HideMyAss! VPN is probably one of our favorite name for a VPN service ever (yes, we have a top 5), since you probably know how we are suckers for a clever play on words and stuff like that.
Why? It’s simple, it refers to hiding your traces and uses a donkey (ass), called “Jack” (get it? Jack-Ass?) as their logo, so they don’t accidentally offend anyone while at it. Jack might also be a reference to the founder of the company. Anyway, simple and effective!
Anyway, we won’t let the fact that we’re fans of their name choice affect our decisions along the way. We’re still giving it the same treatment, under the light bulb, details about their company, taking a really close look at their policies, testing their service against any slip-ups, you know, the works. Shall we begin?
How did the project come to life
According to their website, the project began in 2005, in Norfolk, England, when Jack Cator (16 years old then) decided to build a proxy website in order to bypass the firewalls at his school. While doing so, he discovered that numerous users are looking for this type of service and that’s how HideMyAss! came to life.
According to the founder, the first HideMyAss! product was created in a few hours by using a free open-source code that he implemented within a plain, simplistic website design, gave it a catchy, unconventional name and submitted it to Digg (the Reddit equivalent of 2005).
The evolution of HideMyAss!
As stated above, the first service was actually a free website. How did this work? Well, the users accessed the website, then typed a URL in a designated field and the website they were trying to access was delivered to them within the HideMyAss! one.
After promoting its newly-developed service for a while and building a steady user database, Cator started to include ads, in order to generate some sort of profit from his work. Without taking any venture capital funding, HideMyAss! was generating roughly around $1000-$2000 per month while the founder pursued a degree in computer science.
In 2009, Cator decided to focus on HideMyAss! more and, as a result, he dropped out of college and added a paid VPN service as part of his project.
How they became a “real” company
In the beginning, there was only Jack Cator. However, in the early stages of HideMyAss!, freelancers were hired to help with further development and running the project at optimal parameters.
In 2012, one of the freelancers he hired to work for HMA! decided to set up a competing business and Jack Cator responded by hiring the contractors as full-time employees and establishing physical offices in London.
Forwarding connection data to the FBI
In 2012, the UK government have sent a court order to HideMyAss! in which they demanded that the company provides them with information about Cody Andrew Kretsinger, who reportedly made use of the HideMyAss! services to hack Sony as a member of the LulzSec hacking group.
They knew about it all along
According to the article linked above and an article on their blog, HideMyAss! confirmed that they knew about the hacker’s operation that targeted Sony for some time, but no action was taken until the court order came into play.
There were some leaked IRC chat logs, where the participants discussed about the VPN services they used to cover their tracks. HMA! claims that they didn’t take action since there was no evidence of wrongdoing at the moment and also no way of identifying the accounts that have been used to commit those reported acts.
After they’ve received the court order (which is the equivalent of a subpoena in the US), they provided the authorities with the info they needed, stating that they don’t condone illegal activities while using their services.
Session logging practice
After deciding to aid the authorities, HMA! claimed that they don’t support illegal activities and similar services that refuse to cooperate with law enforcement agencies are “more likely to have their entire VPN network monitored and tapped by law enforcement, thus affecting all legitimate customers.”
More so, they admit to be carrying out session logging, which is used to record the time a user connects to and disconnects from their service, as well as the IP addresses of the servers the user connects to, but claim that the actual content of the web traffic is not recorded.
Some other HideMyAss! checkpoints
In 2013, they’ve introduced software to help users anonymize the traffic from their mobile devices and in 2014 they launched the HideMyPhone! service, which enabled users to make their calls appear to be coming from a different location (spoofing), but this service doesn’t seem to be available any longer.
By 2014, they had ten million users and 215,000 paying subscribers of their VPN service and made £11 million in revenue in that same year. By 2015, they became one of the largest VPN providers and in May 2015 they were acquired for $40 million by AVG Technologies.
They became part of Avast in 2016 after Avast purchased AVG Technologies. Jack Cator is still the HMA!’s chief executive.
2017 was the year that a HMA! a vulnerability was discovered. This enabled hackers with physical access to a laptop (Mac) to obtain elevated privileges (root) on the said device.
In 2019, several VPN providers, HideMyAss! included, received a directive from Russian authorities to join a state IT system that holds a collection of websites that are banned. In the event that they comply, HMA! users could no longer access websites that were blocked or be able to use Telegram (which has also been banned) through their VPN. Should they refuse to comply, Roskomnadzor may restrict access to the VPN service.
5, 9, 14 Eyes Alliance
Usually, this section is somewhat designated for VPN providers who claim to never share your data with intelligence agencies, the Government, law enforcement agencies, and so on. However, it’s been made clear that HideMyAss! won’t hesitate to provide authorities with your personal data, if these institutions demand them to by slipping them a court order or subpoena or some other similar official document.
The 5, 9, 14 Eyes Alliance is actually an agreement between multiple countries that, in case the need arises, lets them cooperate by sharing mass surveillance data. The initial agreement (BRUSA, later changed name to UKUSA) was signed in 1943, and it was between the UK (Britain-United) and USA, but as time passed by, more countries joined the initial agreement and turned it into an alliance of the sorts.
Complicated Terms of Service
We don’t know exactly how it was before, but as of this moment, the Terms of Service (End User License Agreement) HideMyAss! features on their website and during the installation of HideMyAss! VPN refers to multiple/all the products under the Avast umbrella (e.g. their antivirus solutions, CCleaner, HideMyAss! VPN).
No special mention is accorded to HideMyAss! VPN and the terms of service document are how you’d expect it to be from a power-player like HideMyAss!. It’s not exactly user-friendly, kinda difficult to follow and includes generic stuff like “you shall not use it without a license” or “you’re not allowed to use it to create a competing product” and the such.
You might need to check on the Terms of Service document every once in a while for changes. At the top of the document, you can find the version of the document and the date it was last modified. It’s your responsibility to check for changes and understand that if you keep using their services after such a modification, it’s the equivalent of you accepting the new, modified agreement.
Right from the top of the document, you’re informed that HideMyAss! VPN allows you to be anonymous and secure on the Internet if you use their VPN service, but (their words, not mine), that doesn’t mean that you’re totally anonymous to them (HideMyAss!).
All VPNs collect data
First of all, you have to understand that this “no data logging” stuff VPN providers feed you is just a myth. Every premium VPN service provider requires data from you, mainly so that they know who to deliver their services with, that’s why you’re required to create an account, secure it with a password and so on. Free VPN providers don’t require you to pay (with money, that is), since they usually have other ways to generate revenue (selling your data to third-parties, ads that are more often than not full of malware, the sorts).
The only difference here is that some VPN providers might require a minimum of personal data from you (some of them even let you slip with a temporary email address), while others have a huge fill-out form for you to put your private details in. HideMyAss! makes no exception here, since they don’t provide their services for free (except the trial), and, as a result, they require some data from you.
What kind of details they collect
On their website, this section is separated into multiple sub-sections for each scenario and we’ll only include the ones that matter to us (VPN-related) here.
When you register, HideMyAss! might collect your name, username, email address, password and IP address. Be aware that, should you stop using their services, this data might be kept for up to one year after that and as long as necessary to comply with their legal obligations.
Payment data collection
If you decide to pay for their services, note that they’re using a third-party payment processor that will handle the payment operation and this processor will receive all the details you’re submitting. However, it’s mentioned that these third parties they’re working with are properly regulated and that they’re forbidden to use your data for other purposes (marketing, for instance).
The kind of payment data they collect depends on the method you choose but might include your name, address, credit card information, geo-location data (IP-based), company name and EU VAT number.
If you decide to contact them
Should you consider contacting the HideMyAss! the team through their website, either by email or by using their live chat feature, the communications will generally be stored along with your IP address for up to six months. Under exceptional circumstances, these details could be kept for more than half a year. More so, the live chat provider (Zopim) may also collect and store information about you, which includes your IP address and these details are subjected to Zopim’s privacy and security policies.
Communications that happen outside of their website by various means such as email or by phone, will be stored, respectively recorded.
HideMyAss! claims that they don’t monitor the websites you connect to while using HideMyAss! VPN or store the details of those websites and that they collect “aggregated statistical (non-personal) data about the usage of the VPN mobile apps and software.”
Reportedly, this data is used to improve and monitor their services. For instance, they can use these details to limit your account to one connection (so that you can’t share your account), prevent abuse and fraud, and so on.
Furthermore, the collected data mentioned above is kept on their servers for up to thirty days, unless they need to hold onto it for longer.
Scrolling a bit lower on the document, we learn that, besides your data being shared with third parties according to the agreement, it will also be disclosed to any member of the Avast Group and that, since Avast Group consists of companies located in several places around the world, your data might be shared with companies located in countries that have different laws for collection and use of personal data. Not so encouraging.
Apart from these scenarios, your data might or will be shared with various payment processors in order to deliver the service you requested, with various law enforcement agencies or similar institutions or whenever it’s required to protect the rights or property of the Avast Group and protect them.
Data logging policy detailed
So here goes; they claim to log the following information when using HideMyAss! VPN: your license ID, the timestamp when you connect to and disconnect from their service, the amount of data used, the subnet of the IP address you used to connect to their VPN (“i.e. 220.127.116.113 becomes 92.145.233.000”) and the IP address of the server you’ve connected to.
Among the data they claim not to store or monitor you can find the originating IP address, you used to connect to their servers and details or monitoring results of the resources you connect to or data that you might’ve sent or received over their network.
How long do they store this data
HideMyAss! claims to store this data for 30 days on their secure servers and delete it on a rolling monthly basis. Thus, data stored on the 3rd of January will be deleted on the 2nd of February.
However, they also claim that if they’ve been notified or they determine that your account was used to perform illicit activities, they may store this data (your VPN data) for more than the “normal 3-month maximum.”. Wait, I thought there was a 30-day maximum.
Registering for an account
First of all, you need to access the HideMyAss! website. Locate the “My Account” button on the top-right corner of the page and click it; this should’ve redirected you to a “Sign In” form page. Somewhere below the fields, you need to fill you can find a “REGISTER A NEW ACCOUNT” button. Click it.
In the newly-opened page, you need to fill a bunch of credentials in the designated fields, which include your email address, a password, and password confirmation and hit the “Create” button. Your account will be generated in a moment’s notice and shortly after, you’ll be redirected to your account page (often called the “dashboard.”
Making use of the dashboard
HideMyAss! doesn’t provide you with an extensive dashboard, but they do a pretty good job at covering the essential stuff for your account. The main page of your dashboard holds your personal details (username, email, and password) and your licenses (if you have any). You can also purchase a new subscription plan (a license) for the VPN and redeem an activation code from the same page.
If you’re looking for more features, in the top-right corner of your screen you can see your username available as a clickable menu. Go ahead and click it. The newly-opened menu lets you navigate between your account’s homepage, the settings sections of your account, the download category, the support section and a log out button you can use to sign out of your account. The only settings you can change for your account are the email and your password.
Downloading the app on your computer
Right after landing on their homepage, you can notice a “Download” button in the top toolbar. Clicking it will redirect you to a page where you can purchase a subscription plan or download a free VPN trial.
Moreover, scrolling further down on the page will let you download the app for several devices, which include Windows, Mac, iOS, Android and Linux. Clicking any of the devices will show you the same dialog as above, prompting you to either buy a license or download a free trial.
Note that purchasing one license enables you to run up to five connections simultaneously.
If you’re more comfortable with the dashboard, click the menu that displays your username as instructed above to display the dropdown menu and select the “Download” option. This might detect the device you’re accessing the page from and suggest a download link for it at the top of the page as well as let you download a previous version and teach you how to install it on the said device.
From this dashboard download page, you can scroll down and see download links, Play Store links, App Store links and setup tutorials, depending on the device you’re focusing on. How you decide to download your app is now up to you.
Installing it on your computer
We’re only going to get into details on how you can deploy the Windows application on your computer since we believe that Windows computers are the most commonly-owned hardware in a household.
More so, setting up an app on Windows can sometimes present some particularities than doing it on other devices. Besides, how hard can it be to install an Android app or an iOS one from the stores’ pages? You just click install and it’s done in a matter of seconds.
The steps for installing it on your Windows PC are as follows:
- Double-click the installer (assuming you’ve downloaded it);
- Grant the app permissions to make changes to your device by clicking “Yes” in the User Account Control dialog (UAC);
- Select the language you want to be used during the setup and click “OK”;
- Accept the End User License Agreement (EULA) and click “Next”;
- Configure the destination path for HMA! Pro VPN and click the “Install” button when prompted;
- After the setup is completed, choose whether you want to launch HMA! Pro VPN or not and hit the “Finish” button;
Running HMA! Pro VPN on your PC
After you launch the application, you’ll notice that you’re required to either log into your account or enter a license key directly from the app. If you have an account, go ahead and provide the application with the credentials.
After doing so, you’ll be greeted by a welcome message and, after dismissing it, you’ll reach the application’s main screen, where you can start putting its features to good use.
At first glance, we feel that HMA! Pro VPN is a simplistic, yet effective app (design-wise). No flashy animations or over-encumbered menus, just the essential parts, neatly organized in the main window.
You can choose between three different usage modes: “Instant Mode” which automatically connects you to the best nearby server, “Location Mode,” which enables you to handpick the location of your choice and “Freedom Mode” that automatically connects you to a “free-speech” country in order to unblock websites and news.
If you want to access additional features, locate the hamburger button (the one that looks like three horizontal lines one on top of the other) and give it a good click. You can access the “Preferences” window, the “Account” section, the help center, the “About” section, and service diagnostics, but also lets you submit a support request and quit the app altogether.
Using the app: how does it feel like
First thing’s first, choose the usage mode you like, select a location if you chose the “Location Mode” and hit the “Connect” button. The app will display a loading screen for a few moments and display a notification when the connection has been established.
The loading time wasn’t too long and the good part is that it doesn’t vary depending on the server of your choice (or if it does, it’s not exactly noticeable). The “Location Mode” lets you sort the servers depending on how you plan on using them. Therefore, you can restrict the list to display only “Streaming” servers, “P2P” ones, all of them, quick access ones or a list of your favorite entries.
Getting down with the settings
If you like having full control over your connection, it’s possible to alter various options in order to achieve the configuration that suits you best. After clicking the hamburger button in the top-left corner of the window, select the “Preferences” option from the menu.
You’ll notice that the “Preferences” window has its contents organized in three different sections: “General,” “Network security” and “Kill Switch.”
The “General” section lets you adapt the behavior of the app to your liking by setting it to launch whenever your computer starts, automatically hide the app after starting it, show a diagnostics window when the app starts and display your recent connections in the “Locations -> Quick Access” section or clear this history altogether.
Configuring advanced settings
The “Network Security” category lets you turn on the VPN automatically when you’re connected to the Internet or set the app to ask you if you want to turn it on instead of doing it automatically, but also exclude trusted networks (skips connecting to a VPN when a trusted network is detected), randomize your IP address every once in a while (“IP Shuffle”) and use the OpenVPN TCP protocol only (recommended only if UDP is blocked or throttled on your network).
Last, but not least, the “Kill Switch” section lets you use the kill switch feature of the app, which prevents privacy leaks by blocking apps from accessing the Internet at any time the VPN is disconnected. However, this kill switch is an app-based one, which means you’ll have to configure the apps to cut the Internet access from manually, as opposed to having a global kill switch that cuts the Internet access from your entire system whenever the VPN connection is severed.
It is worth mentioning that you can configure IP Shuffle to renew your IP address every 30 minutes, hourly, every 6 or 12 hours, daily, or at a custom interval that you get to define. Note that this feature should be used in conjunction with the kill switch, since renewing your IP interrupts your connection to the VPN server temporarily, which is more than enough time for leaks to occur.
HideMyAss!’s list of servers
If you were even remotely interested in browsing the full list of servers you can connect to, you’ll notice that you have a bit of scrolling to do, meaning that the list isn’t exactly narrow. However, on their website, HideMyAss! boast about having “the biggest VPN network.”
The full list of servers is as follows:
|2||Svalbard and Jan Mayen||6|
|2||Antigua and Barbuda||6|
|2||British Virgin Islands||6|
|2||Saint Kitts and Nevis||6|
|2||Saint Pierre and Miquelon||6|
|2||Saint Vincent and the Grenadines||6|
|2||Turks and Caicos Islands||6|
|6||Trinidad and Tobago||6|
|2||Papua New Guinea||6|
|21||Republic of Singapore||76|
|2||United Arab Emirates||6|
|2||Central African Republic||6|
|2||Republic of Dijbouti||6|
|2||Republic of the Congo||6|
|2||Sao Tome and Principe||6|
The list of servers on their website states that they have 920+ VPN servers in more than 280 locations, covering more than 190 countries around the globe. While it’s far from being the largest VPN network server-count-wise, they do offer one of the widest coverage (location-count-wise).
Setting our testing tools
As you probably know by now, we’re going to perform a bunch of tests to determine whether HideMyAss! VPN can keep your connection secure and private as they claim or do they leak out of their every metaphorical pore. After seeing just exactly how secure their service is, we can get to test to see how fast their servers go.
We believe security is of the utmost importance when it comes to VPN services, so it’s natural that we place the leak tests in front of the speed tests. We’re going to use IPX to check for various connection leaks and Netflix’s fast.com service to check the speed of the HideMyAss! servers. Let’s begin.
Security results incoming
For those of you who lost their patience reading and want to jump straight to the security results, here you go. Now for the more patient ones among you, let’s get down to business.
For this test, we selected a server in Vienna, Austria. First thing’s first, our IP address, PTR, country, city, latitude, and longitude were successfully spoofed to match the ones of the server we’ve connected to. Moving on, the ASN, ISP, domain name and IP type were changed to AS9009 M247 Ltd, UK Web.Solutions Direct Ltd, ukwsd.com and, respectively, Non-Residential (Data Center).
As expected, IPv6 geolocation information was not available, the DNS server pointed to an address in Austria, in the same subnet as our IP address, and TLS test results came up looking good. Bottom line, there was no security leak detected on our side, so good job, HMA!
How fast can they go?
Now that we got the security tests out of the way, we can focus on the speed tests. In order for the results to be as fair and accurate as possible, we’re not going to pick the most convenient server to us and run a single test. Instead, we’re going to choose multiple servers, from several countries, run the speed test on each of them and post the results here. We’re aiming for a wide spread, so we’re trying to pick one server from each continent.
The speed test results are as follows:
- Austria – 61 Mbps;
- Australia – 26 Mbps;
- Brazil – 37 Mbps;
- China – 52 Mbps;
- Africa – 35 Mbps;
- USA – 59 Mbps;
As you can see, the speed values are more than decent and except a few regions, the connection speeds were constant and no major drops were noticed.
Services it can unlock
You know how various VPN service providers brag about their “largest networks,” “fastest servers” and that they can “unlock everything on the Internet” for you. And you probably know how Netflix, although available in more than just one country, has a restricted library for non-US customers. Well, one would expect that using a service that can make it seem that you’re in a different location (say, the US) might make it possible to unlock said content even if you aren’t currently on US territory.
Unfortunately, none of the dedicated streaming USA servers weren’t able to unlock Netflix for us. We tested for other services as well, such as Amazon Prime Video, Hulu and BBC iPlayer, but to no avail. Bottom line, you won’t be able to unlock these with HideMyAss! VPN, for the moment at least. However, social media platforms, Telegram, and other such censored contents could be accessed flawlessly.
Torrenting and TOR
We’ve attempted to download a file using a torrent client while connected to a dedicated P2P server in the Czech Republic. While the torrenting service worked (the download was initiated), we couldn’t help but notice that the download speed was greatly reduced. Notice in the attached screenshots the difference between torrenting with and without being connected to the P2P server (14x times slower).
Using the TOR service and browser does also work while connected to HideMyAss! VPN, but you need to take into consideration the following things: while adding an extra layer of security might make you feel more secure, your speed will be drastically reduced to almost nothing and you should also understand that TOR exit nodes generally allow unencrypted traffic to go through them, which might enable whoever’s monitoring that node to identify you. Using a VPN in conjunction with TOR adds a permanent exit node or entry point (depending on the order you use them, you-> VPN -> TOR or you -> TOR -> VPN), which can jeopardize the whole anonymity gig that TOR is establishing.
However, keep in mind that despite the fact that torrenting and TOR work, they’re not exactly encouraged if you have some shady purpose in mind, especially knowing that in case the need arises (cops come looking for you), they’ll provide them with the required data. We don’t condone illegal activities, but if that’s the reason why you need a VPN, you should probably reconsider.
Customer support experience
If you encounter any difficulty along the way, it’s nice to know there’s someone out there who’s got your back no matter what. So that’s what we were looking for in HideMyAss!, their customer support crew.
If you’re inclined to traditional ways of dealing with issues, you’ll be glad to know that they have a ticket submission system, where you need to type your email address (so they can get back at you, obviously), a subject and the description of your issue. They also provide you with a “mood” combo menu where you’re encouraged to tell them how you feel by selecting it from a list, another dropdown menu for choosing a category where your issue would fit best and an attachment section where you can add screenshots, logs and other relevant files.
However, they also provide you with a live chat option, where you can start asking questions and an agent will get back to you as soon as possible (we got a reply in a few minutes, pretty impressive actually), a knowledge base if you prefer handling business on your own and a community section where you can ask a question and other members of the community will try to help you.
Trial and money-back
If you want to take their VPN service for a test drive before committing to purchasing a subscription plan, you can do so, since they offer a 7-day trial for you. There’s a catch, though. You have to provide them with full payment details, since if you don’t cancel your subscription, you’ll start being charged for the annual plan, so you’ll have to be careful if you just want to check it out with no strings attached.
More so, if you do purchase a subscription plan, you benefit from a 30-day money-back guarantee. There’s a catch here too. You can’t ask for a refund if you purchased the service more than 30 days ago, exceed a 10 GB data threshold (download and upload combined), connect to their VPN service for more than 100 times or violated the EULA while using it.
HideMyAss! VPN price plans
Now it’s time to talk about money. Currently, HideMyAss! offers four subscription plans as follows:
- 1 Month plan – $11.99 per month – no discount;
- 12 Month plan – $6.99 per month instead of $11.99 per month – $83.88 billed every year (instead of $143.88) – 42% discount;
- 24 Month plan – $4.99 per month instead of $11.99 per month – $119.76 billed every year (instead of $287.76) – 58% discount;
- 36 Month plan – $2.99 per month instead of $11.99 per month – $107.64 billed every year (instead of $431.64) – 75% discount;
Note that the 36 Month plan is displayed as being a limited offer on the website.
Alright, so we know that HideMyAss! is a project that started low as a couch project 14 years ago, and it grew to become one of the most popular VPN services worldwide. The company is located in the UK, which is a member of the 14 Eyes Alliance.
They’ve been involved in some online outrages for sharing the data of one of their users after receiving a court order. Apparently, the said user was the culprit in a 2011 cybernetic attack against Sony, and HMA! didn’t hesitate to cooperate with the authorities, claiming that their service isn’t supposed to be a tool in performing illegal acts.
Downloading and installing the application on the devices of your choice can be accomplished without too much effort. The interface of the app is simplistic, yet stylish. It’s also possible to perform a bunch of configurations if you’re the tinkerer type, but nothing too fancy.
Their server network provides you with access to a wide selection of countries, but the server count isn’t exactly tremendous (compared to other providers), as opposed to how they advertise it on their website.
Extensive customer support is available for you, ranging from the standard ticket submission system to a live chat, knowledge base and community page where you can have other users help you with your service-related issues.
HideMyAss! VPN offers a leak-free connection with decently fast servers. You can download a 7-day trial to test-drive their services and benefit from a 30-day money-back guarantee but beware of the implications. Not that there’s anything shady, just that you have to meet some requirements in order to be eligible for a refund.
They offer airtight security and good server speed, but can’t unlock Netflix or other similar entertainment services and do appear to throttle the download speed when you torrent while connected to their VPN services.
Their subscription plans are not exactly the cheapest (if you take the monthly plan’s price), but at least they give generous discounts for the larger ones.
Bottom line, if you’re not bothered about the fact that HideMyAss! collects a lot of data from you while using their VPN service and, should the need arise, will share it with the authorities, then you can use it. We get the fact that they help to fight against criminals, but truth be told, privacy is what you’re paying for and you should have it. Personally, we wouldn’t recommend HideMyAss! VPN.
+ Good speed; (4)
+ Leak-free connection; (5)
+ A lot of countries covered by their VPN server network; (4)
– Collects a lot of data, keeps logs and will share your data with authorities if the need arises; (0)
– No Netflix, Hulu, BBC iPlayer; (1)
– Torrenting works but throttled; (1)
– 14 Eyes Alliance; (1)
– Not the cheapest monthly subscription; (2)
We grant HideMyAss! VPN a 2.25/5 rating.