I mean, it seems that this problem is unique to Proton, so even with this addition it still doesn’t meet the requirements.
I also really don’t understand the mindset of “oh no, ProtonVPN doesn’t meet the requirements, so let’s change the requirements to allow us to keep recommending ProtonVPN”. We can separately change the requirements if they don’t make sense, but it seems completely spineless to do so only to protect a brand.
They can call it a “weak kill switch” or whatever and clearly explain that OEM / 1p apps are exempt. In my view, the definition of the term “kill switch” is fixed, and they better not obfuscate it.
Educate, not obfuscate.
Well, if my proposed change still excludes Proton, so be it. 
I guess I should have been more clear. Some people bring up iPadOS and iOS as an argument for keeping Proton, which is fair since if you interpret the current criteria literally, no VPNs can make the list. In other words, the current criteria is unenforceable.
We require all our recommended VPN providers to provide standard configuration files which can be used in a generic, open-source client. If a VPN provides their own custom client, we require a kill switch to block network data leaks when disconnected.
I proposed to change it to:
Perhaps instead of beating up on whichever VPN, we should be focusing on Apple. They are the problem.
From IVPN -
When using Apple services on iOS 16+, a VPN connection does not fully protect your privacy against Apple. Even with an active VPN connection and kill switch enabled, traffic from your iOS 16+ device to Apple servers can leak outside the VPN tunnel and expose your local IP address to Apple. For this reason, during the next release we are removing the kill switch feature from the IVPN iOS app. Connections to non-Apple servers are not vulnerable to this leak, thus general privacy benefits of your VPN connection are unaffected.
This is actually one of the reasons why I reckon that it might be a good idea for VPN clients to start being evaluated separately from the VPN providers themselves, since many features of various first and third-party VPN clients may be dependent on specific OS capabilities and lower-level APIs that they provide for them to be possible. A couple examples of this seem to be:
IVPN literally was just only able to introduce certain features (like V2Ray) into their Android client app recently, despite their other clients having those features on other platforms, because of some complications with the Android networking stack that they had to sort through.
It was only recently that Apple released APIs for iOS and iPadOS that would enable developers to manage and block internet requests with various DNS blocking and firewall apps.
Those were only for the mobile platforms for sure, but similar reasoning can apply to desktop operating systems as well. Not to mention, there are probably many various networking management stacks and drivers that are used on Linux distributions, adding challenges to VPN client development on the Linux side as well.
Another reason why ProtonVPN should not be specifically targeted for removal, is because features of various first and third-party VPN clients may be dependent on specific OS capabilities and lower-level APIs that they provide for them to be possible. A couple examples of this seem to be:
IVPN literally was just only able to introduce certain features (like V2Ray) into their Android client app recently, despite their other clients having those features on other platforms, because of some complications with the Android networking stack that they had to sort through.
It was only recently that Apple released APIs for iOS and iPadOS that would enable developers to manage and block internet requests with various DNS blocking and firewall apps.
Those were only for the mobile platforms for sure, but similar reasoning can apply to desktop operating systems as well. Not to mention, there are probably many various networking management stacks and drivers that are used on Linux distributions, adding challenges to VPN client development on the Linux side as well.
You okay with “weak end-to-end encryption”? If not, why not?
How about, Educate, not sell.
Start a separate thread about iVPN or a thread on changing the criteria and other such inaccuracies of the VPN page?
My point being is that removing Proton sets a precedent.
Yeah, a good precedent: PrivacyGuides follows its own rules and requirements and no brands are above them
Then it’s fair to bring up other providers that also fail to meet the standard.
Not in this thread. You are free to make a new thread about IVPN’s iOS killswitch if you choose. This thread is about ProtonVPN’s failure to meet requirements on macOS.
Good idea. Merry Christmas all, and happy new year.
Thank man, you too! Have a good one.
I agree with removing Proton, because even if PG is to change its criteria, that should happen in the future. Proton currently does not meet the criteria as others have explained it, so it should currently be removed with scope for reintroduction after criteria is changed.
I also understand why there is so much pushback against removing a popular tool like proton VPN. It is free (most of their users like not paying for a trusted VPN), it is easy to use (with guest login on android), and the company makes all the right noises (supporting other projects with raffle, privacy advocacy, etc.).
Part of it is also “I researched a lot and chose this service so any deficiency in the service means a deficiency in my selection, so I hate it”, which has been the core of all tribalistic debates around desktops, OS, services, etc.
But Proton has done this several times. They knowingly keep marketing to high risk individuals and people with security needs, and then offer subpar products that put people who would need them to work in danger. It is callous and reckless, so I would hope the community here (and especially the administrators, since they are the B(?)DFL of the site) can look past the marketing and desire to protect the only semi functional suite of easy to use private (?) tools, and delist Proton VPN for leaks beyond what the platforms make impossible to hide.
This thread includes some fairly pointed sentiments leveled at the Privacy Guides team and their impetus to act swiftly, so I just want to point to @nateb’s reply in a related thread.
The team will discuss the killswitch issue(s), but it’ll take a some time, in part due to some of them taking time off for the holidays:
In the meantime, if you wish to add nuance to the discussion and its eventual conclusion, one approach could be to aid in an overview of which providers are affected on what platforms, such as discussed here:
Good to know I guess.
That’s actually a good idea! The question becomes what is the scope of providers we consider therefore? I think this would broaden the scope to others like VPS ?
I personally don’t think Proton VPN should be removed. It kill switch works fine on Windows and Linux, which 90% of people use. We should put a warning now, and warn against their macOS clients should the issue persist.
Also, it’s the only free option that doesn’t harvest your data and is trustworthy. (Windscribe has a very limited free plan)
Lol, I said a “weak kill switch” or whatever. I came up with that name on a hunch with no thought involved. The point is that they should call it a different name. You focused on the small things and missed the big picture.
Lol, words mean things, no?
This is a place for discussion which folks seem take seriously. Not a ramble house, unfortunately.
What’s that big picture?
Depending on how VPNs are marketed, “killswitch” may or may not be important; but, the case today is, they seem to be important given how they are marketed/sold: Change Proposal on Privacy Guides Recommended VPN Providers Page - #37 by ignoramous
I thought this was a smear campaign attempt because, so I never clicked the thread. But now after having read the OP, I see no reason to not remove it. This doesn’t mean I’m gonna stop using protonvpn personally..
So either we make OS-specific recommendations for VPNs like we do with mobile browsers, in which case we can recommend protonvpn on non-MacOS and possibly non-Linux, or remove protonVPN outright. I’m not a fan of OS-specific recommendations so I am fine with removing it outright.
I’m personally surprised there’s no kill switch on Mac, so this is news to me.
Edit: I haven’t read the full thread as of yet, so I’m wondering if anyone has brought up implementing OS-specific recommendations? This does not require us to change the criteria, only that we indicate which OS we recommend it on like we do with mobile browsers.
There is, it just may not work all the time and as intended always. And that could be the fault of the app/service provider or the OS/device maker. It’s hard to say with certainty but I think it’s mostly if not fully Apple’s fault here (as I understand it).
I of course mean a working, proper kill switch given the context of the thread.