It’s not open source, but they claim it’s KPMG audited.
The main target audience which differentiates it from any others in the field is those who are boycotting Israeli tech and affiliations.
Problem is, the anti-Israeli population is a huge and growing market in light of current genocide, but for them to drift to a solution that isn’t open source and proven like Proton, Mullvad, and the rest, is very problematic imo.
Their original app Boycat is an app for, well, boycotting. Searching and browsing products to see if they have any affiliations to Israeli, the level of that affiliation (close to BDS), and what alternatives there are.
I’d have hoped they stayed in their lane because they don’t have any background in privacy/security. But I thought I’d ask here about this kpmg audit thing and whether it’s sufficient for some trust at least?
I didn’t make the comment, but here’s 1-min explainer on the benefits of wireguard:
The wireguard protocol is basically the industry standard for many reputable VPN providers in 2025, even their basic/pro plans.
I appreciate that boycat appear to stand for something relative to the average shady VPN company, but generally speaking, you can get more for less from a reputable VPN provider, and if boycat cared more about their users than their bottom line, wireguard would be the default instead of an upsell option.
Politics aside, is there even a need for this kind of service? I don’t get it.
Is there any major VPN provider that has strong affiliations with Israel…?
Since there are so many different VPN services, surely lots of them aren’t affiliated with Israel, giving users lots of options.
Well you can’t have politics aside, cause that in itself is a political position.
And even if you don’t agree, it’s a fact that a growing majority of populations are becoming sick of any affiliations to Isr..
So it’s important to discuss this from a security perspective and pressure any service that claims to offer that specific political ethical position to up their game in terms of security and Privacy.
They’re a modestly big firm, but this is just a rubber stamp stating they’re a real business and they did a thing.
ie. basically a useless piece of paper.
I mean I know it’s one of the BIG FOUR and all that. But I’m wondering if such a stamp is worth anything in cyber security. If so, what makes it a useless piece of paper? Also, shouldn’t that audit results be made public?
Unless the politics is related to a specific threat model then yes, it’s irrelevant and not part of our criteria.
Now getting back to the criteria. They claim KPMG audit, but there is no document attesting that so as far as we are concerned that could be a false claim.
And my point about politics and reason to merely seek discussion and scrutiny here is the fact that thousands are expected to flock to it, thousands who are attracted by a politics rather than any robust technical reasons. So it’d be good to warn against any bad technical design and provide actual guidance and recommendations on how to start becoming smthn that’d meet the standards of Privacy Guides, let alone any serious security standard.
and whether that alone warrants some trust or not?