Hacker News new | ask | show | jobs
by Nevermark 1000 days ago
Nice work!

But, if anything should be a decentralized anonymous crypto-paid service, it should be a VPN network.

Centralized VPNs are still a single point of failure privacy risk. We have to trust they don't share our identity/account info and activity.

I am surprised dVPNs are not THE first rationale given for crypto. I.e. since separately and together they (ideally) have a clear comparative advantage over other alternatives for strong privacy.

A performant global open-standard dVPN could become an indispensable layer of web access.
3 comments
Spoom 1000 days ago
I wasn't sure what a decentralized VPN would look like, so I searched and found https://surfshark.com/blog/decentralized-vpn . Obvious bias coming from a VPN provider, but if they are stating the technology correctly, then I think it's important to determine if this is correct:

> A decentralized VPN is a distributed VPN service where volunteers supply your VPN servers instead of a single company – but paid by crypto. Like with regular VPNs, you have to trust that the VPN server isn’t monitoring your data. But instead of there being a single VPN provider company behind it all, you have to trust that none of the thousands of server volunteers are spying on you.

Is this a correct understanding of dVPNs? Is there a rebuttal, especially to that last sentence?

link
Nevermark 1000 days ago
No that isn't accurate.

You have a network of VPN point providers. As you communicate, data can be sent through any series of points.

Data is encrypted end-to-end, and the addresses for the point providers are also encrypted so that each point can only decrypt and see the next point to forward data to.

So each point knows where data last came from, and where they are sending it. But they don't know:

1. Which step of a chain of points the data is at.

2. If they are the first in the chain (i.e. the "from" is the source)

3. If they are the last in the chain (i.e. the "to" is the destination)

And (as long as two or more points are traversed, which would be always), no point ever has access to:

4. Both source and destination info.

Finally, since payments to each point are handled through a combination of peer-to-peer point bookkeeping, and a crypto block chain account, no point ever knows:

5. Any identity information about who uses the VPN.

6. Any way to identify activity over time that is related.

Acting as a point, as well as using the network, serves to further cloak activity, as being from you vs. passed through you.

And an alternative to crypto payments, would be earning usage by providing point service.

EDIT:

> so I searched and found https://surfshark.com/[...]

Any VPN provider that is claiming decentralized VPNs are a greater risk is either misinformed, or willing to misinform users.

I wouldn't trust a VPN provider from either category.

Actual reasons to not use a dVPN might be that it is a work in progress, not supported well, its source code is not open, or not yet vetted by experts, too slow, not many points yet, etc.

link
tredre3 1000 days ago
Aren't you just describing Tor?
link
mainpassathome 1000 days ago
yes but it has le heckin crypto
link
Nevermark 999 days ago
Hmm. You left out the most important bit!

Some kind of economics are needed to over come the fact that there are only a few thousand Tor nodes [0], making it relatively easy to compromise the network by any entity willing to pay for a couple of thousand nodes [1], which is a bargain for any intelligence service.

I.e. Tor is pretty safe, but because it’s volunteer, it is also a bit of a honeypot.

Now take all the money people spend on commercial VPN’s, and anonymize accounts while making some privacy first crypto actually useful to the general public.

Millions of nodes, or tens of millions.

The benefits come not just from linear node path anonymity.

By spreading traffic packets in parallel across different paths, and geographically, so it’s near impossible to track anything useful even with a lot of compromised nodes.

Assuming you have a LOT of nodes.

(Geography here meaning Internet topology, verified by minimal latency.

Topological information for millions of nodes will help keep latency low, while increasing the number of nodes in each path, for a better security vs. latency trade off.

So nodes could be incentivized to locate and scale based on topology & usage.)

If there is a way to make Tor anywhere near that secure a lot of people would like to know how.

Economics matter, and this money is being spent already.

[0] https://metrics.torproject.org/networksize.html

[1] https://www.makeuseof.com/tor-exit-nodes-spying/#:~:text=A%2....

link
KomoD 1000 days ago
Yes, that is correct. It's great for getting residential IPs, but connection quality is much worse
link
max_ 1000 days ago
Have a look at Nym

- https://nymtech.net/

link
ShowalkKama 1000 days ago
>But, if anything should be a decentralized anonymous crypto-paid service, it should be a VPN network

so it should be tor?

link