The current generation of virtual private networks (VPNs) has a problem, according to Nym CEO Harry Halpin.
“They’re basically saying, ‘Trust us, we’re not going to log or copy your data,’” he said onstage at Web Summit, “but actually they can. You just have to trust them.” Independent audits can be faked, he added, or are “not particularly reliable in themselves.”
“Two or three major VPN companies actually operate most of the user-facing VPNs,” he explained, adding that because they are centralized, “you’re not really making your connection private in any meaningful sense – you’re just trusting another company with all your network data.”
Nym wants to solve that problem with its own decentralized VPN (dVPN), which is designed to be ‘NSA-proof’.
“A few years ago, I was working for the French government after Snowden and they said, ‘Can we make a VPN that even the NSA can’t crack?’” Halpin said. The project was then turned into a startup that has, he joked, produced “the most private and slowest VPN in the world.”
Where a traditional VPN routes traffic through another computer, Halpin explains, “we take your traffic and encrypt each packet individually, and send each packet through a different network of computers.” Each package is shipped separately and mixed with other packages so the order is jumbled up.
Furthermore, NymVPN mixes fake traffic with the packages and is completely decentralized, “so there is no single server or even one company running the VPN, and all payments are not linked,” Halpin said. “That’s all quite new technology, and it makes things slower,” he added.
To make NymVPN suitable for regular users, the service offers two security levels that users can switch between: a highly secure, slower “5-hop” option that uses Nym’s mixnet, and a less secure but faster “2-hop” option with onion encryption for “people who just want to stream cat videos,” Halpin said.
The slower mixnet mode, Halpin said, is intended for “people who are in a high-security, high-privacy situation,” such as Nym security consultant Chelsea Manning, who was jailed after leaking classified documents to WikiLeaks. Manning joined Nym after “kind of thinking about the same concept while he was in prison,” Halpin said.
Manning explained that she and a colleague who worked at the privacy-focused browser Brave had originally mapped out a plan to upgrade the privacy project Tor and the whistleblowing platform SecureDrop. “We knew then, looking at the 2020s and 2030s, that we had to innovate and develop a mixnet, and add locomotive traffic to the network,” she said. Manning then worked with Halpin and economist Claudia Diaz to develop the reward system underlying Nym.
“If we are successful and can fund this venture, we should be able to develop the most secure consumer-level tool ever devised,” she said.
With NymVPN now available for public testing during a 30-day free trial, the two are planning the next steps for the network. Future plans include creating a standard for hardware acceleration on the network, paving the way for the integration of technologies such as secure enclaves, Manning said.
“Right now we have to choose between privacy and speed, but we would like everyone to be anonymous, completely private by default, and have the same speed as a normal VPN,” Halpin said.
And has the NSA been in contact?
“I’m not aware of that,” Manning said. “I’m sure they’re interested.”
Image credit
Photo by David Fitzgerald/Web Summit via Sportsfile under CC BY 2.0 license.
Edited by Andrew Hayward