6.5
Compatible with
  • Mac

  • Windows

  • Linux

  • Android

  • iOs

  • Mobile

  • Desktop

  • Smart TV

Parent company:
Country of incorporation:
Founded date:
Simultaneous connections:
Refund policy:

Highlights
  • No-logging policy
  • Good encryption protocols based on OpenVPN
  • P2P torrenting allowed
  • Accepts Bitcoin as a payment method
Go to NordVPN Instead

At first sight, CryptoStorm is a VPN that brags a lot, and excels in using buzzwords and self-promotion to further its interests. On the official website, for example, it says that they are a “no compromise network security: opensource, anonymous token auth”, along with other very admirable claims.

We’ll see in the following review that the situation is certainly not a matter of excellence and professionalism, but rather one of exaggerated self-praise.

Pros:

  • No-logging policy
  • Good encryption protocols based on OpenVPN
  • P2P torrenting allowed
  • Accepts Bitcoin as a payment method
  • Token-based payment option, increasing anonymity

Cons:

  • WebRTC leaks (IPv6)
  • Known associations with Douglas Spink

Before we get to the review itself, we’ll talk a little about who Douglas Spink is, and why his associations with CryptoStorm should make you think twice before enlisting their services.

Here’s some info on the man:

  • He was an American businessman and known adrenaline junkie who bankrupted in 2002
  • He’s known to be an advocator of zoophilia, convicted numerous times for the owning of bestiality farms in Canada, and other similar websites
  • Convicted for smuggling 375 pounds of cocaine, sentenced to 17 years in prison, but only served 3
  • From 2005 to 2016, the man was convicted and has run afoul of the law numerous times for going against the court orders

Also, Bloomberg is still listing him as the Chief Technology Officer of Baneki Privacy Computing Inc. The company is known to have been associated and possibly even owned CryptoCloud, the former VPN service that CryptoStorm is built upon.

Even though the team at CryptoStorm denied any connections to Spink, they once said that after his release from prison, he had shown interest and even begun to work on the website. The two claims appear to be contradictory and rather strange.

However, speaking of the official website of our VPN for today, it really is written in a style that reminds of Spink. As such, the evidence all points to the fact that he was involved in the creation and maintenance of CryptoStorm.

Whether he’s still the master puppeteer behind the organization or not, that’s a question mark for now.

4.0

Speed

Again, the official website states very clearly that the speed of their servers is “astonishing”, and that “so far, it’s scary”, talking about the overall features of the VPN.

Let’s see if there’s any truth to the claim.

The tests that were made showed a rather disappointing drop in download speed. On the UK servers, the download speed screeched down from 140 Mbps to 20 Mbps rather fast.

The US servers fared even worse if that was even possible, to begin with. From a solid constant of 150+ Mbps, it went downwards on and on until it touched 20 Mbps, and it went below that as well.

The upload tests showed mediocre results as well, nothing as foreshadowing as the download ones.

All in all, we can all agree that this is certainly nothing even remotely close to the “astonishing network speed” that they’re advertising. Rather, it’s nothing else than the trademark sign of the run-of-the-mill VPNs out there. Nothing short of disappointing.

And, just to add fuel to the fire, it seems that there’s an anti-leak protection in place, guarding against DNS & WebRTC leaks. Well, guess what I managed to uncover? That’s right, WebRTC IPv6 leaks.

This means that any website who uses this protocol for IPv6 will be able to see your real IP address. This is not even a slight mistake or error on their part, but a definite and potentially life-threatening one.

VPNs are made for the express purpose of hiding IPs, essentially, to maintain your anonymity and put your privacy above all else. If they can’t do that, then they’ve outstayed their welcome and you have to think about making a change.

NordVPN or ExpressVPN, universally acclaimed as being the best online security providers on the market, have no such problems, and they offer exponentially more services, with much greater efficiency, professionalism, and versatility. Plus, they are very trustworthy, to begin with.

5.0

Locations

They have 30 servers located in 17 countries, mainly in Europe, the US and Canada.

They support up to four simultaneous connections, but this is where it gets tricky or confusing, depending on how you look at it. It’s all related to the subscription packages at your disposal. We’ll get to this when we talk about the exact prices of their services.

Presumably, the company behind CryptoStorm is based in Iceland, but so far there has been no substantial proof to support this statement. For all I know, it could be based in Canada, where Baneki Privacy Computing Inc is located. Although, seeing the level of trustworthiness that this company transpires, I wouldn’t be mind-blown to uncover their main HQ on the dark side of the moon as well.

If you’re looking to engage in a steaming love story with any Canada-based VPNs, tread with caution! Canada is known for being a member of the Five Eyes surveillance alliance, quite an enthusiastic one at that.

From what I’ve read on some user reviews, the servers seem to hold their own with regard to overall uptime, and if issues ever appear in this sense, the staff at CryptoStorm are quick to respond.

8.0

Privacy

In terms of privacy, the VPN is acclaimed as being among the best out there who actually take the user’s privacy very seriously and want to uphold a certain code of conduct.

However, you can barely make out any details on the company running CryptoStorm, if any. They remain anonymous for good reasons, is what a staff member once said in an old Reddit post, jumping to the defence of the company’s self-imposed cyber-exile.

While this shadowy approach might impress others, a symbol of their genuine interest in protecting the user and maintaining invisibility, it’s surely very suspicious.

Now, with regard to their security protocols:

  • The Control channel has an AES-256 cipher, while the RS and SHA parameters are undefined. The OpenVPN RSA-2048 encryption coupled with the HMAC SHA-1 hash authentication are also present. Moreover, the Perfect Forward Secrecy (PFS) is provided as well.
  • The Data channel is based on an AES-256-CBC cipher.
  • Grsecurity is used as well as patches for bare metal servers

It must also be said that the OpenVPN code has been modified by the tech team at CryptoStorm, patching it “so that the number of connected users can still be viewed (along with bytes received/sent, connected since, etc.)”. They will not retain the IP address of any user though.

Also, as I said the beginning of the article, there are no logs being kept. However, the real-time activities of the servers are monitored closely.

No matter what, I don’t think it’s really such a good idea to modify OpenVPN. It has been fully audited and tested before. So, there’s really no reason whatsoever to further tinker with it. The patch they used didn’t go through any check-ups, nor was it made open-source.

The VPN implements the DNSCrypt and DNSChain features.

The former allows you to securely connect to any DNS servers that don’t belong to CryptoStorm per se. This helps you, for example, with avoiding the limitations and restrictions that China places on VPNs.

The latter deals with the existing issues that most users experience with the HTTPS certificate authentication system. It changes the whole game, replacing the usual protocols with the Namecoin blockchain as a new form of authentication.

Coincidentally, there are a lot of links and pages on the official CryptoStorm website that lead to HTTPS certificates, putting aside the intentionally-confusing language used to describe pretty much anything there.

There are also no kill-switches included, and the widget that you download has WebRTC protection automatically disabled. However, it’s good that the app is open-source, but there is no PGN signature available, and this a problem.

8.0

Ease of Use

First off, I have to talk about the website and reiterate that the language used is absolutely obnoxious and intentionally obfuscated, I would say. Moreover, it’s actually built in a totally unprofessional manner.

Setting aside the overall aesthetics that remind you of the winter sweaters your grandmother used to sew or the background of a 90s SNES indie game, it’s the jargons that are very annoying and worrying.

More than that, the constant bragging and self-praise become irritating as well, even more so when their services don’t rise to the challenge. I understand the need of painting yourself as the second-time-resurrected Christ for commercial reasons, but, in the name of the genuine Jesus, tone it down a bit!

With regard to the process itself, once you complete the payment, CryptoStorm will send you a token through to your email. Security-wise, this is a risk, since your email address must be real. You can, however, use a disposable one.

The Windows app v3 can be downloaded from the website homepage. You quickly notice the same non-sensical and suspicious jargon at work when pressing the “connect button”.

The message says – Logging into the darknet…

How the simple action of connecting to a VPN server is even remotely close to accessing the darknet or anything of the sort is beyond me. All in all, however, the app is easy to use, and it works fine.

From the widget, you can choose to connect to any server from the ones available, UDP or TCP, or even choose to go with the “I’m feeling lucky” attitude and get a random port number.

Some quick info – the TCP protocol helps you with hiding your traffic better, it may very well be able to overcome certain anti-VPN measures put in place by some websites, and generally put an additional layer of invisibility gel on you.

However, if you encounter any problem with setting up the app itself or working your way through the settings, there is plenty of material on the website, articles and “concise” instructions on how to use their services.

With regard to the compatibility on other platforms, the CryptoStorm widget is mainly available on Windows. However, there are plenty of guides on the website explaining, step-by-step, the process of setting up the app on Linux, Android, iOS, and OSX.

Although the OSX link takes you to the Linux instructions, for some odd reason.

7.0

Customer Support

Besides all the information you can find on the website, along with the forum section where users can offer some advice and solutions to different issues, there is also the IRC chat channel to contact the official staff.

It’s easy to use in terms of technicalities but, probably because there are a lot of people using it, the connection is sluggish and annoying. The risk of sudden disconnection is also as prominent as that of a heart attack in a 300-pound pizza eating modern feminist.

Moreover, some reviewers have said that they didn’t receive any “satisfactory” replies to their questions and inquiries. This either means that they were expecting the answers to come quicker, the service to be better overall, or that the staff provided little to no help at all.

CryptoStorm also has a Twitter channel that you can access in order to search for a solution to your issues. It seems that the customer support is much more efficient and client-friendly here because the answers are much more detailed, personalized, and aimed at satisfying the user.

However, you will have to wait for a few days before receiving any answers. I can only assume, yet again, that the system is over-used and that there is an over-abundance of users experiencing issues. That or the staff is complacent.
Neither conclusion is acceptable or satisfactory from a Premium VPN that you pay good money to.

Speaking of money and prices, it was about time we got to the…

7.0

Pricing

The packing plans go something like this:

  • One week – $1.86 (1 connection)
  • One month – $6 (1 connection)
  • Three months – $16 (2 connections)
  • Six months – $28 (3 connections)
  • One year – $52 (4 connections)
  • Two years – $94 (4 connections)
  • 5x 1-month bundle – $24 (1 connection)
  • 11x 1-month bundle – $48 (1 connection)
  • 25x 1-month bundle – $97 (1 connection)

The basic package for one month, with only one connection available, is $6. However, the subscription system is where it’s all concentrated on, where CryptoStorm really stirs the hornet’s nest and makes everything just a little bit weird.

When you buy a subscription, you really just increase the number of simultaneous connection you are allowed to. For one month, you can use one, for three months, you get access to two connections, and for one year, you’re provided with access to all four connections.

Then, there are the bundles. These are basically one-month subscriptions bought in packages. They are not to be confused with the regular subscriptions though. You can purchase three months or two years subscriptions, but you can also acquire 11-month or 25-month bundles.

With bundles, you only have access to one connection since they are basically the equivalent of multiple one-month subscriptions. The real deal here though is that the bundles cost almost the same as subscriptions if you calculate the price per month.

It’s also worth noting that CryptoStorm doesn’t provide any money-back guarantees or free trials. If you want to test the VPN before deciding if it’s worth it or not, the closest possible option you have to a free trial is the weekly subscription. For one week of use, you pay $1.86.

The payment process is entirely based on the token system, which has been acclaimed on the world wide web as being revolutionary, a symbol of CryptoStorm’s “valiant” attitude with regard to privacy, user anonymity, and general security. I have to admit that it really is a unique feature that’s never been used before.

It works like this:

  • The tokens can be bought from third-party resellers, so the payments are anonymous as far as CyptoStorm’s policies go. No money is tied to their system whatsoever, only those tokens. And those aren’t even associated with an account.
  • The respective tokens give you access to the system for a set time period. After they expire, you either have to use other tokens or, if you have none left, you have to buy some more.
  • There are links to third-party resellers on the official website. However, and this is important, on almost all the links, you get HTTPS certificate warnings. Ignore the warning at your own peril and you’re going to be redirected to a forum page with a list of resellers where you can acquire tokens.
  • However, the vast majority of the links are not working, and for the ones that do, you have absolutely no reason to rely on them. They are, after all, third parties with no reputation whatsoever.

You can buy the tokens through PayPal or the third-party processor named Stripe. The latter accepts credit or debit cards, prepaid cards, and also Bitcoin payments. If you use Stripe, CryptoStorm will have no record of any payments made, which means they bear no responsibility in case anything…unfortunate happens.

One thing is true though – no matter what method you use to buy the tokens, CryptoStorm will still retain your real IP address, the ones where the payments were made from.

CryptoStorm – a gimmick or the real deal?

There is one thing that CryptoStorm excels in, and that is bragging, self-praise, being confusing and using jargon-heavy language to confuse its clients.

You would think that the team who has been ”redefining what’s possible in vpn service since 2007” (official claim) would provide you with premium services that are, at the very least, on par with some of the big names on the market.

Ultimately, CryptoStorm is just another mediocre VPN, a Jack-of-all-trades but the master of none. It supposedly increases your privacy multifold by bringing in the token-based payment system, but if you think about it, your IP is still part of their database.

Furthermore, one question comes to mind. Are CryptoStorm’s reputation and popularity high enough to support the token market? I think not.

Security-wise, they keep no logs, and this is always a good thing to see, but the speeds are average at best, the encryption protocols are good enough, but certainly not “astonishing” or “scary” like suggested in the official claims. It’s a far cry from that, actually.

The mother of all conclusions – CryptoStorm is not the best when it comes to security, it has been found to be lacking in all other aspects, there are leaks to talk about, and the ties with Douglas Spink is dubious and worrying.

If you want a premium VPN service that doesn’t go back on its word and provides exactly what it proposes – try NordVPN.

It uses military encryption protocols to ensure your privacy and protection when going online, it has a SmartDNS feature, leaving and geo-blocking far away in the dust, and it has a reputation to uphold. This is actually the greatest deterrent to take into consideration when talking about well-known VPNs.

As always, the choice is yours.

Our Rating

6.5

CryptoStormis extremely fast, simple and private: a truly standout VPN

Go to NordVPN Instead