Can AdGuard VPN be trusted?

Well, there’s wipr for a one time payment of 2 bucks. It’s not open source, but nor is Safari, and you can simply use the 3 extensions which use Safari content blocking api and don’t need any permissions. Wipr is also super lightweight compared to adguard and doesn’t slow down Safari.

Another popular one is 1blocker for 15 bucks per year. More advanced and customizable than wipr, but I don’t see the point of a subscription model for an adblokcer.

Open source options inlcude ka-block which has been abandoned for the last two years, but recently someone has made a fork called adzap.
Also there are the infamous adblock and adblock plus, which are open source, but have the “acceptable ads” programs which can be disabled, but they have also paywalled some basic content blocking like cookies notices, annoyances, etc.

Update: when you install firefox focus for iOS, in addition to the browser, you’ll get an extension for safari, again doesn’t have any permissions to read browsing info, also open source, and does decent job of blocking ads. Not as thorough as wipr and 1blocker, but still free, open source, enough development momentum behind the app and extension

Of course I did. The removal notification from Apple was announced very recently, prior to that, AdGuard as the most popular VPN service in Russia was working just fine. And even now, android users can continue using the adguard VPN in Russia without any problems.

I feel like there’s some serious mental gymnastics going on here: Why would Russia remove AdGuard VPN from the iOS App Store if it were compromised??? Wouldn’t they want to leave it up?

How could a company violating the law can have a Russian bank account? And the payment option asks the user’s phone number… how convenient for a VPN trying to evade government surveillance

Russia is not one person. One part of the government makes things compromised, the other is blocking. Also, some laws may contradict others.

For example, if an institution blocks an emergency exit, they will be fined by the Fire Service. If they doesn’t block it, they will be fined by the counter-terrorism service.

There are significant security concerns with AdGuard that have not been fully addressed. Although the company has moved its headquarters from Russia to Cyprus, a closer look at AdGuard’s LinkedIn profile and their official response to Setapp allegations post-war reveals that the Cyprus office is essentially a shell.

I was going to comment exactly this, as this is the exact same impression I got from reading about them. OP is most likely asking this question because their ISP traffic, if intercepted, can land them in prison or worse.

Those of us who live in the West now, like me, have a tendency to forget the life-or-death urgency and severity of surveillance like this in Russia, especially at this point in the war. In this light especially, my opinion is not to trust AdGuard, and to opt instead for other solutions proposed in this thread.

For Russian residents in particular, the services that are proven to be hosted and operated in the West, and have a respectable track record in protecting dissidents and vulnerable populations, are crucial, and the only ones to be ‘trusted.’

@anon87551335 и все остальные нормальные люди в России: держитесь.

More context about Cyprus and its use by Russia as their base in the EU here.

PS: I saw the user was suspended, and I don’t know what happened in this thread earlier, but I’m just going to leave this here anyway.

This thread smells like racism, it stinks.

it’s funny that the Russian people posting here are totally fine with the lack of trust to their government. But this subject is so damn racist for someone having the luxury of living in a western free and democratic county.

Just to be clear and not being accused of being racist again and again. No one is accusing anyone in AdGuard just because they are Russian. There are some evidences that they have operations in Russia, and they are accepting Russian local payment system, which requires the user’s phone number, they also have possible ties to a Russian VPS provider. they could be easily forced / persuaded to let the Russian government take over or they have to hand over all their data. Because the Russian government is a totalitarian regime with NO REGARDS for data privacy laws.

Privacy Guides should not be recommending such service, most importantly, to Russian people, or people who could be targets for Russian government, as there are clear evidences that needs to be discussed and concerns that need to be clarified by the AdGuard team. before then, a general recommendation of AdGuard is not a responsible thing to do imo.

What does the @team think about this? Does it make sense to remove a recommendation when there is zero evidence of any wrong doing?

Can you share what additional information you’d like from them?

I already shared that with them, but it didn’t seem to satisfy any of there questions.

I still have seen zero evidence of wrong doing by Adguard in this thread besides wild speculation and fear of anything Russian.

of course. here’s the list of concerns, so we can have them in one place:

• Two years ago they stated on Reddit that they have a head office in Russia, but in their official response they also stated that they are in the process of moving their staff to Cyprus. Has there been any progress here? We have literally zero update on this for two years. Do they still have a head office in Moscow?

• Since they are offering a VPN service to bypass the Russian’s internet firewall, they are practically breaking the law in Russia. how they manage to do this while accepting Russian local payment system? The Russian local payment system is processes through passport.yandex.ru. Yandex is practically a Government owned entity since the sales of the Russian assets to the oligarchs.
  https://www.reuters.com/business/yandex-nv-says-first-phase-russia-divestment-deal-is-complete-2024-05-17/

• What is the relationship of AdGuard with the Russian VPS provider, Serveroid. What is the nature of the working relationship between one of the founders, Igor Lukyanov, and Serveroid?

I created a post on Reddit: https://www.reddit.com/r/Adguard/comments/1e86cgc/adguard_needs_to_address_some_concerns/

Please upvote it if you can.

I’m not sure if we need to bring discussions here to other platforms.

I tried contacting them via email, but it bounced back for some reason. It’s only fair if they get a chance to clear things up.

Most of them are Russian - and also still living in Russia and Moscow region.

They do have an office in Cyprus… Yes. (Overall: You can find a lot info about making an EU office within Cyprus - and why some companies are doing this).

For example: https://www.icij.org/investigations/cyprus-confidential/cyprus-russia-eu-secrecy-tax-haven/

Overall: Also Russian developers need to earn money.

To be clear, I’m not suggesting that AdGuard be removed from recommendations. I actually use it myself, except for their VPN, and I pay a yearly subscription. I don’t care about the possibility that the Russian government may get my data, because I don’t live under their jurisdiction, and it is not part of my threat model. The same way I use TikTok because I don’t care that the Chinese government may get my data.

Re: racism. People who suggest that the services owned and operated by Russians (the people) or on Russian territory (the government) should not be listed here, because Russia/Russians are “committing atrocities” are clearly taking sides, yes. The West is committing atrocities too. So you can say that’s “racist.” I don’t believe that any service should not be recommended solely for political reasons. Because then, no service will ever be recommended. This was said elsewhere on these forums and I agree with this 100%.

My suggestion to use Western services was directed towards people living under Russian jurisdiction, not everyone. Sorry that was not clear. Currently, Russians criticizing the Ukraine war (or simply talking about it), or talking about topics such as LGBT, or a million other things, are considered to be committing crimes punishable by long prison sentences, forced conscription, etc. The Russian authorities are currently trying to monitor everything they can get their hands on, including apps like Telegram (where a lot of LGBT Russians are trying to communicate and help each other, for example) in an intense effort to repress dissent.

I am not saying this should be mentioned or included in any sort of recommendations here. My point was in response to OPs initial thread post, since to me it seemed pretty obvious they were a Russian citizen trying to make sure they would be using a VPN not monitored by their government. They were suspicious that even though many Western VPN services are banned there, this one is not.

I did not mean to provide my opinion on the general topic of AdGuard or their trustworthiness, but for what it’s worth, I don’t think it should be removed.

Last point: criticizing a government does not mean criticizing the people. All governments in this world are extremely hostile to at least a subsection of their citizens, including Western governments. Criticizing Putin, or his regime, or the war, is not russophobic. I say this as a Russian by birth. This applies to any other government or regime: I’m just as against the US government as I am against Putin. It doesn’t mean I hate Americans.

Hi everyone, my name is Andrey, and I am one of AdGuard’s co-founders. Let me please try to address the concerns and do a small Q&A. I see that some people are mentioning the official response to the SetApp blog post that was made in the first months of the war, and a lot of things have changed since then.

No, it does not. We have a small office in Limassol and rent a couple of coworking places in different parts of the globe, but since COVID, most people work remotely. I personally live in Limassol and visit the office daily (although not during summer; Cyprus summers are a bit too hot for me).

Most of the company’s employees relocated in 2022. There were two big waves, one in March 2022 and the other in September 2022. That said, we still have a bunch of contractors that reside in Russia, including part of the support service, a couple of QA engineers, and part of the content management team. As long as it’s not required by law, we’re not going to force people to move out, as we know very well how hard it is. At the same time, we do encourage people to move closer to the head office.

The same way it works in China, Iran (nowadays much worse though; blocking there is insane), or Turkmenistan. The AdGuard VPN protocol was designed to be hard to distinguish from normal website traffic. At the same time, our websites are blocked in Russia. Even adguard.com, the ad blocker’s website, is blocked there for who knows what reason.

No, we don’t. Even though we regularly receive data requests from different authorities, we don’t record logs (in compliance with Cyprus laws) which is why we cannot share anything. We also don’t have servers in Russia (or India, for example), and that’s why we don’t have to comply with their local laws on storing data.

Senior employees with high access rights do not reside in Russia. However, I don’t say this is a guarantee (and I wouldn’t focus on just one country authorities here btw).

That’s why we seek solution in the transparency of our software. When it’s possible, we make it open source. When it’s not possible, we try to explain how to audit it. We document every bit of information that’s sent to the servers, answer any questions when asked, and don’t hide information.

Our transparency is also the reason why we’re sometimes criticized for our origin. If for 15 years that we were developing software this is the only problem with AdGuard then I can live with it.

Local sales in CIS countries are the responsibility of the distributors from other CIS countries (Kazakhstan, for instance) that can accept payments from there. AdGuard, of course, does not (and technically cannot) have any bank accounts in Russia. It is allowed to sell VPN software to regular people there, but I don’t think it will be like that forever.

Selling a company is quite a slow and problematic process. This is one of the reasons why now 100% of AdGuard company belongs to me and he is not a shareholder.

Anyways, thanks for the questions! This topic pops up here and there, and I never had a chance to address all these points properly.

I hope that our policy of being transparent at least makes it easier for the readers to make a choice. What choice you make is up to you; I am here just to answer questions.

Hi Andrey,

Thank you for taking the time to address the concerns discussed here.

I’m mostly satisfied with the answers you provided here regarding the Russian local payment system, the VPN situation and AdGuard’s office in Russia. Still, you should have been more transparent regarding the relocation of your employees to Cyprus and the closure of the Moscow’s head office. After setApp debacle, you hadn’t give your users any updates on this matter and have remained silent about it. Considering this is a very important factor for users concerned about potential ties with the Russian government, I encourage your company to be more transparent in this regard.

Lastly, about the ownership situation. Is there a way we can verify your claim that you are the sole owner in AdGuard? You are a respected and well known guy in adblocking community and I’ve seen posts/videos from you on Youtube, twitter, hackernews forum, etc.
But, you are one of the main founders of the company beside Igor Lukyanov (former COO), Dmitry Zaytsev (former CEO). Could you please shed some light on why Igor and Dmitry decided to sell their shares to you and when these transaction happened?
I also found out that AdGuard had a VC investor at one point, and you’re implying that they’ve also exited.

Since Adguard seems to be a very profitable company with millions of users, I wonder why everyone else decided to exit and sell their shares?

Thank you for taking the time to address everything. I believe that this is definitely reassuring to everyone who might have had some doubts.

As a little excuse, the last 2.5 years have been rather crazy for us, literally every day was a new challenge we had no experience dealing with before. Booking a charter flight to Kazakhstan (all other destinations were already bought out) for the first relocation wave, then helping 50 people find the way to Cyprus and settle in a country completely unfamiliar to them. And at the the same time myriads of other issues happening one by one. SetApp debacle is one example that got some publicity, there were dozens of similar things happening in private. I am happy with the fact that we were able to stay more or less operational during these turbulent times.

Anyways, sorry for whining, it just brought back some memories

I agree that we should have provided updates, and that’s why I’d like to thank you for the questions. Without them, sharing all these details might have seemed somewhat uncalled for.

This information is available in Cyprus companies registry, but as far as I know it’ll cost a small sum of money to unlock it.

This is a sensitive question as it’s not just about me and AdGuard so I’ll try to be careful with what I share without asking for permission. It happened at the beginning of 2023. Dmitry decided to move on. I hope Igor will come on board when it’s possible.

You’re probably talking about the prize we won in 2016. Back then, we decided to stay independent and not take any VC on board.