Best VPN Providers for Sudan

Looking for a VPN that will keep you safe in Sudan? We’ve used exacting criteria to pull up for contenders that have the features you need to keep you safe.

First, though:

Why do people want a VPN in Sudan?

If you already know all about what’s happening in Sudan and you just want to see which VPN to get, you can skip all this and go straight to the guide.

Top Rated VPNS Guaranteed to work in Sudan

Provider
Features
Price
Website

"A speedy VPN that's very easy to use and covers basic privacy needs well enough"

  • Excellent available variety of servers
  • Servers are fast and secure
  • Offers six connections
$11.95 $3.99 per month
Save 66%
  • Powerful obfuscation via Chameleon protocol
  • 24/7 Live Support
  • Netflix unblocking
$6.67 $5.00 per month
Save 25%
  • 256-bit AES Encryption
  • Blazing Fast Connection Speed
  • No Logs
$12.95 $8.32 per month
Save 35%

Sudan is an authoritarian state with strict censorship laws. The Sudanese Press and Printed Press Materials Law of 2004 placed strict restrictions on the freedom of the printed press, and an update in 2016 extended those restrictions to digital journalism too.

Entire print runs of newspapers are seized by the authorities: it happened to Al-Jazeera 13 times in 2018. Amnesty International says, ‘Since the beginning of 2018 the Government of Sudan, through its security machinery, has been unrelenting in its crackdown on press freedom by attacking journalists and media organizations.’

Journalists are arrested. Bloggers go missing. Teachers are extralegally imprisoned, tortured, and murdered.

horrors-of-sudan

It’s on the US State Sponsors of Terrorism list, and it’s recently erupted in violent protests over the price of bread that may topple the regime. Sudanese clerics support the regime and encourage believers not to rebel.

Religion forbids rebellion against the ruler(The caption reads: ‘the religion forbids rebelling against the ruler.’)

In the Sudanese countryside armed militias continue to fight each other. 9 people recently died in a clash between the National Salvation Front and the Sudan People’s Liberation Movement-in-Opposition.

In such an environment, it’s no wonder that people who want to file copy, write for blogs, put vital footage on social media, transmit to newspapers images and facts which the Sudanese authorities would rather conceal, or who simply want to access the internet safely and freely, will look to a VPN.

But which VPN should Sudanese people, and foreigners visiting the country, opt for?

Choosing a VPN for Sudan

A VPN for use in Sudan has to be secure and private. With so much resting on keeping your traffic protected, you need a VPN that makes safety its first priority. Bells and whistles come after solid encryption, obfuscation and privacy, and you need all three.

It’s also got to work on your device and be relatively easy to use.

Encryption

Let’s start with the obvious: reliable encryption is a must for security. Fortunately most premium VPNs use military-grade AES 256-bit encryption that’s effectively unbreakable. An attempt to brute-force AES 256 would take 50 supercomputers, each capable of trying a billion billion (1018) keys per second, 3X1051 years — and the entire universe is only 148 years old.

Does this mean AES 256 is completely safe and reliable? No. That’s just the maths. We also have to consider how it’s implemented. AES 256 is what the US uses for Above Top Secret documents and data, but that doesn’t mean it’s uncrackable. For instance this side channel attack method developed by Dutch scientists sidesteps the cryptography and attacks the user in a different way, stealing keys stored on devices rather than trying to crack the crypographic algorithm.

The short version: AES 256 is a floor, not a ceiling. Nothing lower is good enough, but stronger encryption and more secure key storage is always better.

Obfuscation

Obfuscation means covering your tracks. In this case it means concealing the fact that you’re using a VPN.

Here’s a brief guide to how that works.

The internet works by something called packet-switching technology. This technology allows data to be broken up into packets, routed around a big, shapeless network and then put back together at the other end. All the data you send over the internet is sent as packets.

Each packet contains, in addition to the data it exists to transport, some metadata  — information about what’s in the packet. Think of this like the label on a parcel, showing the return address and telling you what’s inside.

When you use a VPN, all that data is different. That means when someone intercepts your data and uses a technique called ‘deep packet inspection’ to see the metadata, they can see that you’re using a VPN. That’s not illegal in Sudan, but it does flag up that you’re savvy enough to get one and use it, and make you more likely to be targeted for ‘investigation.’

So how do you get around this?

VPNs with obfuscation use technologies that write new metadata and disguise the fact that packet contents are encrypted.

VyprVPN’s Chameleon Protocol is able to do this by scrambling metadata while leaving the underlying packet contents encrypted in OpenVPN 256-bit, meaning it’s obfuscated but remains lightweight.
Vyper VPN Chameleon Protocol

Here’s an explanation of obfuscated servers from NordVPN

Bottom line: Obfuscation is part of security, and it’s a must in risky situations.

Privacy

When people say a VPN is secure, they mean no-one else can see your data. When they say it’s private they mean the VPN doesn’t monitor or store your data.

Your traffic goes through a VPN’s servers and they can see what happens in their servers. If they record it they can be forced by law enforcement to hand over those logs. It’s happened before. (Lots of free VPNs blatantly spy on you and then sell your data to third parties, including advertisers. Avoid them!)

Moreover if the VPN is headquartered in a ‘14 Eyes’ country, security forces in one country can compel it to hand over any logs and then share them with security forces in another 14 Eyes country.

Usability

A VPN for Sudan needs to be easy to use and have fairly lightweight clients that are effective on older as well as newer devices. If a VPN has a killer iOS app but it can’t be installed on anything older than an iPhone 8, that could be a problem in a country where most people don’t have access to the latest consumer technology.

What about mobile?

What’s true for desktop computers isn’t always true for mobile. Globally, mobile internet use eclipsed desktop use in 2015. But in countries like Sudan, mobile internet users are in the majority. Just 28.5% of the Sudanese population is connected to the internet — but that figure has risen 39,288% since 2000, and it’s mostly accounted for by mobile. This means shared devices and shared connections, and it means that if a VPN is awesome on a 2019 iMac in an air-conditioned San Francisco office but it struggles on a 2014 Samsung, it’s no good to us.

There are specific problems with mobile, in that mobile applications for both iOS and Android have been implicated in security and privacy breaches.

A 2016 study by Muhammad Ikram, Narseo Vallina-Rodriguez and others found that ‘18% of the VPN apps [tested] implement tunnelling protocols without encryption,’ and even worse, ‘approximately 84% and 66% of the analyzed VPN apps do not tunnel IPv6 and DNS traffic through the tunnel interface respectively due to lack of IPv6 support, misconfigurations or developer-induced errors.’

Unencrypted tunnelling means the data sent was completely unprotected. Unprotected DNS traffic means you can be identified by your DNS data. Here’s a screenshot of IPLeak.net, showing the kind of identity and location information that can easily be acquired from your internet traffic:
Ipleak.net Identity

Note that the DNS address and the IP address are the same. I can be identified by either. (Or rather I could be, if I wasn’t running a top-of-the-line VPN.)

Other problems with mobile apps include tracking (72% of Android VPNs affected), malware (38%), and in rare cases traffic rerouting and interception — just the kind of thing a security service would love an activist to download, though in the four cases Ikram and others found it was being used for commercial purposes.

In sum then, a VPN suitable for use in Sudan would have these features:

  • Keeps no logs whatsoever
  • Is headquartered outside 14 Eyes
  • Has an easy-to-use, secure mobile app
  • Has obfuscation
  • Uses top-of-the-line encryption, preferably with additional security features

The Contenders for Best VPN Sudan

Here, we’ve brought together the four best contenders for a secure, safe VPN to use in Sudan. Here’s a quick look at how they stack up.

 

Encryption

Obfuscation

Privacy

14 eyes

Easy to use

Mobile apps

Features

Air

AES 256-bit

Has obfuscation, details scanty

Zero logs, ultra-clear privacy statement

Yes — Italy

Some knowledge required

No iOS app, GUI for Android

VPN over TOR

Nord

AES 256-bit

Lists obfuscated servers

Zero logs

No — Panama

Very

iOS 9, Android 4.4.4

VPN over TOR, double VPN

Vypr

AES 256-bit

Obfuscates at source with Chameleon Protocol

Zero logs, independently audited

No — Switzerland

Yes

iOS 9, Android 4.1

Chameleon Protocol

Express

AES 256-bit

Some obfuscated servers

Zero logs. Has been raided and no logs found

No — British Virgin Islands

Yes

iOS 9, Android 5

Split tunnelling

1. NordVPN

Provider
Features
Price
Website

"A speedy VPN that's very easy to use and covers basic privacy needs well enough"

  • Excellent available variety of servers
  • Servers are fast and secure
  • Offers six connections
$11.95 $3.99 per month
Save 66%

Nord VPN for Sudan

The biggest player in the global VPN market, for a reason. Nord has a huge array of privacy and security features that make it an excellent choice for Sudan.

Encryption

Nord offers industry gold standard AES 256-bit CBC encryption with a 2048-bit DH key over OpenVPN. This is the default encryption protocol for Nord’s Android app.

There’s also the even more secure NGE (Next Generation Encryption) over IKEv2/IPsec, currently considered unbreakable and the default for Nord’s iOS/iPhone app.

Obfuscation

Nord has specific obfuscated servers in these locations:

  • France # 280-287
  • Singapore # 184-187
  • Japan # 193-200
  • Hong Kong # 75-82
  • United States # 3041-3056

(The # numbers tell you which server to connect to in that country.)

To use them you need to enable Nord’s Obfuscated Servers feature.

Servers

Nord’s server net is huge. It owns its own DNS servers too.

‘NordVPN does not leak any data,’ Nord told us. ‘You might see NordVPN’s IP address instead of the DNS address when doing the leak test. Please note, that all requests are still being resolved through our servers and then sent over VPN server. That’s why you will see server’s IP instead of ours. This was done in order to become independent from external DNS services (and possible shortages).’

Additionally, Nord’s servers are all physical and wholly owned. Says Nord:

‘All of our servers are physical with a zero logs policy set-up. All our servers and a DNS network is dedicated and used by NordVPN only.’

Privacy

Nord is outside the 14 eyes, and keeps no logs. It’s located in Panama where there are no mandatory data retention laws, and it’s been going since 2012 without any records being known to be kept or passed to law enforcement or other agencies.

VPNAdviser contacted Nord to check and they replied:

‘We have never breached our Terms of Service and to back up our no-logs claim, we also hired a 3rd party auditor to independently verify our no-logs policy. If we were contacted by security services, we would not be able to provide any information on our users to any institution. Since we do not keep any logs, we have nothing to share!’

Features

Nord comes with a bundle of security-positive features.

Double VPN

Double VPN bounces your traffic across more than one of Nord’s VPN servers. If traffic is traced back through the network to the source behind the VPN server, that source is… another VPN server. In the process traffic is encrypted twice, wrapped in an additional layer of protection.

This is really good security for dangerous situations.

Onion over VPN

The Onion Router, or TOR, is a free network of servers operated by volunteers. When you join your computer or device becomes a server, meaning the number of servers is unbelievably vast.

TOR sends your traffic out across the network,entering TOR in a random location, making at least one other jump and then exiting TOR in another random location. It’s encrypted all over again at each step. The entry node (where your traffic enters TOR) knows your IP address, but not where your traffic is going. The exit node (where your traffic exits the network and is directed to the website you want to see) knows your traffic’s destination but not your IP address.

So far, so good. But anyone can be a node on TOR, including governments, law enforcement and other agencies. And your ISP will know you’re using TOR, making you a target in an authoritarian country — especially if you’re reliant on an internet cafe or other third-party provider.

Use TOR over VPN and your ISP doesn’t know you’re using TOR. Neither can your IP address be sniffed out at the other end.

Nord’s Onion over VPN offering is built right into Nord — you don’t need to download a TOR client.

We recommend this for Sudan and other dangerous, authoritarian countries.

CyberSec

Nord’s CyberSec feature automatically blocks suspicious websites from a blocklist of known threats, reducing exposure to malware and intrusive advertising.

From a security standpoint what’s more important is that CyberSec monitors outgoing connections and prevents connection to botnets, meaning even if you’re infected your device can’t contact the Command and Control array of the botnet to pass on data or ask for instructions. Botnets are usually used for money-making or cyberattacks but can also be used to steal user data and track device users via GPS, so this feature is an excellent choice for activists, journalists, bloggers or anyone who wants to use the internet safely in a dangerous country like Sudan.

Mobile

Nord’s Android app is compatible with Android as far back as Android 4.4.4 — Kitkat, first released in 2013.

Their iOS app is compatible as far back as iOS 9 — released 2015.

Nord’s mobile apps don’t leak information and are secure.

Easy to use

Nord has a map-like interface which some say is confusing or unappealing. But it is simple enough to connect and you can switch features on and off easily inside the app.

Here’s the guide to setting up the iOS app:

And here’s the Android guide:

We haven’t been able to find any information showing that their apps are insecure. You can test them yourself — see ‘how to test your VPN’ below.

Comments from Nord

Nord explained to us that while their product can help you stay safe online, it won’t and can’t do the job for you.

They can’t protect your password for you, for instance. However, they told us, ‘we do have articles on how to create as strong of a password as possible. It can be done by following these guidelines: avoid short passwords; make them complex; use password managers; create mnemonics; use passphrases (the Diceware method).’ (There’s additional advice from Nord on how to do that here.)

Nord went on to tell us that while Nord can do a lot for your security, ‘here’s what it won’t do:

  • It won’t protect you from social engineering or device theft. You are responsible for keeping your passwords safe. Don’t download suspicious files, and make sure you always know where your device is and who’s using it.
  • It can’t secure data that you willingly surrender to a third party. Even large and trustworthy corporations can be hacked into. NordVPN secures your traffic, but once you agree to give someone your information, its security becomes their responsibility. This also includes big data giants like Google and Facebook. If you agree to use their services, that usually means you must also agree to sacrifice a great deal of your privacy.’
Provider
Features
Price
Website

"A speedy VPN that's very easy to use and covers basic privacy needs well enough"

  • Excellent available variety of servers
  • Servers are fast and secure
  • Offers six connections
$11.95 $3.99 per month
Save 66%

The bottom line

Nord gets a big thumbs up from us. Their apps are easy to use, they don’t leak and they come with a ton of extra security features. Privacy is as good as it gets. We strongly recommend this VPN for people trying to use the internet safely in dangerous countries.

2. VyperVPN

Provider
Features
Price
Website
  • Powerful obfuscation via Chameleon protocol
  • 24/7 Live Support
  • Netflix unblocking
$6.67 $5.00 per month
Save 25%

Vyper VPN for Sudan

Another VPN founded by privacy advocates, this time by Ron and Carolyn Yokubaitis, who created Vypr in response to the discovery of ‘Room 641A,’ the San Francisco address where telco AT&T was helping the NSA spy on its users.

Encryption

Vypr uses three different VPN protocols — PTP, which is fast but less secure, L2TP/IPsec which is more secure but slower and OpenVPN. Vypr users get their choice of 128-bit or 256-bit AES over OpenVPN for Android, or 256-bit L2TP/IPsec for Android.

Obfuscation

Vypr foregrounds its Chameleon Protocol for obfuscation. Instead of specific stealth servers, Vypr strips metadata out of your traffic at source, then sends that traffic out over OpenVPN as normal; it’s lightweight stealth that starts at your phone.

Servers

Vypr owns, engineers and manages its own server net, using in-house engineering teams to write their own code, build and operate their own servers. Their parent company, Golden Frog, also owns VyprDNS, a wholly-owned zero-knowledge DNS server net that complements VyprVPN and is available only to Vypr users.

Vypr uses virtual servers to allow an IP address in a dangerous country while retaining security. Their argument, expressed in a blog post, is that ‘Some locations simply do not have facilities, networks, or laws that we feel are secure enough to protect our connections. In these instances, we might choose a virtual server over a physical one, to bring traffic back to a secure facility with trusted physical infrastructure. For some countries, such as Russia, encrypting that traffic to a physical location outside the border ends up being more secure overall than placing a server in-country.’

Privacy

Vypr keeps no logs. They used to keep connection logs for 30 days but no longer do this. The company has been independently audited by Leviathan. They don’t keep logs: here’s the report.

There were some troubling discoveries in the report, specifically that ‘there were a limited number of identifying logs on the VPN server which appeared to result from inadvertent configuration mistakes. Specifically, we found that logs for the kill switch API contained user IP addresses.’ If you’re thinking of using Vypr somewhere dangerous, bear this in mind.

Mobile apps

Vypr’s iOS app supports iOS 9 (2015) and later. Note that if you want Chameleon Protocol on your iPhone you’ll have to set it up manually..

Their Android app offers Chameleon as standard and is compatible as far back as Android 4.1/Jellybean (2013).

They’re easy to use applications that can be installed and operated simply and quickly.

We haven’t been able to find any information showing that their apps are insecure. You can test them yourself — see ‘how to test your VPN’ below.

Additional features

We’ve already talked about obfuscation. But Vypr offers some other useful features.

Kill Switch

Vypr has a kill switch that will drop your internet connection if your connection to Vypr’s servers is dropped, ensuring that you’re protected whenever you’re connected.

Cyphr

Vypr’s parent company Golden Frog also owns and operates Cyphr.

It’s not strictly-speaking a  feature of the Vypr VPN service but it deserves a mention as a fully-encrypted zero-knowledge messaging app that makes a good alternative to known security holes like Facebook Messenger.

NAT Firewall

Vypr has a built-in firewall service that blocks unrequested inbound traffic while you’re connected to your VPN, keeping out hackers, bots — and anyone else who might want access to your device.

Provider
Features
Price
Website
  • Powerful obfuscation via Chameleon protocol
  • 24/7 Live Support
  • Netflix unblocking
$6.67 $5.00 per month
Save 25%

The bottom line

Vypr’s a great choice. Does it have all the power of Nord? Nope. Is it as steely and unflinching in its support for privacy as Air? Not quite, though it is close. It’s a solid and reliable choice — a powerful VPN with its own servers and DNS, no logs and some effective security add-ons. We recommend it.

3. Express  VPN

Provider
Features
Price
Website
  • 256-bit AES Encryption
  • Blazing Fast Connection Speed
  • No Logs
$12.95 $8.32 per month
Save 35%

Express VPN for Sudan

Encryption

Express uses excellent encryption: an AES 256-bit encryption algorithm with a 4096-bit RSA key and SHA-512 HMAC authentication. To all intents and purposes, Express has unbreakable encryption by modern standards, just as Nord does.

Several VPN protocols are available including OpenVPN and several less-widely-used VPN protocols. However, Express doesn’t offer IKeV2/IPSec.

Obfuscation

Express has stealth or obfuscated servers located in Hong Kong, specifically to help defeat censorship in China. But they can still be used to good effect by other users.

They don’t offer a lot of detail about how their obfuscation works, though, unlike some other providers. That’s probably in the interests of security, and their stealth servers certainly do work.

Servers

Express runs a mixture of bare-metal and virtualized servers. Virtual servers are less secure than bare-metal ones but Express uses them for only about 3% of its server network. ExpressVPN has 3,000 servers in 148 cities and 94 countries, a smaller net but with a bigger geographical spread than Nord.

Privacy

ExpressVPN has passed the gold standard test for privacy. Investigating the high-profile political murder of a Russian ambassador, Turkish police raided their offices and seized their computers in an effort to get hold of messages relevant to the case which had been remotely erased from an IP address leased from ExpressVPN.

The police were frustrated to find that Express keeps no logs and there was no information of any value to their investigation on the computers they seized.

On Express’s website, their Privacy Policy says, ‘We do not collect logs of your activity, including no logging of browsing history, traffic destination, data content, or DNS queries. We also never store connection logs, meaning no logs of your IP address, your outgoing VPN IP address, connection timestamp, or session duration,’ pointing out that ‘even when compelled, we cannot provide data that we do not possess.’

Mobile apps

Express’ iOS app supports devices as far back as iOS 9 (2015).

Their Android app works for devices as far back as Android 5/Lollipop (2014).

If it’s useful, they also support Nook and Kindle Fire.

We haven’t been able to find any information showing that their apps are insecure. You can test them yourself — see ‘how to test your VPN’ below.

Easy to use

Express’ mobile apps have a reputation for being easy to use and intuitive.

Additional features

Express has some useful features. There are pages on their website where you can check if you’re leaking DNS and WebRTC/IPv4 information, which could be used to locate and identify you even if you’re connected to a VPN.

Here’s the DNS leak page:

https://www.expressvpn.com/dns-leak-test

Here’s the IPv4/WebRTC page:

https://www.expressvpn.com/webrtc-leak-test

What about additional privacy and security features for the main VPN itself, though?

Network Lock: kill switch

Like many top-line VPNs Express has a kill switch, known as Network Lock. This disconnects you from the internet if and when your connection to Express’ servers is interrupted. With Network Lock on, you’re either protected, or disconnected.

Split Tunnelling

Split tunnelling lets you connect some apps through your VPN and not others. That can be helpful in keeping down overall bandwidth usage and in maintaining a ‘cover’ of innocuous normal internet usage if you’re being monitored.

Provider
Features
Price
Website
  • 256-bit AES Encryption
  • Blazing Fast Connection Speed
  • No Logs
$12.95 $8.32 per month
Save 35%

The bottom line

Express is a solid option for a VPN in a dangerous place. They take security and privacy seriously. But they don’t offer the same kind of security as Nord.

(We reached out to ExpressVPN for comment and advice concerning this post but did not receive a reply.)

4. Air VPN

Air VPN for Sudan

Founded by digital rights activists, AirVPN has exactly the pedigree you want to see. But how does it stack up?

Encryption

Air uses among the best encryption available: AES 256-bit with Galois/Counter Mode (GCM), with 4096-bit RSA keys.

There’s also Perfect Forward Secrecy, via Diffie-Hellman key exchange (DHE). This means that a user’s session keys won’t be compromised, even if the server’s private key is compromised. Past sessions are inaccessible even if access to the server is gained, and Air switches keys every 60 minutes. Want to switch sooner? You can set Air up to switch keys whenever you like. Once you switch keys, everything that happened before the switch is inaccessible even if someone has access to the server.

This is a VPN that takes security very seriously. It only provides connections via the OpenVPN protocol.

Obfuscation

Asked on Twitter, Air said that they do have obfuscation:
James Roth on Twitter asking Air VPN regarding Obfusucated Servers

When they got back to us via email, Air’s support team was more explicit.

‘We provide tls-crypt or connections over proxy or TOR,’ the team explained. Tls-crypt encrypts the control channel as well as the data channel: the connection between two peers is established, encrypted and authenticated using the key file defined with the tls-crypt option. Then, the certificates are used to authenticate the peers. If this is successful the HMAC and encrypt/decrypt keys are generated and exchanged over the established, encrypted TLS connection. As StackExchange user and security-oriented developer Steffen Ullrich explains, ‘since the control channel is encrypted the certificates are too and the protocol too and this makes OpenVPN connections more privacy friendly and harder to detect with traffic fingerprinting.’

Air put it this way: ‘It is not obfuscation, it is real encryption of any VPN related fingerprint, so it’s safer.’

Servers

AirVPN doesn’t have a server net the size of Nord’s. Who does? But the servers that they do have are top of the line. They have a server in about 20 countries, though they’re constantly expanding their server net. Their DNS server net is neutral — it doesn’t alter traffic in any way, unlike some DNS servers that ‘assist’ with search and alter traffic in the process.

Each VPN server has its own DNS server, and they assured us they don’t virtualize: ‘We operate only bare metal servers,’ their team emailed us.

Privacy

AirVPN doesn’t keep logs. Many VPNs are very certain, but somehow also very vague, about their logging policies. When you look carefully, they’re really saying ‘no logs, ever (apart from the stuff we occasionally record and retain).’  Air is different. Here’s what they say in their privacy statement:

Air Vpns Privacy Statement

They go into detail about email address retention, cookie use, third-party tracking, server logs, and jurisdictional conflicts. Essentially: Air doesn’t want your information and doesn’t keep it or give it to anyone, and if you want to verify that for yourself you can email them at info@airvpn.org and ask. No logs means no nothing; even their user lists are kept physically isolated and encrypted.

It’s worth reading their privacy statement in full here.

In spite of a 14 Eyes location, Air is vocally committed to applying European Union privacy law to its users.

We specifically asked Air’s team, ‘If you were approached by security services from a country like Sudan with requests for information about a user located there, what would be your response?’ Their reply: ‘Services outside our jurisdiction are not even answered.’

But what about if this request came from the security services in Air’s jurisdiction?

‘Any request MUST come from a magistrate in Italy and not from security services, that don’t have this authority, but from a magistrate with a court order. Anyway, we can’t give out information that we don’t have, that’s why it is recommended to never enter personal data in our system.’

In other words, they’ll hand over the minimum required by a judge with an order from a court — something that’s a lot harder to get than a request from the security services, by the way. But you don’t have to. You can open an Air account with nothing more than a throwaway email address.

Mobile apps compatibility, safety, security, ease of use

Air isn’t so easy to use on mobile as some VPNs.

For iOS, the instructions are here. You have to download OpenVPN from the App store, then connect to your preferred Air server using it. There’s no iOS app because Appple doesn’t allow free, open-source software in their App store, and Air only releases free, open-source software.

The good news is, this seems to be back-compatible with any age of phone. Bad news, it’s a longer process, though still pretty simple. You don’t get a pretty app though.

For Android, there’s a free, open-source application called Eddie that’s basically a GUI draped over an OpenVPN client. This is more complex to use than some of the more consumer-friendly app-oriented options out there. But it’s designed to be safe. Air recommend using it with Android 5.1 or later (Lollipop, 2014) because ‘older Android versions have a VPNService API so bugged that it’s not safe to use it at all,’ their team told us.

What about leak prevention? Android and iOS apps are known to leak. Does Air’s? ‘Eddie runs with limited privileges and a total leaks prevention would require manipulation of the system filtering tables, which is not possible without root privileges,’ their team told us.

(They went on to warn, ‘We would not recommend to use any Android or iOS device with most important threat models. Devices based on Android and iOS are thought essentially as spying and marketing devices,’ which we agree with but it’s beyond the scope of this piece.)

Additional features and comments

Air is committed to online privacy, freedom and anonymity. Their statement on ICANN can be read here in its entirety, but to keep it short: the US carries out domain name seizures, but Air refuses to send traffic to the new IP addresses assigned to the seized domains. Search over Air and you’ll be sent to the original website.

It’s a token of how serious these guys are about digital freedom.

AirVPN over TOR

Air lets you connect over TOR. You need to install a TOR client and set it up yourself, but you have more versatility; you can connect using TOR first, then Air, or the other way around. It’s not as simple or intuitive as Nord’s offering, but the guide to how to do it is here.

We talked with Paolo at Air over email and asked how they’d recommend a journalist, blogger, activist or anyone else should use their product in Sudan. Here’s their answer:

With some care: use only tls-crypt (to encrypt OpenVPN fingerprint) and add Tor after the connection. Also, rotate servers frequently during the hours, to avoid to show traffic all coming from and going a single IP address.

The bottom line

If you’re willing to put in a bit of effort, Air is a great choice. If you have an older device and you know your way around it somewhat, it might be your only choice. The efforts this VPN makes to achieve real security and privacy make it our number one, and we recommend AirVPN for dangerous places and situations where security really matters.

Chose a VPN? Here’s how to test it

Just go to this address: https://ipleak.net/

It will show you this:

Ipleak.net Test

A clear look at how your VPN is performing, including your DNS, your IP address and everything else that someone who intercepts your traffic or manages a website you visit could find out about you.

Use this or Express’ tools to see if your VPN has you adequately protected!

A final word

We love VPNs. The clue’s in the name. But if you’re doing journalism or activism in a dangerous country a VPN alone won’t cut it. You need better security when it comes to your operating system and a bunch of other factors. We reccommend starting with any VPN on this list, then educating yourself on cybersecurity. Stay safe!

Sorry we don't know of any VPN providers with servers in Sudan.

If you are still trying to find a VPN in this country; you could try your luck asking on the forums. Or if you know of one you can post a suggestion in the forums.

VPNs That Might Interest You

VPN Ratings

  • Overall Rating:
  • Features:
  • Privacy:
  • Speed:
  • Value:

VPN Ratings

  • Overall Rating:
  • Features:
  • Privacy:
  • Speed:
  • Value:

VPN Ratings

  • Overall Rating:
  • Features:
  • Privacy:
  • Speed:
  • Value:

VPN Ratings

  • Overall Rating:
  • Features:
  • Privacy:
  • Speed:
  • Value: