The weakness of PPTP was/is in Microsoft's implementation.

Open VPN uses the more secure TLS (formerly "SSL") protocol.



From my notes:

Tools Can Crack Widely Used PPTP Encryption (July-'12); https://www.pcworld.com/businesscenter/article/260012/tools_released_at_defcon_can_crack_widely_used_pptp_encryption.html

"Crack the encryption of any PPTP (Point-to-Point Tunneling Protocol) and WPA2-Enterprise (Wireless Protected Access) sessions that use MS-CHAPv2 for authentication. (Microsoft's version)

"...captured network traffic that contains a MS-CHAPv2 network handshake (PPTP VPN or WPA2 Enterprise handshake) and reduce the handshake's security to a single DES (Data Encryption Standard) key.

Marlinspike's advice to businesses and VPN providers was to stop using PPTP and switch to other technologies like IPsec or OpenVPN. Companies with wireless network deployments that use WPA2 Enterprise security with MS-CHAPv2 authentication should also switch to an alternative."



I believe the TLS type host negotiates with a VPN server> establish their respective encryptions and other parameters> then that server makes the link-up between endpoints.

https://en.wikipedia.org/wiki/VPN#Security_mechanisms

So, all VPN data exchanges have encryption at launch; at no time does it leave the computer un-encrypted.

All VPN protocols (PPTP L2TP, OpenVPN) have distinct advantages and disadvantages.



Here are some points that might be useful to consider:



1) OpenVPN is the protocols least likely to be blocked by servers or firewalls and generally thought to be the most secure. It's because both PPTP & L2TP uses fixed ports, if your service provider or firewall blocks certain communication ports used by PPTP or L2TP, they won’t work while openVPN can be configured to use any port (on the server side) and supports multiple protocols.



2) Most operating systems and devices have built-in support for PPTP and you simply need to fill in a server address, a username and password to configure and no additional software is needed while OpenVPN requires installing additional software. On some devices it can be complicated. Sometimes a user is required to deal with certificates, configuration files, etc.





3) In terms of speed, generally speaking, less encryption means greater speed but at the cost of less security. However, if your devices are of reasonable speed this should not be a major factor.

Some people say openVPN on UDP is the fastest but according to my own experience on purevpn, they are all more or less the same. Speed depends much more on your connection to the server and other factors.



In a nutshell,it's best to consider your security requirements and pick a protocol accordingly.

OpenVPN is so far superior to PPTP that it's not even debatable. It is totally secure and will encrypt from your computer to the VPN server from the start. Of course if OpenVPN is not properly configured by someone who doesn't know what they are doing them that might be a problem. But we're assuming you are using a reputable provider that has a clue how to do this properly.

We endorse using http://www.vpnpower.net to unblock websites. I am using their services for more than 4 years without having complications.