Want to buy drugs online, read a restricted news site, or convince your jilted fiancé you've been abducted and are being held in the Slovenian outback? Try using a Virtual Private Network.
VPNs change Internet users' IP addresses, projecting them across the globe: a VPN can represent a user as being in China, Argentina, France, wherever necessary for the deception. The "private network" itself is a tunnel through which traffic is redirected, unseen by service providers.
But often the centralized services which operate these networks sell user data to third parties, which isn’t ideal for the intensely privacy-minded folks who tend to use them.
Brave, a browser that recently launched a token to reward users for looking at ads, has proposed a solution: a decentralized VPN, dubbed VPN⁰, which would keep users connected while masking their online identities.
Though VPN users can already turn to existing decentralized VPNs, which are run by peer-to-peer collectives and secure users' privacy by sharing data via encrypted messages, these mostly require users themselves to act as peers in the network—which often involves the hosting of unsavory content.
Brave's “VPN⁰,” laid out in a research paper published Wednesday, seeks to address this so-called "traffic accountability” problem. Exit nodes—that is, users—can set up "whitelists" of content they're happy to host, and clients can search the nodes' preferences that match their own. That way, clients and nodes can tailor their setups to avoid exposing themselves to grim Internet gunge.
But to prove to the exit nodes that they have not violated their whitelists, users must share their search data. This presents an obvious problem: the sole purpose of a decentralized VPN is to uphold users' privacy. Brave's solution, then, is to transmit these messages as “zero-knowledge proofs,” cryptographic messages that can be verified without knowledge of the senders' identity. “Our solution allows [the user] to control which traffic a node carries without knowing what it is,” said Brave’s performance researcher, Dr. Matteo Varvello.
Brave’s client would integrate with BitTorrent service Mainline, and VPN provider ProtonVPN. These allow Brave’s VPN to generate a graph—a sort of anonymous Google-like search function—through which users can locate clients willing to host their traffic.
Dark-web analyst and security researcher Chris Monteiro thinks Brave’s are “good ideas,” but “presented naively by technologists rather than privacy advocates.” If it's possible to avoid hosting “horrific” traffic, he said, why would any VPN hosts do otherwise? It may well be a burden not worth shouldering. “No one is going to jail to defend your right to privacy on your shitty $5 VPN,” said Monteiro.
And that could well undermine the entire point of a VPN. “People who want VPNs don't want just non-objectionable content,” he said. That’s why on the whole, he said, nodes on other popular VPN services like Tor are “run by brave volunteers and criminals, because they are such a liability.” (Brave says Tor does a similar-ish thing, but exit nodes are still “responsible” for all traffic they direct.)
To counter this, Brave plans to introduce a tipping system to reward VPNs nodes based on their “quality” and “availability,” among other things, said Varvello. But “it is a new model, more work is needed,” he added. (The VPN itself, he explained, remains a “research prototype” and is not yet being shipped.)
Whether or not this will work, at least the zero-knowledge-proof system precludes dishonorable nodes from leaking users’ data, as has happened previously. Twenty six of the 117 most popular VPNs, for instance, reportedly sell user data to third parties. And there’s very little stopping others from complying with law enforcement requests for such data.
But you know what they say: Nothing seen, nothing sold.