Connect with us

Technology

Expert Untangles VPNs as Brazil’s Twitter Ban Sparks New Interest

Published

on



Last week, the government of Brazil banned X, formerly Twitter, cutting off millions of users from the Elon Musk-owned social network. It is one of the more high-profile examples of restrictions placed on platforms, and disputes around the world span a multitude of reasons: free speech (at least in the U.S.), political dissent, copyright, and illegal activity.

While alternate social media platforms like Bluesky saw a surge in new users from Brazil after the ban, some still insistent on using X have turned to virtual private networks (VPNs)—though doing so is also forbidden by the Brazilian government, and violations could come with a hefty daily fine.

Other sophisticated tools for obfuscating your location include the Tor Browser.

Not all VPNs are created equal. Decrypt spoke to the executive director of Unredacted Inc., a 501(c)(3) non-profit organization that provides free and open services that help people evade censorship and protect their right to privacy.

What is a VPN?

IP addresses—numbers assigned to every network on the internet—are like a digital fingerprint. They reveal a considerable amount of information, including physical location, what internet provider you use, and so on. They are typically the way access is “geofenced” or restricted to or from specific regions or jurisdictions.

VPNs obscure this information as well as encrypt connections to prevent snooping by third parties.

“For example, if you are in Brazil and X is blocked, you can use a VPN to tunnel packets destined for X inside of a VPN tunnel to another country,” Zach, the executive director of Unredacted Inc., told Decrypt. (He asked that his last name not be used.) “An ISP or government couldn’t inspect what’s inside that tunneled traffic without the encryption keys from your VPN provider or device.”

The problem, Zach said, is that many VPNs don’t try to disguise the fact that they are VPNs.

“Common VPN protocols such as OpenVPN or WireGuard can easily be fingerprinted based on common port numbers or via DPI (deep packet inspection) by a government or ISP,” Zach said. “The use of typical VPN protocols is no secret to your ISP and government, and in some situations, it could endanger the user.”

As Zach explained, it’s also common for VPN providers to get pressured by government entities to share user data in order to investigate criminals and terrorist groups who may be attempting to hide their activities using a VPN.

“People can use VPNs for malicious purposes, as is true with any tool,” Zach said. “Governments will often send subpoenas trying to discover the true origin of VPN traffic and request subscriber details for a specific timestamp where an offense occurred.”

Instead of using a “raw VPN,” Unredacted points people to “obfuscated protocols.”

Zach noted that protocols like Shadowsocks—which is used by Outline VPN—and Tor transports like webtunnel, snowflake, meek, and obfs4 are harder to fingerprint than traditional VPNs, making them safer alternatives.

VPNs are not a silver bullet

Zach cautioned that all traffic can be fingerprinted if it shares observable patterns, however. More advanced government censorship operations often try to block VPN protocols, but doing so can cause collateral damage, like disrupting legitimate websites and communication platforms.

“These requests are generally made with good intentions,” he acknowledged. “What’s worrying is broad requests for more data than is truly necessary.”

The less data collected by a VPN provider, the better. Zach recommended that when choosing a VPN, one look for verifiable no-logging claims and review the provider’s security policy and privacy stance. Check to see if they are open-source and have undergone third-party audits, he added.

“Many VPN providers use affiliate marketing and social media to promote their service, but it’s important to research their claims and look for how they’ve handled past requests for data,” he said. “In a technical sense, it’s possible for any provider to turn on logging at any time without your knowledge.”

Private options

Popular VPNs include NordVPN, ProtonVPN, SurfShark, and ExpressVPN. There are also decentralized VPN (DPN) options from companies like Mysterium Network, Orchid, Deeper Network, and Tachyon.

Beyond those basics?

“There are many great options—for less technical people, Tor Browser and Tor’s Orbot (which acts like a traditional VPN) are very easy to use and understand,” Zach said. “Outline VPN is another fairly easy option to understand, with easy-to-use cross-platform apps.

“Our service, FreeSocks, helps people in heavily censored countries connect to the Outline servers for free that we operate,” he added.

Zach explained that both Tor and Outline help circumvent censorship in many countries worldwide.

“It’s important to point out that using Tor Browser or Orbot is inherently one of the safest methods to circumvent censorship and protect a user’s privacy because of the fact it hops your connection through three randomized nodes when accessing the regular Internet through it,” he said. “This makes correlation attacks very difficult.”

Generally Intelligent Newsletter

A weekly AI journey narrated by Gen, a generative AI model.





Source link

Technology

Know Your Missiles: Russia’s Experimental Hypersonic Missile Is A New Kind of Killing Machine

Published

on



Whether it was a long-range Intercontinental Ballistic Missile, as originally feared, or an experimental intermediate-range hypersonic missile, as now believed, Russia’s war with Ukraine took yet another step toward fears of nuclear escalation on Wednesday.

The Russian missile strike on the Ukrainian city of Dnipro appeared to be in retaliation for missile attacks on Russia Tuesday after the Biden Administration authorized Ukraine to use long-range American-made Army Tactical Missile Systems (ATACMS) against targets inside Russia.

The hypersonic missile that was used is apparently the first of a new generation of weaponry being developed by superpowers across the globe.

Adding to the growing concern around Russia’s launch of its “Oreshnik” (the hazel) missile is the fact it carried a Multiple Independently Targetable Reentry Vehicle (MIRV) system that allows it to carry multiple warheads, a payload capacity typically associated with nuclear missiles.

How Hypersonic Missiles Differ from ICBMs

What’s the difference between supersonic missiles and ICBMs? Their flight behavior, experts say.

While both ICBMs and hypersonic missiles achieve speeds in excess of Mach 5, hypersonic missiles are far more evasive and can fly inside the atmosphere, changing course at lower altitudes mid-flight to outmaneuver defenses.

In contrast, ICBMs follow a predictable parabolic trajectory after launch, making them far easier to track.

Russia’s use of a hypersonic missile underscores the broader race to develop hypersonic technology. Currently, the U.S., Russia, China, and North Korea have supposedly developed hypersonic missiles, though Russia appears to be the only country ever to launch one in combat.

On Monday, India became the latest nation to enter the arms race, announcing the successful test of what it claimed was its first hypersonic missile. However, whether the missile could be fitted with an effective payload, among other technical issues, was still an open question.

Though it has yet to deploy a hypersonic weapon, the U.S. is investing heavily in its research. The Pentagon’s 2025 budget includes a request for $6.9 billion for hypersonic weapons, according to an August 2024 report from the Congressional Research Service.

The Politics of Hypersonic Missiles

Russia’s use of a hypersonic missile is less about terror and destruction and more about sending a message to the West, according to former Intelligence Officer Matthew Shoemaker.

“This was more a message to President Biden, the U.K., and France, more so than to the Ukrainians,” Shoemaker told Decrypt. “It’s messaging to the West to stay out.”

Shoemaker, who served with the U.S. Defense Intelligence Agency and the U.S. Navy, suggested that if Russia had wanted to inflict serious damage on Dnipro, it could have used a conventional weapon.

“Putin could have achieved the same result in terms of taking out whatever target he launched against using a conventional weapon,” Shoemaker said. “He would have done it far more cheaply as well.”

Shoemaker also emphasized the timing of these exchanges, particularly given the political landscape in the U.S., suggesting that Biden’s authorization of ATACMS strikes may have been designed to give Ukraine leverage as President-elect Donald Trump prepares to take office.

“This is all very much political chess and political gamesmanship that both sides are playing,” Shoemaker said. “Apparently, from what I’m seeing, Biden allowed the attack just so that Ukraine could have some semblance of a bargaining chip when President Trump gets into office.”

Shoemaker clarified that while Russia’s missile is hypersonic, conventional Intercontinental Ballistic Missiles (ICBMs) are also considered hypersonic due to their power and speed—up to 17,600 miles per hour (Mach 25).

“If this were an ICBM type missile, the White House would have had to have been alerted beforehand by the Russians,” he said. “If the White House was not made aware that this was going on, it would have tripped our early warning systems, and it would have made people in the Pentagon go crazy that there was an unsanctioned ICBM launch.”

The alert Shoemaker referenced would be in accordance with standard procedures set in the International Code of Conduct against Ballistic Missile Proliferation, also known as the Hague Code of Conduct for ICBMs.

Earlier this month, before the U.S. tested a Minuteman III intercontinental ballistic missile, notifying the Russian government in advance of the launch.

While the Biden Administration has limited Ukraine’s use of ATACMS on Russian targets, Shoemaker observed since Russia’s 2022 invasion of Ukraine, President Vladimir Putin has repeatedly threatened nuclear war without taking action, relying instead on those threats as a deterrent.

“Putin has been using these nuclear weapons comments for the better part of three years now, and he’s not done anything with regard to it,” Shoemaker said. “So this is once again, him trying to send the message that I’m not bluffing, even though he’s bluffing.”

Edited by Sebastian Sinclair

Generally Intelligent Newsletter

A weekly AI journey narrated by Gen, a generative AI model.





Source link

Continue Reading

AI

Decentralized AI Project Morpheus Goes Live on Mainnet

Published

on



Morpheus went live on a public testnet, or simulated experimental environment, in July. The project promises personal AIs, also known as “smart agents,” that can empower individuals much like personal computers and search engines did in decades past. Among other tasks, agents can “execute smart contracts, connecting to users’ Web3 wallets, DApps, and smart contracts,” the team said.



Source link

Continue Reading

Data

Web3’s responsibility is to advance data privacy

Published

on



Disclosure: The views and opinions expressed here belong solely to the author and do not represent the views and opinions of crypto.news’ editorial.

In the United States, 92 per cent of individuals reported concern over their privacy while using the internet, highlighting how recent massive data breaches and narratives around Big Tech data monetization have eroded internet users’ trust. This has been especially heightened by the rise of opaque artificial intelligence systems and evolving sociopolitical landscapes.

Gaps in regulation

While the European Union’s General Data Protection Regulation in 2018 set a benchmark as the first comprehensive legal act aimed at enhancing internet users’ privacy rights, it is not without its shortcomings.

GDPR and subsequent regulatory frameworks have largely been ineffective at enforcing and holding Big Tech companies, particularly Google and Meta, accountable for collecting and selling user data. Claims surrounding potential GDPR violations have reportedly taken years, sometimes more than four, to be handled. The delays stem from complex procedures involving multiple agencies and countries handling complaints against specific companies, creating significant backlogs and weakening the act’s ability to enforce and uphold its mandate.  

In the United States, the absence of federal legislation on data protection has led numerous states to take matters into their own hands. The US’s patchwork regulatory reality may create more harm than good, as variations on specific matters create endless compliance complexities for businesses operating across numerous states.

Users then receive varying degrees of data protection based on their location at any given time. Furthermore, for small- and medium-sized businesses, developing individual compliance programs for individual state regulators heightens costs that limit their ability to compete with Big Tech and other large corporations.

Meanwhile, Big Tech has been throwing its weight around with intense lobbying efforts, claiming any sort of legislation with real teeth to it will undermine innovation. While this is a discussion worth having, companies whose business model is highly dependent on data-based ad revenue don’t want increased consumer data protections. 

Despite heightened awareness surrounding the value and vulnerability of personal data privacy, centralized entities, in the form of Big Tech conglomerates and governments, hold powerful sway over our user data. Regulatory protections are usually welcomed, but the lack of transparency between the intentions of Big Tech and governments won’t repair the distrust many have toward both.

Web3’s heightened role

This is precisely where web3’s decentralized infrastructure can bypass centralized entities, whose interests may not align with most users, to provide a higher standard of data protection. 

Blockchain—and web3 more broadly—have had countless iterations and use cases of its technology designed to try and build wealth through games, crypto schemes, or other avenues. However, many projects and developers are either missing or choosing to ignore the potential they have in protecting user data.

Thanks to blockchain’s inherent encryption technology and immutable ledger, some web3-based privacy projects are staking their claim as an alternative to the current web2 system that dominates online interactions to profit from ad revenue. One such example is tomi, a DAO-governed project that leverages web3’s data-preserving strengths to create a decentralized, privacy-focused “alternative internet.”

tomi’s modus operandi is to champion security, data privacy, and freedom of speech throughout its operations and product offering. This includes offering services that advance its mission in material ways—including a VPN, storage, and private messaging service for its users to safeguard their browsing and communications by leaning into web3’s capacity for data privacy. Since the project is governed by a community and works on a unified model to keep the familiarity and UX of web2, tomi’s focus lies in making decentralized technology as intuitive and accessible as possible.

The reality is that as much as regular users would like to take more steps to preserve their data privacy, they’re unlikely to take these measures if there’s any inconvenience involved. This simple fact creates an obstacle that many web3 infrastructure projects don’t feel comfortable trying to overcome.

So, what is the takeaway here? For one, web3 projects must take themselves more seriously as champions of data privacy and protection within a cratered regulatory landscape worldwide. By stepping in with alternatives for those who are concerned about both Big Tech and regulatory overreach, developers have a strong and compelling use case that won’t fizzle out during a market downturn. However, preserving privacy cannot come at the expense of UX, and this must remain at the forefront if projects ever want a significant user base to transition to web3.



Source link

Continue Reading
Advertisement [ethereumads]

Trending

    wpChatIcon