Jigsaw, the Alphabet-owned firm formerly known as Google Ideas, has announced a new free VPN (virtual private network) software package called Outline. The new open source VPN serves as a way to protect journalists, activists, and others who need a secure service to protect sensitive data or vulnerable individuals, though there’s no reason why other organizations or individuals can’t take advantage of it.
Outline was designed as VPN software rather than a VPN service, to avoid the problem of having to find a trustworthy company. Jigsaw explains:
Outline makes it easy for news organizations to set up a corporate virtual private network (VPN) on their own server to more safely connect to the internet and keep their communications private. Millions of people around the world already use VPNs to get access to important information, but VPNs aren’t always reliable or safe. Most VPNs require you to trust a third party organization with you data, which means you’re not always sure who’s running the servers and providing your access to the internet. Some VPNs don’t even use encryption.
Outline gives you control over your privacy by letting you operate your own server. And Outline never logs your web traffic. We made it possible to set up Outline on any cloud provider or on your own infrastructure so you can fully own and operate your own VPN and don’t have to trust a VPN operator with your data.
The company claims Outline uses 256-bit AEAD (Authenticated Encryption with Associated Data) and is meant to resist both probing and protocol fingerprinting. Jigsaw claims that the software is easy to use, cheap, and can be configured either on a local server or as a cloud service if you don’t have your own infrastructure.
Digging in further, Outline is an open source software kit that’s been independently audited by Radically Open Security. Jigsaw then worked with the latter firm to remedy various issues. Readers should know, however, that security audits are extremely complex and typically take months to thoroughly evaluate a piece of software. This audit, for example, notes that “we did not explicitly test for general flaws in Shadowsocks or the effectiveness as resilient tool to circumvent network filters.” (Shadowsocks is an open source encrypted proxy that can also proxy UDP traffic and is widely used in China to circumvent the Great Firewall.) Our point here is not to imply that Jigsaw or ROS conducted the audit in bad faith, but that the words “security audit” are not unilateral proof against a security flaw or bug in non-audited code.
With that aside, this type of hybrid cloud service gives organizations more power over their own data while simultaneously providing host opportunities much more cheaply than what we might have expected to pay years ago. It’s an example of how the cloud can be used to help people protect their own data, rather than exposing it as a frickin’ feature of an online service.
Jigsaw might not have intended the debut to drop alongside Zuck’s frantic, failed defense of Facebook’s data policies and Cambridge Analytica’s exploitation of the same, but it’s a noteworthy parallel. If you want to protect your data, protect it yourself. It’s a woefully inadequate prescription for our times, but it’s also the only thing you’ve got.
Android 12 Could Include Major App Compatibility Improvements
Google has attempted to centralize chunks of Android over the years, and a major component called ART is set to get this treatment in Android 12. The result could be vastly improved app compatibility, which is sure to make everyone happy.
Android 8.1 Now Tells You How Fast Nearby Wi-Fi Networks Are
You won't get exact speed measurements, but a general descriptor tells you if the network is lightning fast or slow as molasses.
Google Pulled ‘Bad’ Android Apps in 2017 Faster Than Ever Before
Google reports that it took down more than 700,000 "bad" apps in 2017, and it did so faster than ever before.
The Essential Phone Will Skip Android 8.0 and Go Right to 8.1
There have been three releases of the Oreo beta so far, but Essential says it's identified several stability issues that have been difficult to solve.