A virtual private network, that core privacy tool that encrypts your internet traffic and bounces it through a faraway server, has always presented a paradox: Sure, it helps you hide from some forms of surveillance, like your internet service provider’s snooping and eavesdroppers on your local network. But it leaves you vulnerable to a different, equally powerful spy: Whoever controls the VPN server you’re routing all your traffic through.
To help solve that quagmire, Jigsaw, the Alphabet-owned Google sibling that serves as a human rights-focused tech incubator, will now offer VPN software that you can easily set up on your own server—or at least, one you set up yourself, and control in the cloud. And unlike older homebrew VPN code, Jigsaw says it’s focused on making the setup and hosting of that server simple enough that even small, less savvy organizations or even individual users can do it in minutes.
Jigsaw says that the free DIY proxy software, called Outline, aims to provide an alternative to, on the one hand, stronger anonymity tools like Tor that slow down web browsing by bouncing connections through multiple encrypted hops around the world and, on the other hand, commercial VPNs that can be expensive, and also put users’ private information and internet history at risk.
“The core of the product is that people can run their own VPN,” says Santiago Andrigo, the Jigsaw product manager who led Outline’s development. “You get the reassurance that no one else has your data, and you can rest easier in that knowledge.”
Trust in Yourself
Any basic commercial VPN like Freedome, NordVPN or Private Internet Access encrypts all of your online traffic and routes it from your PC or smartphone through a server in a remote data center, and only then out to the open internet. The result is that any snoop or censor watching your local connection can only see your scrambled communications to that server, not the actual destinations of your browsing or the contents of your communications. But while most decent VPNs promise not to keep sensitive logs of users’ online histories, it’s hard for users to confirm that safeguard is actually in place. And many of the most proven privacy-conscious VPNs are too expensive for users in surveillance-heavy countries in the developing world. The result, for many, is that “your privacy is in someone else’s hands,” Andrigo says.
Outline, which will run on Windows and Android to start and Apple operating systems in the coming weeks, instead lets anyone set up their own VPN server on a virtual server either hosted on a cloud platform like Rackspace, Google Cloud Engine, or Amazon EC2, or on a physical server under their control. The program most seamlessly integrates with the cloud provider Digital Ocean, which Jigsaw recommends for the easiest setup experience. Choose that provider, which offers 500 gigabytes of traffic for $5 a month, and Outline integrates with its API to offer a menu of its available server locations from London to Bangalore.
Outline isn’t the only homebrew VPN available: Security researcher Dan Guido launched a similar project in late 2016. And Outline itself is based on the existing, open source VPN software ShadowSocks. But Outline has tried to distinguish itself with its simplicity: It lets users skip ShadowSocks’ normal technical setup that requires a series of complex server configurations and cryptographic key generation steps performed through command line instructions. Instead, Outline automates practically the entire installation: In a demo for WIRED, Andrigo set up a new VPN on a Digital Ocean server in Amsterdam in about half a dozen clicks and just a few minutes.
Once an Outline server is set up, the administrator of the VPN can generate secret keys for other users and share them via links. (Andrigo suggests sending those URLs via an encrypted messaging app like Signal to control who can access the server.) That account sharing should help make Outline an easy way to run a VPN for an entire organization, like a group of activists or journalists.
A Swedish NGO called Civil Rights Defenders, for instance, has been testing Outline since last fall with the group of sensitive internet users it works to protect, who include journalists, lawyers, and LGBT communities in 18 repressive regimes around the world. CRD program director Marcin de Kaminski says he’s found it’s an easy way to set up a VPN that CRD itself controls. “We send a link to the user, and after three clicks they’re running it, and it’s more or less untraceable to their activities,” says de Kaminski. But Outline is also designed to help even groups with much less technical know-how. Aside from its simple setup, it’s designed not to require much maintenance: A feature called Watchtower automatically checks for security updates and installs them.
Not Quite Anonymous
Even though it’s designed to be installed on a server the user controls, Jigsaw says that Outline is still set by default not to collect logs. And unlike other VPNs that make that promise, Outline’s code will be left open source on GitHub to allow anyone to check that assurance.
But like any VPN, Outline isn’t quite a privacy panacea. If Outline is set up on a cloud server, rather than in the user’s own data center or garage, a deceptive cloud provider might be able to log traffic coming from the server even without changing the code running on it, stripping away the user’s protection. It doesn’t provide the same degree of anonymity protections as Tor, which routes traffic through three hops rather than just one and also protects against attacks like browser fingerprinting. Jigsaw goes so far as to warn in its FAQ for Outline that the program is “not an anonymity tool”; it doesn’t prevent sites you visit from identifying you, so much as block surveillance on your network and provide a path to route around censorship filters.
Outline users also face the same risk that all VPNs face in countries like China and Iran: If local snoops are stymied by a VPN, they can simply track down the IP address of the server running it and block it. But Andrigo says Outline is designed so that its servers will at least be very difficult to detect and block en masse, even with a tool like China’s Great Firewall. It’s designed to connect with users from a randomized port on the server running it, and doesn’t respond to any scans or pings unless the user offers their unique key. Jigsaw says it’s committed to keeping up with the cat-and-mouse of evading the censors. “This is an ever-evolving game,” says Andrigo.
With any luck, though, Outline might just change the nature of that game. And instead of blocking a single commercial VPN and cutting off many thousands of users, censors may have to play whack-a-mole with thousands of servers set up to host just a few individuals’ traffic each. Make a custom path to the open internet easy enough for anyone to set up, in other words, and it could become far harder for the authorities to tear them all down.