Total Pageviews

Saturday, 2 June 2018

Decentralized and Secure Access to the Internet. Do we need a Decentralized VPN?


When I was visiting France this fall, one day an ad caught my attention, which said something like:
“You are not safe, your Government is watching you, get a VPN.” along with my IP address, French flag showing my location — everything designed to scare me.

It touched me somewhere deeper and I must admit — recent viewing of Snowden movie ‘helped’ with that.
Soon I found myself pacing back and forth across the balcony — I couldn’t stop thinking, one underlying question in my mind:
“Why VPN services are still centralized and closed source?”
Disclaimer: I must admit I am a huge fan of Decentralized and Open approach.
— — — Short basic info about VPNs (Virtual Private Networks)
VPN allows you to secure your connection to the Internet by creating an encrypted tunnel to a remote server making it impossible for others to track whatever you do while connected. For example when you connect via a public Wifi or at home through your ISP (Internet Service Provider) — if you don’t use VPN, they can easily see almost anything you do while you are connected (even in ‘https://’ case your browsing destinations can be detected)
Read more on VPN at Wikipedia.
Ever since that day — this invasive idea “had me”… After some time I started talking to people about it — I was surprised to hear responses like “How come this is not fixed yet?” Yeah really, how come?
Very soon I realized: Every VPN service is quick to tell you of their “no log” policy. But think for a second “can you really be sure?” Why I ask, is because regular VPN providers check positive on both risk boxes, by being:
  • closed source — which means nobody from outside knows what is really happening with their private information “under the VPN hood”. And malicious instances have been reported;
  • centralized — meaning when you connect to a regular VPN all your traffic goes through centralized server infrastructure, which means all your information could be silently collected on these servers and you wouldn’t have a clue.
Off course that’s how most of Internet services work these days. Anything from small online stores to Google or Facebook and everything in between. So “why worry” someone might ask. Well because with current technological advancement our privacy is disappearing faster than a speed of light and most of it is happening behind our backs. Today there are so many ‘players’ trading, using and abusing our private information in ways hidden to us and sometimes even against our best interests. So I and many others believe it’s time to start reversing this trend.
That’s why we started working on Mysterium Network.
In this world of ever growing data-mining & surveillance, which is coming not just from our governments, but also from all sorts of businesses or even outright criminal organisations — we need alternatives, strong enough to protect us from ever growing assault on our rights.

So let’s build one

How about we get together, design and build a VPN service which is nearly impossible to hack — giving us almost perfect privacy and anonymity. We are perfectly aware — this will not be an easy task, yet still possible. We would need many people contributing, but this is not beyond comprehension — we see projects of such scope being developed more and more often.
Also blockchain technology— is a perfect place to start, because projects built on it must adhere to 7 principles of Blockchain Economy, which are essentially about equality, fairness, sound logic, behavior aligned on incentives..
Generally VPN is been a great solution. But with centralized VPN — you take away all your information from ISP and hand it to VPN provider. You simply move the issue from one entity to another. So in reality the problem is not solved, even if VPN providers tell you otherwise — you simply never ever know, unless they all become Open Source. But that is just not the case, at least not yet.

You might ask: How would such VPN look like?

Since I first had this idea, I couldn’t stop, so we formed a dedicated team — a small group of people who truly care about this problem and we started to work on it. So here are the main principles of what we think would make a proper VPN:
  • First it must be Open Source, so that any developer could check the code and see that there are no “shady” elements left in it. Also open source could potentially help identify weak spots in a timely fashion;
  • It must be Decentralized — making it nearly impossible for any centralized entity to collect any meaningful traffic data;
  • Open — it must be open to anyone willing to participate in any role: as user, provider or collaborator, similar to coop model;
  • all VPN specific principles must apply by default, like: all traffic must be Encrypted.

This is where we can start

Meet Mysterium Network project.
We intend to create Mysterium Network. This is how we envision it will work out:
  • We will start by creating an Open Source software, which will enable anyone to become a VPN provider and rent their unused network traffic for those who need it. The quality of this software will evolve over time with the feedback and maybe even contributions from the community.
  • Mysterium Network — will be a network of VPN nodes. And anyone will be able to create a Node using this open source software.
  • All Nodes will be completely based on peer to peer architecture, which means no single point of failure, no need of any centralized servers.
  • Anyone will be able to connect to Mysterium network as a VPN Customer.
  • We will create an immutable Smart Contract running on Ethereum. It’s job will be to make sure customers pay for their VPN usage and VPN providers get adequate compensation for their services.
  • Mysterium Network will function as a decentralized marketplace, connecting VPN users to VPN providers who match each others preferences (price, quality, selected level of security, etc..)
We are well aware that developing Mysterium Network will be extremely challenging. Yet team and results achieved in this short period of time — are reassuring. We will be communicating much more about our plans and progress in coming days/weeks. Feel free to contact us on any topic.
There are many ways to stay in contact:


Roadmap, Product Update, Testing Results and the Team

Hi all! During the last few weeks we had a couple of Reddit AMA sessions (ask me anything) to spice up our communication. We will be doing more of those in the future but today we have quite a bit of news and want to place them right here on Medium.

For your attention, our updated Roadmap

In order to create a successful technology one must first understand the landscape of its future use.
Mysterium technology is being designed to stop breaches into our privacy today as well as tomorrow. This is why we need to put a lot of effort into understanding future use-cases, users, their problems and overall technology trends.
Our observations point us towards a future built on open source, decentralisation and empowerment principles. In this world we will see lots of peer to peer communication, powered by protocols and dApps which don’t rely on accumulating your personal information with a goal to monetise it without your conscious consent (that’s todays world). Instead, we will see Protocols and dApps competing among each other in order to provide you with a better service while giving you means to stay in complete power over your personal information.
Such applications will present you information while the origins of it will come to you from countless different places (very different to today’s model), yet you will not feel it because various trustless protocols will route that information securely towards the destination (screen of your phone as an example).
In other words, peer to peer communication will take place in a completely decentralised fashion where you as an individual will rely on a multitude of protocols protecting your personal integrity and identity security. Various trustless protocols are being developed right now with this goal in mind, they range from decentralized payments to storage or communication etc.
At the core of it, it’s all about communication. If it is breached at some point within the chain — your personal information could be hacked and leaked into unwanted hands. Thus, creation of a protective layer must not be taken lightly.
At Mysterium, our goal is to create a protective layer on top of any communication taking place within this new decentralised ecosystem.
This protective layer could be applied to all kinds of communication: be it peers talking over a video chat or nodes communicating important data to each other. With this goal in mind we created a Roadmap taking us towards this desired future.
We are starting with a VPN. Significant milestones for 2018 include VPN clients for key OSes (macOS, Win, Linux, Mobile), opening possibility for anyone to run a VPN node, development and cultivation of initial partnerships and implementation of payments proof of concept.
From this point we will keep on improving the protocol and network by adding more complexity such as: decentralising payments, decentralising discovery, adding multi-hop routing, creating a marketplace of traffic tunneling protocols, and eventually creating an complete End-to-End communication protection, where any App/dApp developers would be able to integrate a secure and virtually unstoppable communication channel right into their app, for any two peers to communicate among each other without any unwanted third party interfering or even knowing that communication took place.
Mysterium Network Roadmap

Development update

During the last few months we focused on laying out foundations for Mysterium Network — we’ve been working on the Node, making it secure, usable and prepared for future scalability. On the top of it we’ve built our first use case — a VPN application — and tested it throughly with an initial group of testers. Throughout this process we’ve received some incredibly valuable feedback, insights and ideas for further development.
Let us tell you more about the network development and then share some insights from the testing.
  • We tested our Node software on different Linux distributions and different hardware, while running nodes on many different Hosting providers servers. They mostly worked for us well enough with a couple of exceptions with those service providers that have different hosting service setups where our Node was not operating, or had some issues. To name a couple of issues: if a hosting provider has an OpenVZ (container-based) virtualization setup, one cannot run docker containers; some service providers block UDP protocol, etc. We’re preparing documentation on how to solve the known issues with different service providers and a basic checklist helping to identify why a node is not operating as intended.
  • We improved Node compiling scripts to make them more universal, not attached to our case. We are constantly updating infrastructure deployment scripts to save devops time.
  • By running nodes ourselves, we’ve noticed some problems in Node communication and proposal broadcasting to the network. Now they are fixed.
  • Our users noticed that some nodes become unreachable. We investigated this issue and added upgrades to Node service proposal announcements, upgraded proposal announcement validity algorithm, solved connection establishment to Node through Broker issues (after Broker is not reachable for some time), Node lockup and self shutdown problems.
  • We made a connection state refactoring on Mysterium Client to have a more fluent connection process. Now our VPN app (we call it Mysterion) will show instantaneous feedback on the current connection state.
There were more small fixes and service adjustments made to have a stable and easily scalable TestNet network. You can see all updates on our GitHub profile

Mysterion Testing results

We’ve been testing macOS VPN client with 3 closed testing groups. As mentioned previously, with the received feedback we’ve greatly improved and stabilized the application and now are looking to significantly expand macOS testers groups. We are observing the speed, performance and continue to make improvements and apply new feature requests as the use of the VPN client and nodes grows.
Also, once Windows and Linux versions of the app are ready, we will invite even more testers to join the testing effort. If you would like to join the testing group, please follow this link.

Some details from the testing

  • List of node countries that users have been testing: Canada, Singapore, United States, United Kingdom, Australia, Netherlands, Germany, and France. We are working to secure additional nodes in other countries and users will soon be able to host nodes from anywhere in the world as well.
  • List of current countries of testing users: China, United States, Ukraine, Vietnam, France, Belarus, United Kingdom, Taiwan, Netherlands, Ireland, Mexico, Italy, Russia, Portugal, and Hong Kong.
  • Our VPN client has already helped several members of our testing groups to avoid restrictions to internet access. For example one of our users from the Mysterium Network Chinese WeChat testing group recently visited from Hong Kong to mainland China and was able to continue their business with no hassle thanks to our Mysterion VPN software. The Russian community has also been affected by the ban on Telegram in their country but have been able to successfully use our product and continue to provide us with valuable feedback. We have also received a lot of interest from other countries that face government restrictions (like Iran) and will soon include additional testers from these countries in our groups.
We are looking for people from our community who would like to run nodes for testing purposes as we are working to release node software that users with some server administration experience can run as 3rd party nodes. In the future we will have a more user friendly version that does not require advanced technical expertise to run nodes as we want everyone to be able to participate.

The team

In a few weeks we’ll be joined by two new colleagues — Senior Legal Counsel and a Senior Accountant. We will introduce them properly once they’ve joined the team but it’s tough to hide our excitement.

Job Openings Available

We are seeking to build a team of dedicated professionals, eager to take security and privacy to the next level.
Thanks for reading this far! :) Expect more news at the end of the month.

Find us on Facebook —
Follow us on Twitter —
Visit our website —

No comments:

Post a Comment

Note: only a member of this blog may post a comment.