Upgrade to Pro — share decks privately, control downloads, hide ads and more …

VPNs

luke crouch
January 08, 2021
Technology
0
64

 VPNs

luke crouch

January 08, 2021
Tweet

More Decks by luke crouch

See All by luke crouch
cryptory-up-to-https-atlas-2024.pdf
groovecoder
0
22
Cryptography: 500 BC to https
groovecoder
0
75
Mozilla Observatory First Draft
groovecoder
0
77
Digital Privacy & Security
groovecoder
0
220
Cryptography: 500 BC to Quantum Computing
groovecoder
0
350
Just enough bitcoing to go cryptojacking with JavaScript
groovecoder
0
56
Can we protect Privacy without breaking the web
groovecoder
0
110
Hash Range Queries
groovecoder
0
67
Google Safe Browsing (High Level)
groovecoder
0
58

Other Decks in Technology

See All in Technology
DevOpsDays History and my DevOps story
kawaguti
PRO
8
1.6k
The CloudCompare project by Dr. Daniel Girardeau-Montaut
kentaitakura
0
510
プロデザ! BY リクルート vol.18_リクルートのリサーチ実践組織「リサーチブーストコミュニティ」
recruitengineers
PRO
3
240
Hands-on / Kaname Frusawa / Cloud Compare Users Meetup 2024 at University of Tokyo on April 17
paraworld
2
470
PHPカンファレンス小田原2024
ysknsid25
3
660
4年前、あるじゃん老害エンジニアLT合戦に登壇、米国西海岸コンピュータ歴史博物館体験記の続編
toshi_atsumi
0
200
Oracle Cloud Infrastructure:2024年4月度サービス・アップデート
oracle4engineer
PRO
1
110
[PlatformCon 24] Platform Orchestrators: The Missing Middle of Internal Developer Platforms?
danielbryantuk
1
180
強みを伸ばすキャリアデザイン
yug1224
0
200
Microsoft Cloudで 開発ライフサイクルを保護する
kkamegawa
0
140
元インフラエンジニアに成る / Human Resources to Human Relations
bobtani
3
810
Vertex AI を中心に 生成AIのアップデートを共有します
kaz1437
0
140

Featured

See All Featured
Optimizing for Happiness
mojombo
370
69k
Ruby is Unlike a Banana
tanoku
96
10k
Building Your Own Lightsaber
phodgson
98
5.7k
Building a Modern Day 
E-commerce SEO Strategy
aleyda
16
6.4k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
124
32k
Reflections from 52 weeks, 52 projects
jeffersonlam
344
19k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
119
38k
[RailsConf 2023] Rails as a piece of cake
palkan
22
3.9k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
658
120k
Keith and Marios Guide to Fast Websites
keithpitt
408
22k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
18
1.7k
How to name files
jennybc
64
92k

Transcript

  1. VPNs Luke Crouch

  2. About Me • Privacy & Security Engineer, Mozilla • Board

    Member, Techlahoma

  3. Disclaimer: I work for a VPN company • Mozilla VPN

    • We partner with Mullvad • (more details later)

  4. What’s a VPN?

  5. Virtual Private Network

  6. restoreprivacy.com/vpn

  7. How to pick a VPN?

  8. Easy, right?

  9. Oh wait

  10. The dreaded question from tech support …

  11. What are you trying to do?

  12. What are you trying to protect?

  13. What are you worried about?

  14. Mozilla Research “Thinking about an average day in your life

    what risks or threats seem important to look out for in your world, whether online or not?”

  15. Top 5 Answers • Malicious software (spyware, viruses, ransomware) •

    Someone getting my password and taking over my accounts • Scams that trick me into giving up personal data (online, email, or phone) • My personal data being stolen when it’s sent between my computer and the internet • Someone hacking a service that I use and stealing my personal data from the service

  16. Top 5 Answers • Malicious software (spyware, viruses, ransomware) •

    Someone getting my password and taking over my accounts • Scams that trick me into giving up personal data (online, email, or phone) • My personal data being stolen when it’s sent between my computer and the internet • Someone hacking a service that I use and stealing my personal data from the service VPNs are designed for this one

  17. restoreprivacy.com/vpn

  18. Let’s dig into that a bit …

  19. https://www.eff.org/pages/tor-and-https

  20. None
  21. None
  22. None
  23. None
  24. None
  25. None

  26. protects user/pw & data

  27. None
  28. None
  29. None
  30. None

  31. If you’re only worried about a hacker stealing your password

    over WiFi, https is probably enough* * attacks against https are possible, but harder than http

  32. If you’re worried about … • A hacker on WiFi

    attacking https • A hacker on WiFi seeing which sites you visit • Your ISP seeing which sites you visit • Your government seeing which sites you visit

  33. Then you want a VPN

  34. So what does a VPN do?

  35. None

  36. VPN connection VPN Provider

  37. VPN

  38. VPN VPN VPN

  39. A VPN protects ~all the data from “local” hackers and

    your ISP

  40. But … once your data leaves the VPN …

  41. VPN VPN

  42. The VPN is only hiding your location* * more on

    this later

  43. VPN VPN VPN VPN

  44. So what you really like is VPN AND https

  45. VPN VPN

  46. VPN VPN VPN VPN

  47. Now, almost all VPNs solve the “local hacker” and ISP

    problems (or they’re not really a VPN)

  48. When you use a VPN, you’re basically using a different

    ISP

  49. VPN

  50. But some VPNs are as bad or worse than your

    ISP

  51. Again: how to pick a VPN?

  52. You probably don’t want a free one

  53. VPN > 💰

  54. So, how to pick which VPN to pay for?

  55. Well, if they all protect from local hackers and your

    ISP, what else are you trying to do?

  56. What else are you trying to do? • Bypass geographic

    restrictions on websites or streaming services • Hide your true location • Bypass internet censorship • Avoid online tracking • Downloading media

  57. Not everyone wants to know about everything, so …

  58. let’s talk about 3 main features

  59. 3 main features • How fast is the VPN? •

    Where is the VPN based, and where does it have servers? • Does the VPN log your data?

  60. 3 main features • How fast is the VPN? •

    Where is the VPN based, and where does it have servers? • Does the VPN keep logs of its data?

  61. How fast is the VPN?

  62. Because if it’s great at privacy but terribly slow, you

    won’t use it

  63. restoreprivacy.com/vpn/fastest

  64. fast.com

  65. show more info

  66. What affects speed • Your physical connection: WiFi or wired

    Ethernet • note: wired Ethernet also most secure • The physical distance between your computer and your destination • The bandwidth of the network between your computer and your destination • The networking protocol used

  67. 2 kinds of speed • Ping/Latency • Bandwidth/Speed

  68. 2 kinds of speed • Ping/Latency • Lower is better

    • Important for fast web browsing, gaming • Bandwidth/Speed • Higher is better • Important for streaming, downloading

  69. Ping/Latency has a lot to do with the 2nd main

    feature

  70. 3 main features • How fast is the VPN? •

    Where is the VPN based, and where does it have servers? • Does the VPN log your data?

  71. If there’s a server close to you, you’ll get better

    speed

  72. Most VPNs show you where they have servers

  73. If you care about security but not privacy, you might

    be able to stop paying attention now

  74. Next, you might want to see where the VPN company

    is based

  75. privacytools.io/providers

  76. Basically, these countries may be sharing data with each other

  77. And corporations in these 14 countries may be sharing data

    with each others’ governments

  78. So if you’re worried about hiding your traffic from your

    government …

  79. You may want a VPN provider who is NOT based

    in one of “5 eyes” countries US, UK, Canada, Australia, New Zealand

  80. privacytools.io/providers/vpn

  81. 3 main features • How fast is the VPN? •

    Where is the VPN based, and where does it have servers? • Does the VPN keep logs of its data?

  82. restoreprivacy.com/vpn-logs

  83. Types of VPN logs • Usage logs - mostly free

    VPN apps, which are basically spyware • Connection logs - used to optimize and trouble-shoot the VPN network • Some VPNs do this while claiming to be … • No logs - don’t log anything • Makes it hard for the VPN operator to enforce some restrictions

  84. 3 main features • Main Security Feature • How fast

    is the VPN? • Where does it have servers? • Privacy Features • Where is the VPN based, and where does it have servers? • Does the VPN keep logs of its data?

  85. Here comes the shameless promo for Mozilla VPN …

  86. privacytools.io/providers/vpn

  87. privacytools.io has the highest standards for recommendations I’ve seen on

    the ‘net

  88. and they recommend Mullvad

  89. Mozilla VPN uses Mullvad!

  90. We also use WireGuard for speed

  91. We’re actually cheaper than Mullvad $5/mo vs. $5.50/mo

  92. How?

  93. Mullvad gives us a discount because we can help them

    reach so many Firefox users

  94. Speaking of Firefox …

  95. If you already have a Firefox Account (of course you

    do) …

  96. Signing up is super easy!

  97. vpn.mozilla.org

  98. And speaking MORE of Firefox …

  99. Live Demo!

  100. Questions? • What is a VPN? • How a VPN

    works? • How to pick a VPN? • How is a VPN different from HTTPS? • How fast is a VPN? • Where does a VPN have servers? • Where is a VPN based? • How do I give you cash-money for this awesome Mozilla VPN?

  101. Location? How?

  102. IP Addresses

  103. IP Numbers

  104. kinda like Phone Numbers …

  105. This is your IP address https://iplocation.com

  106. This is your IP address on a VPN https://iplocation.com