Privacy

32177 readers

378 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

What Makes SPN A Better Alternative to VPNs (safing.io) (safing.io)

submitted 1 year ago by [email protected] to c/[email protected]

7 comments fedilink hide all child comments

I looked at this, and the idea seems very interesting being tied into a per application "firewall" which I think actually works more like per application routing, or even better per domain. This would actually be a big convenience to send some traffic that doesn't like you being in one location to another vs a VPN. However, I can't actually see how it would be better than a VPN necessarily.

First - it seems like it could not really work for SSL without MITM it at the browser level? Or it at least has to be DNS based (and still the HTTPS based DNS would thwart this) and therefore not really per domain right?
Second, what are they charging for here? It sounds like it's access to TOR, though they claim it's only TOR Like, I fail to see why anyone would provide them an exit node or transit node for free when they're charging end users for access.
Presumably the reason people use VPNs rather than TOR is a mix of issues, but the main one I remember is performance. TOR is slow. I don't see how this would be faster. The privacy one is that you've got the exit node issue which is the same as the VPN exit node (i.e. there are side channels to get identity, and you're still having someone else seeing all exit info - in this case a random person rather than a company, we can decide which is more trustworthy, but I don't think it's an obvious win).

top 7 comments

sorted by: hot top controversial new old

[–] [email protected] 9 points 1 year ago

I just wish the article explained things a bit better; the way it reads, the writer doesn’t really know what a Virtual Private Network is in the first place, or what split tunnelling is. And yet the article is on the website of the company providing the service. It doesn’t really inspire confidence.

[–] [email protected] 7 points 1 year ago (1 children)

How is it different from split tunneling?

[–] [email protected] 7 points 1 year ago (1 children)

Seems that it's automatic split tunneling by application/stream. And with multiple out nodes. So basically split tunnel + tor? Still requires that you trust the app itself, the exit nodes, every node along the way, etc...

[–] [email protected] 2 points 1 year ago (1 children)

Sounds dangerous

[–] [email protected] 2 points 1 year ago

Yeah, I'm not onboard... I'd rather vet a single company (vpn provider) and keep track of their goings-on rather than trust that a system with many actors are trustworthy with no incentive to be. A VPN provider that claims to not track logs... but gets found out that it does.... dies. There's a direct incentive here.

This system? There's no way that the money you pay for this SPN service is making it to all the exit/traversal nodes. There's nothing that would stop any given node from being malicious... forget just basic vetting of each node would be a massive cost alone. We can trust encryption... but we already do that with https and other protocol level stuff too. At that point I might as well just trust my ISP if I have to infer trust into each node like this.

I get tor... I get it's uses... I don't get how this is adding all that much more to the topic from a security perspective if it's only "tor-like" (not using tor nodes). Tor still has it's own issues as well.

[–] ItsGhost 3 points 1 year ago

Did they just describe Tor? Because it sounds an awful lot like they described Tor, but with a subscription! Perhaps they offer to run their own high speed Tor network for an access fee, which is atrocious because it’s still one provider knowing everything. Tor works because it’s so diverse, and the (theoretical) chances of having all three nodes run by the same operator is very slim

[–] [email protected] 3 points 1 year ago

Basically a startup founded by rich guys (investing 200,000 euros) getting some state grants trying to sell crypto-friendly VPN (see the white paper). SPN stands for "Safing Privacy Network" (Safing being the company brand). Nothing new nor nice + marketing lies (VPN not being open-sourced nor easy...).