I wish that people would stop citing White's page without explanation. His stuff about using known secret keys is all about IPsec. People using VPN services mostly use OpenVPN.
When I'm providing security advice to a general audience, I can't expect people to reliably follow detailed instructions. "Oh, use VyperVPN, except you have to use OpenVPN, except on iOS where you're forced to use IPsec, and <detailed description of crypto settings follows>."
I can tell them one thing: use Cloak. And I know that, no matter how they do so, they won't be less safe than they would have been without it.
Well, there's your problem, starting with "Oh, use VyperVPN". IVPN, for example, has leak-free apps for Windows, OS X and iOS. And are working on Android.
> In general, US persons today on residential broadband are safest not using a VPN.
> Only connect to US-based VPN servers while in the US. Even if your VPN provider offers servers outside the US.
What? No reasons given. Smells like FUD.
[0] https://free-dissociation.com/blog/posts/2017/03/quick-and-d...