries, our ultimate holding company, KAPE TECHNOLOGIES PLC, and all its subsidiaries, in so far as they are located in the EU or another jurisdiction offering equivalent data protection standards).” The privacy policy identifies personal data as things like your name, address, e-mail address, username and payment information, as well as your IP address and approximate location when visiting the website. Kape Technologies is a UK-based entity that owns other VPNs ExpressVPN and PIA, along with Intego Antivirus. Kape also owns Webselenese, which runs a portfolio of comparison/review sites, including vpnMentor and Wizcase. (Incidentally, both vpnMentor and Wizcase rank Kape-owned providers ExpressVPN, CyberGhost and PIA as their top three VPN picks — in that order.)

“Personal information in this sense refers to data necessary for account administration and other similar areas. Occasionally there are cross-brand projects to ensure better and more secure operation of our systems. These projects could, for example, take website usage information to check user interest in particular functions to then inform the resource we dedicate to improving said function,” a CyberGhost representative told me via email. “… none of this data is associated with VPN use which is not logged or stored on our RAM-only servers. No data is linked to user activity.”

Obviously, if CyberGhost is logging or sharing data related to user activity in the VPN tunnel with anyone, that would be a massive problem. But sharing personal data associated with account administration and website usage can still be a deal-breaker for users concerned about their privacy. CyberGhost states that it can share your personal data with any of these companies — some of which are located within 14-Eyes jurisdictions (PIA and Intego in the US and Kape in the UK). That essentially makes CyberGhost’s Romanian jurisdiction moot. 

This stands in stark contrast to CyberGhost’s sister company ExpressVPN’s privacy policy, which clearly states that “Any personal information associated with ExpressVPN accounts is controlled only by ExpressVPN, including being stored on systems, servers, and services owned or leased by ExpressVPN and its subsidiaries.” The policy goes on to clarify that “In the limited circumstances where this data may need to be processed by other related entities, it may be shared only when required, and for the duration required, for processing solely related to the purposes and legitimate interests outlined in this Privacy Policy, while ensuring at all times the same data protection standards. For avoidance of doubt, these circumstances do not include any situations where control of personal information of ExpressVPN users will be transferred to any other related entities, including but not limited to our ultimate holding company, Kape Technologies PLC, for any duration of time.” ExpressVPN’s privacy policy also makes it clear that the company operates under the jurisdiction of the British Virgin Islands and in accordance with BVI law. CyberGhost’s privacy policy, on the other hand, states only that the company is registered in Romania.

CyberGhost uses industry-standard encryption, has a no-logs policy, undergoes third-party audits and publishes detailed transparency reports

CyberGhost uses industry-standard AES 256-bit encryption to secure OpenVPN connections, AES 128-bit encryption for IKEv2 connections and ChaCha20 for WireGuard. Its entire server infrastructure runs on RAM-only, so data is theoretically never saved to a hard disk and is wiped each time the server is rebooted. This adds peace of mind that the company wouldn’t be able to provide user data to authorities if requested because the data simply doesn’t exist. To be clear, this means data that may pass through a VPN server, not the personal data that CyberGhost shares with its parent and sister companies.

CyberGhost’s no-logs policy states that “we ensure that we do NOT track user traffic performed inside the CyberGhost VPN tunnel such as: browsing history, traffic destination, search preferences, data content, IP addresses or DNS queries.” A no-logging policy is an important trust signal for any VPN provider to communicate to its users. However, it’s crucial to keep in mind that no-logs claims are impossible to verify with 100% certainty. External audits and real-world legal cases can help add credence to a VPN’s no-logs policies, but they can still only go so far because they can only shed light on the VPN’s logging practices during the course of the audit or at the time of the legal case. 

CyberGhost has thus far completed two external audits: One in 2022 and another earlier this year in January, 2024. Both audits were completed by Deloitte and confirmed that CyberGhost was not logging user activity during each audit. Anyone can request a PDF copy of the full 2022 audit report directly from Deloitte by filling out a contact form, but the 2024 audit report is only available to CyberGhost users and can be downloaded from the user dashboard online. “Because of the extensive nature of the audit and the scope of Deloitte services, excerpts from the report cannot be shared directly,” CyberGhost says. “This measure ensures the audit results are not taken out of context or misunderstood.” This is essentially the same language that NordVPN uses in its blog post about its most recent Deloitte audit, but other VPNs like Surfshark have at least shared a summary of their audit reports with the public. 

CyberGhost told me via email that its 2024 Deloitte audit was “​​the final deliverable on CyberGhost’s current agreement with Deloitte,” but that the company is committed to delivering audit reports on a regular basis going forward. Ideally, I’d like to see audit reports on an annual basis, but if CyberGhost is able to commit to an audit every two years, that’s still better than what most VPNs deliver. Audits can be expensive and time-consuming, but regular audts are crucial because they can provide consistent validation that the VPN provider is most likely doing what it says it’s doing, even if the auditing company can only confirm what’s going on over the course of the audit itself. 

In addition to external audits, some VPNs deliver transparency reports that detail the number and nature of the legal requests they receive and how they responded to the requests during a given time period. Transparency reports are important in building trust with the public that the VPN doesn’t have any useful data that it can share in response to the legal requests it gets. CyberGhost is a pioneer in transparency reports — in 2011, it was the first VPN provider to issue a transparency report, publishing them annually until 2019, when the provider began issuing quarterly transparency reports. CyberGhost goes above and beyond, delivering by far the most detailed and in-depth transparency reports in the VPN industry. Each quarterly report is nicely laid out and filled with informative graphics and tons of information not only about legal requests but also about its server infrastructure and what the company has been working on. 

Overall, I’m very impressed with CyberGhost’s commitment to transparency through its audits and its impressive transparency reports.

CyberGhost was free from DNS leaks

I didn’t observe any DNS leaks with CyberGhost during my testing, but I did notice that my actual IP address and location were exposed on both MacOS and Windows when jumping from one server directly to another. This occurred even though the MacOS app has a built-in kill switch, and I enabled the kill switch on the Windows app. The MacOS app even displayed a popup stating that the client activated the kill switch to protect my privacy, but my true IP address was nevertheless exposed. This is dangerous because your IP address, location and online activity can be exposed if your VPN disconnects even for a second. On top of that, when the VPN specifically tells you that its kill switch is protecting your privacy when it’s really not, you’re given a false sense of security. CyberGhost representatives told me that this isn’t expected behavior and that the team is researching a long-term solution. As a quick fix in the meantime, CyberGhost rolled out an update to the Windows and MacOS apps that includes a warning notification when a user moves between servers.

Some of CyberGhost’s tactics could be more privacy-friendly

Aside from the concerning kill switch bugs that can put user privacy at risk, CyberGhost engages in some questionable tactics that I’d classify as borderline privacy-unfriendly (and not representative of the provider’s claim that it’s “hyper-paranoid” about user privacy). 

For one, CyberGhost has claims of “anonymity” peppered throughout its website and in its app onboarding process. The problem with this is that complete anonymity online is a myth. But CyberGhost perpetuates the myth anyway, telling visitors to one particular page that they can “Go completely anonymous and surf the internet without privacy worries.” Another boldly proclaims that users can “Enjoy complete anonymity & protection online!” after setting up CyberGhost VPN. Telling folks that your VPN will make them anonymous online is almost reckless because it’s another way to lead users into a false sense of security. VPNs provide online privacy, not anonymity — a VPN provider as established as CyberGhost should know that. 

Another thing that had me scratching my head is how CyberGhost attempts to almost trick users into sharing diagnostic data with the company during app onboarding. As you’re getting started with the app and before you can actually begin using the VPN, you’ll have to get past a screen with a heading boldly stating that “Your privacy is our goal.” Beneath that, you’re hit with a wall of text that begins with a lot of meaningless fluff about CyberGhost being your ally in the fight for your privacy — stuff that most people probably won’t read in its entirety. Further down towards the end of the text (if you bother to read that far down), you’ll find out what the page actually wants you to agree to — sending CyberGhost more of your data. 

cyberghost-diagnostic-data-request.jpg cyberghost-diagnostic-data-request.jpg

CyberGhost’s tricky attempt to collect additional data

Screenshot by CNET

It’s set up almost like a terms of service agreement where you just instinctively click on “Agree” without reading the text. The page features a prominent “Agree & continue” button highlighted in bright yellow at the bottom. The “I want to opt-out” option is far less conspicuous, not highlighted, in smaller text and wedged down at the very bottom of the screen. Tactics like these are called dark patterns, which are tricky user interface — UI — designs intended to steer users to take actions that are often not in their best interest. When you click on “Agree & continue,” you’ll send CyberGhost data, including your operating system and version, device type and whether you’re a free or paid user. The text on the page says that the data can’t be traced to you and is used for troubleshooting and to scale the VPN’s infrastructure. Even if the data isn’t linked to you, it’s still additional data that you’re sending to CyberGhost — so for more privacy-minded folks or those concerned with their data being re-identified, it’s better to opt out and provide as little data as humanly possible.

VPNs gathering anonymized data to improve their services can ultimately be helpful to the end user, but there are ways to go about it that don’t involve using dark patterns like CyberGhost does. A VPN that truly cares about your privacy will have the option disabled by default and operate strictly on an opt-in basis.

Key takeaway: I like CyberGhost’s transparency efforts, but I don’t buy that it’s “hyper-paranoid” about your privacy.

CyberGhost does some things right, but I wouldn’t recommend it for privacy-critical users

If you’re a streaming enthusiast or need servers in tons of different locations, CyberGhost is a decent choice. Unfortunately, that’s about the extent of it. I really wanted to like CyberGhost, but it was just too riddled with bugs (some merely annoying, others dangerous) and I was disappointed that the company engages in some questionable data sharing practices. 

I liked how I could access every streaming service I tried on various devices, including Amazon’s Fire TV Stick on my TV. I’m also looking forward to trying CyberGhost’s Apple TV app once it is released later this year. Even with its relatively middling speeds, streaming was a breeze with CyberGhost. I was really impressed with CyberGhost’s vast server network, which boasts the most diverse set of global servers I’ve seen in a VPN. 

However, I just couldn’t get past how buggy the app was — sometimes to the point of being essentially unusable. Hopefully, the team will be able to iron out those bugs and make using the app a smooth experience. While I appreciate CyberGhost’s commitment to transparency, I’d really like to see it make some adjustments in favor of user privacy going forward. As it stands, I cannot in good conscience recommend CyberGhost to anyone with heightened online privacy needs.





Source link

Previous articleFlintlock: The Siege of Dawn FAQ — Everything you need to know
Next articleIs Germany done transferring their Bitcoin? 

RELATED ARTICLESMORE FROM AUTHOR