TunnelBear VPN Review

TunnelBear VPN does not log usage data that can lead back to you.

Its logging policy is simple, privacy-friendly, and transparent, listing all the data collected alongside reasons for doing so.

Close to being no-logs

Crucially, TunnelBear doesn’t keep browsing history records, DNS requests, originating IP address, or connection timestamps. In other words, the service is close to being completely no-logs.

The only personally identifiable information TunnelBear logs is your email address, to prove you have an account. There are no logs that reveal which websites you’ve visited.

TunnelBear’s transparency reports

The company also issues an annual transparency report detailing any government requests for user data.

Worryingly, TunnelBear admits to confirming a user’s email address to authorities, although it has never handed over usage information.

No server breaches or logging scandals

There have been no known incidents of server breaches or logging scandals associated with TunnelBear.

TunnelBear is based in Canada

TunnelBear was established in 2011 in Canada by Daniel Kaldor and Ryan Dochuk. It was subsequently acquired by antivirus software company McAfee in early 2018.

The VPN company still operates a separate team within McAfee, meaning the same employees continue to work on the VPN post-acquisition.

As the privacy policy states, by using TunnelBear you are authorizing the company to:

“Use your information according to Canada’s laws, regardless of which country you are located in.”

Subject to Canada and US data laws

While TunnelBear’s headquarters are in Toronto, its new ownership means that it’s also subject to US data laws.

Both the US and Canada form an integral part of the Five-Eyes data-sharing alliance, an organization designed for powerful nations to collect and share surveillance intelligence.

Moreover, both jurisdictions are known to prosecute for minor copyright violations, which is important information if you want to use a VPN for torrenting.

While TunnelBear can be subpoenaed by Canadian and US authorities, its robust logging policy and regular transparency reports prove it’s still a trustworthy and private VPN.

Independent audits prove TunnelBear is safe

To prove its commitment to transparency and user safety, TunnelBear has undergone several independent security audits.

In January 2017, Byte 255 looked into TunnelBear’s code and published the results on Hacker Noon. The article concluded the VPN has no privacy flaws and doesn’t collect any unnecessary telemetry data.

TunnelBear also commissioned cybersecurity company Cure53 to carry out four yearly independent security audits since 2017. These audits looked into TunnelBear’s apps, code, and infrastructure.

In 2019, Cure53 discovered 12 vulnerabilities of varying severity, and helped TunnelBear fix them and future-proof them. The audit concluded that TunnelBear is “a clear frontrunner among its VPN competitors when it comes to security.”

In 2020, there were “two low, two medium and one high-risk vulnerability” identified. TunnelBear claimed to fix the high-risk vulnerability immediately.

While it’s great that TunnelBear commissions regular audits, we are concerned that the auditor continues to find vulnerabilities.

TunnelBear has been slow in the past, but our most recent speed tests show promising improvements.

On local connections, TunnelBear is even faster than top VPNs like ExpressVPN, IPVanish, and Surfshark.

Surprisingly, the free version of the VPN is just as fast as the premium version, if not faster at times.

To test the VPN service’s speeds manually, we recorded our internet speed before and after connecting to TunnelBear.

In essence, TunnelBear’s speed performance has been improving over time, with fast speeds on both local and international connections.

However, we did experience some connection drops during testing, and it generally took a number of seconds for the app to connect.

Long distance speed tests

TunnelBear’s international speeds are very strong. We recorded a speed loss of just 30% connecting from the UK to the US.

This UK-to-US speed loss is similar to what the fastest VPNs deliver.

TunnelBear’s speeds connecting to Europe are also very fast, which is optimal for streaming European video content buffer-free.

Connecting to Australia was slower – a 43% drop – but this is typical considering the distance, and is actually a very good result.

Equally, just 15% speed loss connecting to Germany from our UK location is very strong.

TunnelBear’s speeds aren’t the best international ones we’ve tested – Hotspot Shield’s are even quicker. Nevertheless, they’re more than fast enough for smooth HD streaming.

TunnelBear’s speed compared to rival VPNs

We tested TunnelBear’s speed manually, but we also run automated speed tests using our in-house speed test tool.

The graph below shows TunnelBear’s average download speed loss compared to rival VPNs. The lower the percentage the better.

These results are based on daily tests we run on our New York server. We cap speeds at 100Mbps to recreate a typical home internet connection.

As you can see from the chart above, TunnelBear is lagging behind top VPNs both in speed and consistency. At times, speed loss was as high as 45%.

The ideal VPN is consistently fast, like ExpressVPN, with only 5% speed loss.

TunnelBear’s ping score over this period isn’t good, either. Latency was as high as 71.48ms. On the other hand, NordVPN’s was only 3.03ms.

TunnelBear is a mixed bag when it comes to streaming. It does manage to unblock region-restricted content on US Netflix and HBO Max, but it fails when it comes to Disney+, BBC iPlayer, and Hulu.

All other Netflix libraries, and other platforms we tested, all detected that we were using a VPN or proxy.

If the US server that streams Netflix stops working, the lack of city-level server locations means there are no backup options.

Clearly, TunnelBear hasn’t invested any resources into unblocking streaming services.

However, we did have success streaming from US-exclusive HBO Max and Amazon Prime Video. If you’re fans of these platforms you can use TunnelBear. But we can’t guarantee its reliability.

TunnelBear Free Streaming: Unblocks US Netflix

TunnelBear Free is currently able to access US Netflix – one of the only free VPNs to do so. It can also get around HBO Max georestrictions and UK blocks to access BBC iPlayer, All 4, and ITV Hub.

The problem is its 500MB data cap that won’t allow you to stream for long.

The one positive is that free TunnelBear data accumulates instead of refreshing from scratch every month. So if you don’t use it for a few months, you’ll have far more data to stream.

Although you can torrent on any TunnelBear server, the VPN is not very good for torrenting. None of the service’s servers are optimized for P2P.

Officially, if the company believes you have violated copyright law, it retains the right to terminate your account without notice.

The company’s support team clarified to us that users should be able to share files on the network. They recommended using servers in Canada, US, UK, Romania, Netherlands, Germany, or Sweden.

We tested TunnelBear’s torrent speeds using qBittorrent and uTorrent. The VPNs torrent speeds were much slower than the top-rated torrenting VPNs.

TunnelBear recorded an average bitrate of only 2.9MiB/s. This is poor compared to IPVanish’s download bitrate of 9.9MiB/s, and ExpressVPN’s of 9.4MiB/s.

At least the VPN’s kill switch, “VigilantBear,” worked well on Windows, macOS, and Android devices. It kept our IP address concealed during sudden VPN connection drops.

We also didn’t detect torrent IP leaks, plus the VPN’s logging policy is private enough for safe torrenting.

Torrenting is also permitted on TunnelBear’s free VPN. But the 500MB/month data cap prevents you from downloading many files.

Despite its playful design, TunnelBear takes its privacy seriously. This is a secure VPN.

Both the free and paid versions are highly encrypted, using the AES-256 cipher for Windows, macOS, and Android.

OpenVPN protocol is default and the WireGuard and IKEv2 protocol is also available on iOS and Windows.

Both IKEv2 and OpenVPN are secure and reliable VPN protocols, though OpenVPN is the current industry-standard.

IP, DNS, or WebRTC leaks

IP and DNS leaks can expose personal information like your IP address, physical location, and browsing activity.

Using our IP and DNS leak test tool, we can confirm TunnelBear passed all our VPN leak tests.

The kill switch also worked to shield our IP address on Windows, macOS, and Android.

TunnelBear operates its own zero-log DNS servers and it doesn’t record any of the websites you visit. This also ensures your ISP isn’t able to monitor your web browsing activity.

When Mozilla released Firefox 73.0, many VPN browser add-ons began to leak WebRTC requests. So did TunnelBear’s, but the service’s engineers fixed the issue almost immediately. Now all of TunnelBear’s browser extensions are leak-free.

Full disk encryption and private DNS servers

A report by the Center for Democracy & Technology also reveals that each TunnelBear server is protected by full disk encryption, malware scans, and intrusion protection software.

TunnelBear VPN also uses private DNS servers, perfect forward secrecy and a secure Diffie-Hellman key exchange. The latter ensures you’re connecting to a verified TunnelBear server every time you use the VPN.

Narrow range of good security features

TunnelBear offers a small selection of advanced security features, including:

VigilantBear (Kill Switch)

TunnelBear’s VPN kill switch is called “VigilantBear.” It blocks web traffic if the VPN connection gets disrupted. This prevents your true IP address from being exposed, and is an essential feature of any top-tier VPN.

VigilantBear is available on Windows, Mac, and Android devices, but not on iOS devices.

This is very common due to Apple’s strict guidelines, but it’s not impossible and VPNs like Private Internet Access offer a kill switch on iOS.

GhostBear (Obfuscation)

Another useful feature is TunnelBear’s GhostBear protocol.

It’s designed to mask your VPN traffic as ‘normal’, making it harder for governments, businesses, and ISPs to detect and block your VPN connection. It will slow your traffic, though.

There’s also RememBear (password manager) and SplitBear (split tunneling) for Android.

Missing extra tools

Aside from the features above, TunnelBear isn’t very configurable and lacks more advanced security settings.

For example, there is no port forwarding or double (multihop) VPN, and you can’t control your encryption settings.

Trackers, malware, and permissions

We used the εxodus tool to scan TunnelBear’s Android app for trackers and dangerous permissions.

Reassuringly, we can confirm the Android app contains no trackers whatsoever.

This result is ideal for privacy and isn’t as common as you’d think. Some of the best VPNs contain marketing and bug trackers – even NordVPN has seven.

While TunnelBear might need to wait for users to report crashes instead of actively tracking them, this method is preferable for those seeking the highest levels of privacy.

The app also uses eight permissions, none of which are of concern. Finally, we put TunnelBear through a virus and malware scan to test for any malicious software it may contain, and we found none.

On paper, TunnelBear has the right tools to bypass strict web censorship, especially in China.

In reality, it can’t beat aggressive web censors, unlike these anti-censorship VPNs.

Its obfuscation feature, GhostBear, is still good for connecting out of less aggressively-censored countries like Turkey or Iran.

In fact, as part of an anti-censorship initiative, TunnelBear has offered 10GB of free data to its Iranian, Venezuelan, and Belarusian users.

The GhostBear protocol disguises (obfuscates) VPN traffic to bypass deep packet inspection (DPI) and VPN blocks. The protocol is built into the app and included on Windows, macOS, and Android.

To enable the GhostBear feature, access the settings menu and navigate to “security.” Here, check the box marked “GhostBear.”

TunnelBear does not offer live chat support. Instead, there is a chatbot incapable of answering many simple questions.

Alternatively you can send an email via an online form. But you have to be an already existing TunnelBear customer.

For a VPN aiming to provide a simple experience for beginners, the inability to provide immediate customer support or answer questions is disappointing.

Many premium VPN services like ExpressVPN offer 24/7 live chat to help troubleshoot user queries.

Good ticketing system

At least, the company’s ticketing system works well. We received full responses in a fast, polite, and friendly manner. That said, it’s certainly not as convenient as the instant support live chat provides.

Online resources

There is also an online help section covering troubleshooting, FAQs, and billing.

The focus is on VPN newbies, so there’s not much information regarding protocols, encryption, or technical implementation.

The connection issues page does contain information about ports and tethering, but there’s no in-depth information to be found.