Upgrade to Pro — share decks privately, control downloads, hide ads and more …

VPNs

luke crouch
January 08, 2021
Technology
0
94

 VPNs

luke crouch

January 08, 2021
Tweet

More Decks by luke crouch

See All by luke crouch
Pigeons to Padlocks: 5000 years of Network Security
groovecoder
0
28
cryptory-up-to-https-atlas-2024.pdf
groovecoder
0
42
Cryptography: 500 BC to https
groovecoder
0
100
Mozilla Observatory First Draft
groovecoder
0
93
Digital Privacy & Security
groovecoder
0
220
Cryptography: 500 BC to Quantum Computing
groovecoder
0
500
Just enough bitcoing to go cryptojacking with JavaScript
groovecoder
0
63
Can we protect Privacy without breaking the web
groovecoder
0
110
Hash Range Queries
groovecoder
0
82

Other Decks in Technology

See All in Technology
隣接領域をBeyondするFinatextのエンジニア組織設計 / beyond-engineering-areas
stajima
1
230
株式会社ログラス − エンジニア向け会社説明資料 / Loglass Comapany Deck for Engineer
loglass2019
3
28k
ジョブマッチングサービスにおける相互推薦システムの応用事例と課題
hakubishin3
3
620
2024年グライダー曲技世界選手権参加報告/2024 WGAC report
jscseminar
0
200
AWS Lambdaと歩んだ“サーバーレス”と今後 #lambda_10years
yoshidashingo
1
110
Datadog RUM を用いた UX 指標の監視・顧客対応への活用
imamura_ko_0314
0
110
AI長期記憶システム構築のための LLMマルチエージェントの取り組み / Awarefy-LLM-Multi-Agent
iktakahiro
2
350
形式手法の 10 メートル手前 #kernelvm / Kernel VM Study Hokuriku Part 7
ytaka23
5
750
TinyGoを使ったVSCode拡張機能実装
askua
2
200
Oracle Cloud Infrastructure データベース・クラウド:各バージョンのサポート期間
oracle4engineer
PRO
28
12k
freeeのモバイルエンジニアについて
freee
1
100
AWS⼊社という選択肢、⾒えていますか
iwamot
2
1.1k

Featured

See All Featured
Why You Should Never Use an ORM
jnunemaker
PRO
54
9k
Become a Pro
speakerdeck
PRO
25
5k
5 minutes of I Can Smell Your CMS
philhawksworth
202
19k
GraphQLとの向き合い方2022年版
quramy
43
13k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
26
1.4k
Ruby is Unlike a Banana
tanoku
96
11k
Facilitating Awesome Meetings
lara
49
6.1k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
RailsConf 2023
tenderlove
29
890
Stop Working from a Prison Cell
hatefulcrawdad
267
20k
Agile that works and the tools we love
rasmusluckow
327
21k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
32
1.8k

Transcript

  1. VPNs Luke Crouch

  2. About Me • Privacy & Security Engineer, Mozilla • Board

    Member, Techlahoma

  3. Disclaimer: I work for a VPN company • Mozilla VPN

    • We partner with Mullvad • (more details later)

  4. What’s a VPN?

  5. Virtual Private Network

  6. restoreprivacy.com/vpn

  7. How to pick a VPN?

  8. Easy, right?

  9. Oh wait

  10. The dreaded question from tech support …

  11. What are you trying to do?

  12. What are you trying to protect?

  13. What are you worried about?

  14. Mozilla Research “Thinking about an average day in your life

    what risks or threats seem important to look out for in your world, whether online or not?”

  15. Top 5 Answers • Malicious software (spyware, viruses, ransomware) •

    Someone getting my password and taking over my accounts • Scams that trick me into giving up personal data (online, email, or phone) • My personal data being stolen when it’s sent between my computer and the internet • Someone hacking a service that I use and stealing my personal data from the service

  16. Top 5 Answers • Malicious software (spyware, viruses, ransomware) •

    Someone getting my password and taking over my accounts • Scams that trick me into giving up personal data (online, email, or phone) • My personal data being stolen when it’s sent between my computer and the internet • Someone hacking a service that I use and stealing my personal data from the service VPNs are designed for this one

  17. restoreprivacy.com/vpn

  18. Let’s dig into that a bit …

  19. https://www.eff.org/pages/tor-and-https

  20. None
  21. None
  22. None
  23. None
  24. None
  25. None

  26. protects user/pw & data

  27. None
  28. None
  29. None
  30. None

  31. If you’re only worried about a hacker stealing your password

    over WiFi, https is probably enough* * attacks against https are possible, but harder than http

  32. If you’re worried about … • A hacker on WiFi

    attacking https • A hacker on WiFi seeing which sites you visit • Your ISP seeing which sites you visit • Your government seeing which sites you visit

  33. Then you want a VPN

  34. So what does a VPN do?

  35. None

  36. VPN connection VPN Provider

  37. VPN

  38. VPN VPN VPN

  39. A VPN protects ~all the data from “local” hackers and

    your ISP

  40. But … once your data leaves the VPN …

  41. VPN VPN

  42. The VPN is only hiding your location* * more on

    this later

  43. VPN VPN VPN VPN

  44. So what you really like is VPN AND https

  45. VPN VPN

  46. VPN VPN VPN VPN

  47. Now, almost all VPNs solve the “local hacker” and ISP

    problems (or they’re not really a VPN)

  48. When you use a VPN, you’re basically using a different

    ISP

  49. VPN

  50. But some VPNs are as bad or worse than your

    ISP

  51. Again: how to pick a VPN?

  52. You probably don’t want a free one

  53. VPN > 💰

  54. So, how to pick which VPN to pay for?

  55. Well, if they all protect from local hackers and your

    ISP, what else are you trying to do?

  56. What else are you trying to do? • Bypass geographic

    restrictions on websites or streaming services • Hide your true location • Bypass internet censorship • Avoid online tracking • Downloading media

  57. Not everyone wants to know about everything, so …

  58. let’s talk about 3 main features

  59. 3 main features • How fast is the VPN? •

    Where is the VPN based, and where does it have servers? • Does the VPN log your data?

  60. 3 main features • How fast is the VPN? •

    Where is the VPN based, and where does it have servers? • Does the VPN keep logs of its data?

  61. How fast is the VPN?

  62. Because if it’s great at privacy but terribly slow, you

    won’t use it

  63. restoreprivacy.com/vpn/fastest

  64. fast.com

  65. show more info

  66. What affects speed • Your physical connection: WiFi or wired

    Ethernet • note: wired Ethernet also most secure • The physical distance between your computer and your destination • The bandwidth of the network between your computer and your destination • The networking protocol used

  67. 2 kinds of speed • Ping/Latency • Bandwidth/Speed

  68. 2 kinds of speed • Ping/Latency • Lower is better

    • Important for fast web browsing, gaming • Bandwidth/Speed • Higher is better • Important for streaming, downloading

  69. Ping/Latency has a lot to do with the 2nd main

    feature

  70. 3 main features • How fast is the VPN? •

    Where is the VPN based, and where does it have servers? • Does the VPN log your data?

  71. If there’s a server close to you, you’ll get better

    speed

  72. Most VPNs show you where they have servers

  73. If you care about security but not privacy, you might

    be able to stop paying attention now

  74. Next, you might want to see where the VPN company

    is based

  75. privacytools.io/providers

  76. Basically, these countries may be sharing data with each other

  77. And corporations in these 14 countries may be sharing data

    with each others’ governments

  78. So if you’re worried about hiding your traffic from your

    government …

  79. You may want a VPN provider who is NOT based

    in one of “5 eyes” countries US, UK, Canada, Australia, New Zealand

  80. privacytools.io/providers/vpn

  81. 3 main features • How fast is the VPN? •

    Where is the VPN based, and where does it have servers? • Does the VPN keep logs of its data?

  82. restoreprivacy.com/vpn-logs

  83. Types of VPN logs • Usage logs - mostly free

    VPN apps, which are basically spyware • Connection logs - used to optimize and trouble-shoot the VPN network • Some VPNs do this while claiming to be … • No logs - don’t log anything • Makes it hard for the VPN operator to enforce some restrictions

  84. 3 main features • Main Security Feature • How fast

    is the VPN? • Where does it have servers? • Privacy Features • Where is the VPN based, and where does it have servers? • Does the VPN keep logs of its data?

  85. Here comes the shameless promo for Mozilla VPN …

  86. privacytools.io/providers/vpn

  87. privacytools.io has the highest standards for recommendations I’ve seen on

    the ‘net

  88. and they recommend Mullvad

  89. Mozilla VPN uses Mullvad!

  90. We also use WireGuard for speed

  91. We’re actually cheaper than Mullvad $5/mo vs. $5.50/mo

  92. How?

  93. Mullvad gives us a discount because we can help them

    reach so many Firefox users

  94. Speaking of Firefox …

  95. If you already have a Firefox Account (of course you

    do) …

  96. Signing up is super easy!

  97. vpn.mozilla.org

  98. And speaking MORE of Firefox …

  99. Live Demo!

  100. Questions? • What is a VPN? • How a VPN

    works? • How to pick a VPN? • How is a VPN different from HTTPS? • How fast is a VPN? • Where does a VPN have servers? • Where is a VPN based? • How do I give you cash-money for this awesome Mozilla VPN?

  101. Location? How?

  102. IP Addresses

  103. IP Numbers

  104. kinda like Phone Numbers …

  105. This is your IP address https://iplocation.com

  106. This is your IP address on a VPN https://iplocation.com