The Deeper Connect Nano is like the VPN of the future, without the monthly fee

Originally published at: The Deeper Connect Nano is like the VPN of the future, without the monthly fee | Boing Boing

…

There is very little info out there on exactly what a DPN is, and what it does, versus the traditional VPN which is well understood.

Seems like it’s more of a … newly minted term based on this indiegogo project?

Not sure… hard to even find recent discussions about it, this is about all I can find. Decent summary of VPN and Tor here at least!

Wireguard and OpenVPN and ever other VPN protocol is designed to allow for fast secure remote access to a secured network. The overwhelming use case for this is to access a corporate/home network from anywhere.

VPNs don’t really increase your privacy or anonymity. All they do is let the VPN provider see everything your ISP used to be able to see before you turned on the VPN. They don’t hide anything, they just change who can see it.

Tor on the other hand is designed to anonymize your information to the point where the site you are visiting doesn’t know you are visiting it and nobody in between knows where you are going. (over simplification, but that is the gist)

A decentralized VPN just randomizes who can see all your and causes you some issues. If you read the Tor docks, they very explicitly say “DO NOT ever run a tor exit node from your home connection, and if you are running one anywhere, make sure your ISP is cool with it. Bad things will come out of that connection. You don’t want to be responsible for them.” This VPN service kinda has that bad stuff built in.

It does seem like it’s a VPN where you have peer-to-peer exit nodes? Apparently that behavior can be disabled, and that’s fine, but then I’m unclear what the purpose of this device is…

P2P style VPNs have been around for a while. The advantage of this device is that you can run the VPN on a separate device rather than you PC, to make sure all traffic routes through it. Of course, you can do that already with many routers, or you can buy a similar tiny computer and roll your own. The hardware they’re using is pretty standard in the micro/embedded PC world, for example this one from friendlyelec for quite a lot less money:

image1100×680 97.8 KB

I should?

But you just said that was the thing I should use

Somehow this seems unlikely to be true

VPNs the ultimate man in the middle attack?

While this looks to encrypt traffic on your end, doesn’t it connect to your network? And if so, can still be seen by your ISP? Just as encrypted data. They can still see what sites you are visiting with this encrypted data, correct?

If it works like most VPNs then your ISP will only see that you are visiting a VPN node. Depending on the VPN architecture, the VPN might then see where you are visiting, but in a properly crafted P2P setup the VPN might not be able to tell the difference between you and the N other people using the service.

I think in fact that the software on this device is leveraging some traditional MITM ideas in order to force the local computer net traffic to tunnel through to the VPN

Nah. It’s trickery happens at the IP layer, where MITM stuff works at layers 3 & 4. It sets up whatever it’s doing for an anonymizing encrypted channel and hooks that to a tap device. Then it can just setup a route table or firewall rule that tells the kernel to take all packets from the internal interface and shovel them into the tap interface. Which hands them to the daemon doing the encryption and that sends them out the external interface, possibly for a little onion routing, and then off to the real destination from the exit node. Return packets take the reverse route, and neither client nor server sees anything hinky going on. It just looks like a normal internet connection.

That said, I don’t know what this thing is using for peer-to-peer VPN. I can think of a way to build this with off the shelf software, but I wouldn’t want to put it on my network: Looking at their website, it’s pretty short on details, other than mentioning what appears to be a proprietary OS and something something blockchain something.

Edit: the OS and software is definitely proprietary and they’re a bunch of blockchain solves everything wankers. Don’t touch this thing until it’s been thoroughly worked over by security researchers. They rolled their own crypto and system software. Which means they fucked it up, but no one knows how yet (and especially not them).

I’ll take your word for it; I didn’t bother to look that closely at their website, since I am not a potential customer. Some time in the past there was a discussion of a similar privacy device at BB which did at least claim to use MITM technology.

At $200 for $25 worth of hardware I would have hoped they would be buying you a tunnel into something established and known-effective.

We call it the Gbps!

Because it can run at 1Gbps?

…

but … doesn’t the blockchain solve everything? Like the climate, plastics pollution, poverty? Although I thought they now moved on to AI to solve everything.

What machine is called the Gbps?

Remember, if it’s from the BoingBoing Shop, there’s a 99% chance it’s junk or a scam. All this trash harms the BoingBoing brand.

Cool - Internet access without having to rely on the Internet - I’m gonna save a fortune by ditching my ISP!

What decrypts the data on the other end? I’m really confused by this device.

My assumption is that every device acts as both your computer’s interface into the “decentralized virtual network” and also an exit node. So whenever you send some traffic, it goes out someone else’s node? This is really kinda just a guess though

It seems like every person with this device is acting like a VPN endpoint for every other user. Sort of like running a TOR exit node.

Generally this is a bad idea, because when the feds run some honeypot child porn service your IP is the one that will be stamped on the packet. Your door is the one that is getting kicked in when some overzealous prosecutor decides that IP == identity again.

I asked on Twitter, and nobody can figure out what this device is actually doing. That’s impressive… in a … bad… way?

The only sensible (sort of) explanation is that it makes you part of a peer-to-peer, closed source (??) Tor network, except they go to great lengths to indicate you can opt out of that peer to peer mode…

No need for the question mark. Definitely in a bad way.

Also, if you opt out of the VPN, then it’s a $200 firewall. Which isn’t going to perform better or be more secure than Linux or one of the BSDs on a $25 embedded board. (And it’s likely to be worse, since all the code is closed and brand new.)

I guess they didn’t call it the Gbps, they just have Gbps all over that marketing image. While showing none of the ports run at even 1Gbps.