Open in app

Sign in

Write

Sign in

Is This The Solution To VPN Problem?

Adelene
Geek Culture
Published in
5 min readJul 26, 2021

Examining the problem with central VPN providers, and the potential solution — dVPN.

Photo by Petter Lagson on Unsplash

Outline:

  • Introduction
  • Problem with VPN
  • Blockchain VPN — dVPN
  • Potential Issues with dVPN
  • Conclusion

Introduction

A Virtual Private Network (VPN) is an encrypted tunnel between your device to the internet. VPN secures your internet connection from man-in-the-middle (MITM)attacks or network snoops. Your ISP can’t see what you are browsing on the internet with VPN, because of the encrypted data tunnel. In other words, they know you are accessing the internet but they don’t know the contents of it due to the encryption.
We often use VPN on public Wi-Fi to secure our connection or to simply bypass country-specific censorship.

Problems with VPN Providers

Trust in VPN Provider

The main problem with VPN is that we are placing our trust in a central entity. It is based entirely on trust.

VPN provider holds the keys of encryption. In other words, your VPN has the view of your ISP before you use VPNs. They can see all of your internet traffic and its contents. Furthermore, VPN requires session log records. Essentially, they know:

  • How long you have connected to their server (server logs).
  • Your internet traffic contents.
  • The amount of data.

We have to trust that the provider. Trust that they are upholding their no logs policy. Trust that they don’t sell our data. Trust that they have a robust security infrastructure from malicious adversaries.

Even if you found a pretty transparent and trustworthy VPN company, consumers have to do the nitty-gritty details of examining the data privacy laws in which the VPN corporation is set up.

Law Enforcement Take-Downs

The hard fact is that there are users who use VPN services for harmful activities. The most recent case is DoubleVPN. A ransomware group used DoubleVPN to hide their tracks, which prompted law enforcement agencies to shut down the VPN service.

“Law enforcement gained access to the servers of DoubleVPN and seized personal information, logs and statistics kept by DoubleVPN about all of its customers.” — Source.

Users who are innocent would have their data being compromised due to these law enforcement take-downs.

Be Cautious of Free VPNs

It is probably not a good idea to use a free VPN provider. If you are not paying for the product, you are the product.

Free VPN providers have faced reports where they install malicious extensions and JavaScript code into their users’ web browsers. Some even sell your data to third parties. This report found that 85% of the free VPN provider they examined contain intrusive permissions.

Don’t use free VPN providers, unless you are want to sell your data.

Cybersecurity Risk

Popular VPN providers are like a gold mine to hackers. If malicious actors gain access to VPN decryption keys, users’ data is exposed.

VPN services have taken precautions against this by implementing Perfect Forward Secrecy (PFS). PFS changes its encryption keys regularly. Instead of putting the whole history of data at stake, only the most recent data can be decrypted.

No matter how robust a company’s security infrastructure, it is still prone to be hacked. Large companies have been hacked, and it is only a matter of time for another provider to suffer the same vulnerability. NordVPN, a popular VPN provider, got hacked. NordVPN uses PFS and have no-logs policy. No user data or credentials has been affected.

There is no such thing as foolproof cybersecurity at all times. Could peer-to-peer VPN be better off instead of trusting a central provider?

Blockchain VPN — decentralized VPN (dVPN)

A decentralized network of VPN by using blockchain technology. A decentralized VPN (dVPN) is a peer-to-peer VPN system. With this, users don’t have to place their trust in a central entity. Here are some of the dVPNs:

Both of these networks use open-sourced code. Both of them use OpenVPN protocol, an open-sourced VPN protocol. Open-sourced code and open-sourced protocol, those who know the coding language can verify it.

dVPNs use the pay-as-you-go model instead of the subscription model. Users pay for the amount of bandwidth they use instead of a monthly recurring payment. It might be more financially beneficial for users that just use the internet to browse websites. They also allow crypto payments, allowing anonymous payment if the user wishes.

Bandwidth providers run what’s called network nodes. dVPN users can choose from their wide range of networks of nodes. Users can choose nodes according to country-specific IP address, or even based on the speed of the network.

dVPN entire network is hard to get seized by the government. Due to its decentralization model, it is hard for governments to withhold the whole network. Thus, it is unlikely that malicious use is going to compromise the whole user data.

Users who provide bandwidth and node are incentivized by money. A paid incentive to grow the dVPN network. The more users using the network, the more providers will be incentivized to contribute their bandwidth to the network. The more node choices, the more the network grows.

Potential Issues with dVPNs

No Barrier to Entry for Bandwidth Provider

Anyone can run a node. Bandwidth providers might be able to sell your data. Orchid’s solution to this is using a multi-hop circuit, which Mysterium is also thinking about implementing in the near future.

A multi-hop circuit is alike The Onion Router (Tor). Making use of an entry node, relay node, and exit node. No single node can see the whole internet traffic. The entry node knows your IP but it doesn’t know which site you are visiting. The exit node knows the contents of your traffic but not where it was accessed. This prevents one node from knowing too much about users’ data. However, would this multi-hop circuit impact network speed? Tor is known for being notoriously slow.

Legal issues for bandwidth providers

Users who run nodes get the risk of legal trouble if users use their bandwidth for illegal activities. This can be seen by users who run an exit node in Tor getting legal troubles from their ISP and government because of it. Some dVPN providers allow their node providers to whitelist websites instead. Whitelisting is allowing approved site visits only, other sites are automatically inaccessible unless approved by the network provider. There are also guides to protect your legal rights running an exit node provided by Tor community and dvpnalliance.

Price Inequality

Nodes set their own prices and are not controlled by the dVPN project. Higher quality nodes can be potentially expensive due to the demand. Want that high-speed node that is highly demanded? Users might need to pay a higher price.

Conclusion

Although VPN has its flaws, it is better to use it. Moving our trust from one entity (ISP) to a more trustworthy entity (VPN providers). Furthermore, it encrypts your data and prevents DNS leaks. Increasing our security in public wi-fis to prevent MITM attacks. The biggest issue of dVPN would be the malicious nodes. Multi-hop circuits can prevent it, but there are concerns it will slow down the network. Blockchain technology has created lots of decentralized for our traditional systems like the financial system. VPNs might just be the next one.

Want to know more about blockchain? Every Sunday, I share about blockchain basics or projects at comprehend.substack.com

Cybersecurity
Privacy
Blockchain
Cryptocurrency
Technology

--

--

Adelene
Geek Culture

Written by Adelene

94 Followers
Writer for

Crypto enthusiast. Privacy and security advocate. Obsessed about productivity, self-development, and finance. Learn about crypto on comprehend.substack.com

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams