With the continuous advancement in global surveillance technology, do you think your VPN is still safe?
In 2013 the Snowden revelations gave us a glimpse into the rapidly-expanding power of global surveillance. Now, more than four years later, we can safely assume these powers and capabilities have grown considerably. Governments throughout the world continue devoting tremendous resources to surveillance technology, internet censorship, and large-scale data retention.
Some VPNs have responded to these threats with stronger encryption, better applications, and advanced features, such as multi-hop VPN configurations. Similar to the Tor network, a multi-hop VPN chain (cascade) will encrypt your traffic across multiple VPN servers (hops) before exiting onto the regular internet.
One fundamental vulnerability with a basic VPN setup is that the server can be externally monitored – either locally or from afar.
An adversary could target a specific server and match up incoming and outgoing IP addresses. Additionally, authorities have been known to seize servers (see here and here). One VPN service even admitted to sniffing traffic on a US server with WireShark to catch hackers (Proxy.sh).
This is the drawback to using only one static server between you and the regular (unencrypted) internet.
However, a multi-hop VPN cascade is a powerful tool for this situation because it conceals incoming and/or outgoing traffic with each consecutive hop. This is even more useful when the multi-hop cascade is self-configurable, allowing you to modify the network path of your traffic (both Perfect Privacy and ZorroVPN offers this).
We have discussed the importance of using a multi-hop VPN before, but recently there has been a major breakthrough with this concept.
In October 2017, after months of development and testing, Perfect Privacy announced the release of their NeuroRouting feature.
While it is a bit complex to conceptualize, NeuroRouting is basically a dynamic, simultaneous, server-side, multi-hop VPN setup. This feature enables you to utilize the entire VPN server network to route all traffic dynamically. This may sound a bit convoluted, so we’ll break it down a bit more:
- Dynamic – Your internet traffic is dynamically routed across multiple hops in the VPN server network to take the most secure route. The routing path is based on TensorFlow, an open source software for machine learning, and data remains in the network as long as possible. Being based on TensorFlow, the network continually learns the best and most secure route for a given website/server.
- Simultaneous – Each website/server you access will take a unique path. Accessing multiple different websites will give you numerous, unique multi-hop configurations and IP addresses at the same time, corresponding to each website.
- Server-side – This feature is activated server-side, meaning every time you access the VPN network, NeuroRouting will be active (unless you disable it from the member dashboard). This also means it will work on any device – from routers to Mac OS and Android. Finally, NeuroRouting works with OpenVPN (any configuration) as well as IPSec/IKEv2 (the built-in configuration for Mac OS and iOS).
In the image below, the user is connected to the Reykjavik, Iceland VPN server with NeuroRouting enabled.
The VPN user is accessing four different websites that are hosted in the United States, Panama, Bulgaria, and China. Each website takes a different, encrypted, multi-hop route through the network. The user will broadcast a different IP address for each website at the same time, corresponding to the last server in the chain.
Activating the NeuroRouting feature is very simple.
You simply enable it from the Perfect Privacy members area >>
After enabling the feature, it will activate in about three minutes throughout the network.
From that point forward, whenever you connect to a Perfect Privacy VPN server, NeuroRouting will be active. This works on all available protocols (OpenVPN and IPSec) and all supported devices.
NeuroRouting may not be ideal for the following situations:
- When you want to be using an IP address in a specific location.
- When you want to maximize speed with a specific server (for example when torrenting).
I have created a NeuroRouting test page here.
This test page displays embedded IP address testing websites from around the world. With NeuroRouting enabled, you will be broadcasting a different IP address for every different site.
One of the biggest advantages with this feature is that it now gives all users a simple and powerful multi-hop configuration.
Before this feature was released, multi-hop VPN chains were only available through the VPN Manager App on Windows and Linux. But now this gives Mac OS, iOS, and Android users a simple, highly secure, dynamic multi-hop VPN.
As a quick recap, here are the NeuroRouting benefits described on the Perfect Privacy website:
- Chooses the VPN server closest to the destination
- Traffic stays in the encrypted VPN network as long as possible
- External VPN IP changes depending on the destination
- In the best case the traffic is not exposed to the Internet at all
- The number of attack points is greatly reduced
- Tracking users is more difficult
- Dynamic: The algorithm learns and reacts if routing changes