this post was submitted on 28 Jun 2023
5 points (63.2% liked)

Privacy

32177 readers
532 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I looked at this, and the idea seems very interesting being tied into a per application "firewall" which I think actually works more like per application routing, or even better per domain. This would actually be a big convenience to send some traffic that doesn't like you being in one location to another vs a VPN. However, I can't actually see how it would be better than a VPN necessarily.

  • First - it seems like it could not really work for SSL without MITM it at the browser level? Or it at least has to be DNS based (and still the HTTPS based DNS would thwart this) and therefore not really per domain right?

  • Second, what are they charging for here? It sounds like it's access to TOR, though they claim it's only TOR Like, I fail to see why anyone would provide them an exit node or transit node for free when they're charging end users for access.

  • Presumably the reason people use VPNs rather than TOR is a mix of issues, but the main one I remember is performance. TOR is slow. I don't see how this would be faster. The privacy one is that you've got the exit node issue which is the same as the VPN exit node (i.e. there are side channels to get identity, and you're still having someone else seeing all exit info - in this case a random person rather than a company, we can decide which is more trustworthy, but I don't think it's an obvious win).

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 7 points 1 year ago (1 children)

How is it different from split tunneling?

[–] [email protected] 7 points 1 year ago (1 children)

Seems that it's automatic split tunneling by application/stream. And with multiple out nodes. So basically split tunnel + tor? Still requires that you trust the app itself, the exit nodes, every node along the way, etc...

[–] [email protected] 2 points 1 year ago (1 children)
[–] [email protected] 2 points 1 year ago

Yeah, I'm not onboard... I'd rather vet a single company (vpn provider) and keep track of their goings-on rather than trust that a system with many actors are trustworthy with no incentive to be. A VPN provider that claims to not track logs... but gets found out that it does.... dies. There's a direct incentive here.

This system? There's no way that the money you pay for this SPN service is making it to all the exit/traversal nodes. There's nothing that would stop any given node from being malicious... forget just basic vetting of each node would be a massive cost alone. We can trust encryption... but we already do that with https and other protocol level stuff too. At that point I might as well just trust my ISP if I have to infer trust into each node like this.

I get tor... I get it's uses... I don't get how this is adding all that much more to the topic from a security perspective if it's only "tor-like" (not using tor nodes). Tor still has it's own issues as well.