top | item 45497218

(no title)

dongcarl | 4 months ago

We should really be moving towards a world of Multi-Party Relays rather than Single-Party VPN operators: https://www.privacyguides.org/articles/2024/11/17/where-are-...

With Multi-Party Relays you no longer have a trust a single entity not being malicious or compromised.

Disclaimer: I run obscura.net, which does exactly this with Mullvad (our partner) as the Exit Hop.

discuss

FlynnLivesMattr|4 months ago

Hey Carl! This is the first I'm hearing of Obscura. After doing a deep dive into your product, it looks to be a very fascinating privacy tool. However, I'm concerned with your operating under US jurisdiction, as detailed by others here:

https://discuss.grapheneos.org/d/20059-obscura-vpn-and-mullv...

While I understand potentially not wanting to incorporate in the EU (with Chat Control on the horizon) nor Switzerland (due to their own non-EU-related privacy backslide), why still select the US, which historically other privacy tools have largely avoided? It feels like you're already shooting yourself in the foot, whereas you'd be good in the EU should Chat Control not pass. While it's great that you verifiably can't see a user's internet traffic, you're one US court order away from a forced compromising of the service for a user (or at least, giving up the connecting IP). Historically, EU court orders have been easier and more transparently fought by privacy tools.

Non sequitur, it would be great if you prioritized accepting Monero as payment, like your exit hop Mullvad. Also, how much control do we have over the features Mullvad offers (e.g. DAITA, quantum resistance, DNS filters, IPv6, integration with Mullvad Browser)?

dongcarl|4 months ago

> should Chat Control not pass

Unfortunately in the world we live in no single jurisdiction is good enough anymore, laws can always change and Chat Control can be re-proposed over and over again.

Luckily, an MPR like Obscura with hops across different jurisdictions (Obscura in US, and Mullvad in EU) give you a much better scenario than just being in one jurisdiction.

> it would be great if you prioritized accepting Monero as payment

Definitely prioritized, one of our engineers is working on it right now.

> Also, how much control do we have over the features Mullvad offers (e.g. DAITA, quantum resistance, DNS filters, IPv6, integration with Mullvad Browser)?

We're limited by the Partner API that Mullvad offers right now, but we'll be looking into many of these soon. For example, we're implementing DNS filtering as we speak!

sporkxrocket|4 months ago

Can you control the geography of the exit node? I really like Private Relay but it doesn't get around geo restrictions because the IP is still in the same country you are.

dongcarl|4 months ago

Yes, you can with Obscura. That limitation of Private Relay is just an arbitrary limitation made by Apple.

Thystler|4 months ago

Hey,

This is is what i wrote my master thesis on. I ended up not turning it into something proper. Thank you! i love that you did this!

Its awesome! OMG good job!

dongcarl|4 months ago

Ah that's excellent! Do you have a link to the thesis?

thenthenthen|4 months ago

Does obscura work in China? Doe you have a free tier option for me to test?

dongcarl|4 months ago

We've had many reports that it works. In fact, one of our users told us he took an hour video call over Obscura in China and things worked smoothly!

Unfortunately, because we don't identify users we cannot offer a free tier (since that would allow anyone to use it freely indefinitely).

However, you can always just top-up for 1 month to see how it works for you! Would love to hear your experience.

mcdonje|4 months ago

Hypothetically, could tor switch to using QUIC?

dongcarl|4 months ago

You could probably implement a pluggable transport for it?