Upgrade to Pro — share decks privately, control downloads, hide ads and more …

VPNs

luke crouch
January 08, 2021
Technology
0
20

 VPNs

luke crouch

January 08, 2021
Tweet

More Decks by luke crouch

See All by luke crouch
Cryptography: 500 BC to https
groovecoder
0
32
Mozilla Observatory First Draft
groovecoder
0
50
Digital Privacy & Security
groovecoder
0
190
Cryptography: 500 BC to Quantum Computing
groovecoder
0
250
Just enough bitcoing to go cryptojacking with JavaScript
groovecoder
0
42
Can we protect Privacy without breaking the web
groovecoder
0
97
Hash Range Queries
groovecoder
0
35
Google Safe Browsing (High Level)
groovecoder
0
41
How to run your code on the dark web (full version)
groovecoder
1
360

Other Decks in Technology

See All in Technology
OCI Cloud Native 2023
oracle4engineer
PRO
0
130
Showcase2023_進化し続けるサイバーセキュリティ脅威を防ぐSaaSソリューション.pdf
sakaitakeshi
0
380
ワイヤレス電力伝送について
sbtechnight
PRO
0
360
マネーフォワードエックスカンパニーとGo言語の歩み
jtaka1012
2
130
Oracle Exadata Database Service on [email protected] X9M ([email protected]) 技術詳細
oracle4engineer
PRO
0
1.1k
エラーログをAlertで引っ掛けるときにEventTimer使ってみた話
sparty
0
130
Pwning Old WebKit for Fun and Profit
hhc0null
0
290
ある日PHPerがベンチャー企業のデータ基盤を作ることになったら
ytsuzaki
0
130
知識拡張型言語モデルLUKE
ikuyamada
1
250
エンジニアのためのドキュメントライティング / Docs for Developers
iwashi86
16
5.1k
チームにスクラムを導入してみた
sbtechnight
PRO
0
310
SwiftUI&Reduxを利用したUI実装サンプルにおけるポイント解説
fumiyasac0921
0
130

Featured

See All Featured
Visualization
eitanlees
129
12k
Intergalactic Javascript Robots from Outer Space
tanoku
261
26k
The Invisible Customer
myddelton
113
12k
Git: the NoSQL Database
bkeepers
PRO
419
60k
Happy Clients
brianwarren
90
5.9k
Designing for humans not robots
tammielis
245
24k
KATA
mclloyd
12
9.9k
The World Runs on Bad Software
bkeepers
PRO
59
5.8k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
32
7.2k
JazzCon 2018 Closing Keynote - Leadership for the Reluctant Leader
reverentgeek
176
9.2k
Building Your Own Lightsaber
phodgson
96
4.9k
Learning to Love Humans: Emotional Interface Design
aarron
263
38k

Transcript

  1. VPNs
    Luke Crouch

    View Slide

  2. About Me
    • Privacy & Security Engineer, Mozilla

    • Board Member, Techlahoma

    View Slide

  3. Disclaimer: I work for a VPN company
    • Mozilla VPN

    • We partner with Mullvad

    • (more details later)

    View Slide

  4. What’s a VPN?

    View Slide

  5. Virtual Private Network

    View Slide

  6. restoreprivacy.com/vpn

    View Slide

  7. How to pick a VPN?

    View Slide

  8. Easy, right?

    View Slide

  9. Oh wait

    View Slide

  10. The dreaded question from
    tech support …

    View Slide

  11. What are you trying to do?

    View Slide

  12. What are you trying to protect?

    View Slide

  13. What are you worried about?

    View Slide

  14. Mozilla Research
    “Thinking about an average day in your life what risks or threats seem important
    to look out for in your world, whether online or not?”

    View Slide

  15. Top 5 Answers
    • Malicious software (spyware, viruses, ransomware)

    • Someone getting my password and taking over my accounts

    • Scams that trick me into giving up personal data (online, email, or phone)

    • My personal data being stolen when it’s sent between my computer and
    the internet

    • Someone hacking a service that I use and stealing my personal data from
    the service

    View Slide

  16. Top 5 Answers
    • Malicious software (spyware, viruses, ransomware)

    • Someone getting my password and taking over my accounts

    • Scams that trick me into giving up personal data (online, email, or phone)

    • My personal data being stolen when it’s sent between my computer and
    the internet

    • Someone hacking a service that I use and stealing my personal data from
    the service
    VPNs are designed for this one

    View Slide

  17. restoreprivacy.com/vpn

    View Slide

  18. Let’s dig into that a bit …

    View Slide

  19. https://www.eff.org/pages/tor-and-https

    View Slide

  20. View Slide

  21. View Slide

  22. View Slide

  23. View Slide

  24. View Slide

  25. View Slide

  26. protects user/pw & data

    View Slide

  27. View Slide

  28. View Slide

  29. View Slide

  30. View Slide

  31. If you’re only worried about a
    hacker stealing your password
    over WiFi,
    https is probably enough*
    * attacks against https are possible, but harder than http

    View Slide

  32. If you’re worried about …
    • A hacker on WiFi attacking https

    • A hacker on WiFi seeing which sites you visit

    • Your ISP seeing which sites you visit

    • Your government seeing which sites you visit

    View Slide

  33. Then you want a VPN

    View Slide

  34. So what does a VPN do?

    View Slide

  35. View Slide

  36. VPN connection
    VPN
    Provider

    View Slide

  37. VPN

    View Slide

  38. VPN
    VPN
    VPN

    View Slide

  39. A VPN protects ~all the data from
    “local” hackers and your ISP

    View Slide

  40. But … once your data leaves
    the VPN …

    View Slide

  41. VPN
    VPN

    View Slide

  42. The VPN is only hiding your
    location*
    * more on this later

    View Slide

  43. VPN
    VPN
    VPN
    VPN

    View Slide

  44. So what you really like is
    VPN
    AND
    https

    View Slide

  45. VPN
    VPN

    View Slide

  46. VPN
    VPN
    VPN
    VPN

    View Slide

  47. Now, almost all VPNs solve the
    “local hacker” and ISP problems
    (or they’re not really a VPN)

    View Slide

  48. When you use a VPN, you’re
    basically using a different ISP

    View Slide

  49. VPN

    View Slide

  50. But some VPNs are as bad or
    worse than your ISP

    View Slide

  51. Again: how to pick a VPN?

    View Slide

  52. You probably don’t
    want a free one

    View Slide

  53. VPN
    > 💰

    View Slide

  54. So, how to pick which VPN to
    pay for?

    View Slide

  55. Well, if they all protect from local
    hackers and your ISP,
    what else are you trying to do?

    View Slide

  56. What else are you trying to do?
    • Bypass geographic restrictions on websites or streaming services

    • Hide your true location

    • Bypass internet censorship

    • Avoid online tracking

    • Downloading media

    View Slide

  57. Not everyone wants to know
    about everything, so …

    View Slide

  58. let’s talk about 3 main features

    View Slide

  59. 3 main features
    • How fast is the VPN?

    • Where is the VPN based, and where does it have servers?

    • Does the VPN log your data?

    View Slide

  60. 3 main features
    • How fast is the VPN?

    • Where is the VPN based, and where does it have servers?

    • Does the VPN keep logs of its data?

    View Slide

  61. How fast is the VPN?

    View Slide

  62. Because if it’s great at privacy
    but terribly slow, you won’t use it

    View Slide

  63. restoreprivacy.com/vpn/fastest

    View Slide

  64. fast.com

    View Slide

  65. show more info

    View Slide

  66. What affects speed
    • Your physical connection: WiFi or wired Ethernet

    • note: wired Ethernet also most secure

    • The physical distance between your computer and your destination

    • The bandwidth of the network between your computer and your
    destination

    • The networking protocol used

    View Slide

  67. 2 kinds of speed
    • Ping/Latency

    • Bandwidth/Speed

    View Slide

  68. 2 kinds of speed
    • Ping/Latency

    • Lower is better

    • Important for fast web browsing, gaming

    • Bandwidth/Speed

    • Higher is better

    • Important for streaming, downloading

    View Slide

  69. Ping/Latency has a lot to do
    with the 2nd main feature

    View Slide

  70. 3 main features
    • How fast is the VPN?

    • Where is the VPN based, and where does it have servers?

    • Does the VPN log your data?

    View Slide

  71. If there’s a server close to you,
    you’ll get better speed

    View Slide

  72. Most VPNs show you where they have servers

    View Slide

  73. If you care about security but not
    privacy, you might be able to stop
    paying attention now

    View Slide

  74. Next, you might want to see
    where the VPN company is based

    View Slide

  75. privacytools.io/providers

    View Slide

  76. Basically, these countries may
    be sharing data with each other

    View Slide

  77. And corporations in these 14
    countries may be sharing data with
    each others’ governments

    View Slide

  78. So if you’re worried about hiding
    your traffic from your government

    View Slide

  79. You may want a VPN provider who
    is NOT based in one of
    “5 eyes” countries
    US, UK, Canada, Australia, New Zealand

    View Slide

  80. privacytools.io/providers/vpn

    View Slide

  81. 3 main features
    • How fast is the VPN?

    • Where is the VPN based, and where does it have servers?

    • Does the VPN keep logs of its data?

    View Slide

  82. restoreprivacy.com/vpn-logs

    View Slide

  83. Types of VPN logs
    • Usage logs - mostly free VPN apps, which are basically spyware

    • Connection logs - used to optimize and trouble-shoot the VPN network

    • Some VPNs do this while claiming to be …

    • No logs - don’t log anything

    • Makes it hard for the VPN operator to enforce some restrictions

    View Slide

  84. 3 main features
    • Main Security Feature

    • How fast is the VPN?

    • Where does it have servers?

    • Privacy Features

    • Where is the VPN based, and where does it have servers?

    • Does the VPN keep logs of its data?

    View Slide

  85. Here comes the shameless
    promo for Mozilla VPN …

    View Slide

  86. privacytools.io/providers/vpn

    View Slide

  87. privacytools.io has the highest
    standards for recommendations
    I’ve seen on the ‘net

    View Slide

  88. and they recommend Mullvad

    View Slide

  89. Mozilla VPN uses Mullvad!

    View Slide

  90. We also use WireGuard for speed

    View Slide

  91. We’re actually cheaper than Mullvad
    $5/mo vs. $5.50/mo

    View Slide

  92. How?

    View Slide

  93. Mullvad gives us a discount
    because we can help them reach
    so many Firefox users

    View Slide

  94. Speaking of Firefox …

    View Slide

  95. If you already have a
    Firefox Account (of course you do)

    View Slide

  96. Signing up is super easy!

    View Slide

  97. vpn.mozilla.org

    View Slide

  98. And speaking MORE of Firefox

    View Slide

  99. Live Demo!

    View Slide

  100. Questions?
    • What is a VPN?

    • How a VPN works?

    • How to pick a VPN?

    • How is a VPN different from HTTPS?

    • How fast is a VPN?

    • Where does a VPN have servers?

    • Where is a VPN based?

    • How do I give you cash-money for this awesome Mozilla VPN?

    View Slide

  101. Location?
    How?

    View Slide

  102. IP Addresses

    View Slide

  103. IP Numbers

    View Slide

  104. kinda like Phone Numbers …

    View Slide

  105. This is your IP address
    https://iplocation.com

    View Slide

  106. This is your IP address on a VPN
    https://iplocation.com

    View Slide