Stories
Slash Boxes
Comments

SoylentNews is people

posted by chromas on Tuesday April 02 2019, @10:24AM   Printer-friendly
from the [...]I[...]didn't-get[...]paid-for[...]posting[...]this-sub dept.

Submitted via IRC for Bytram

Cloudflare Announces Free VPN Service for Faster, More Private Internet

On the footsteps of the company's launch of the private DNS service with the 1.1.1.1 IP address, Cloudflare today announced the launch of the free Warp VPN service that it claimed will not only keep your data private, but also make your internet connections faster.

Warp is Cloudflare's first attempt at building a VPN service that anyone, even non-technical people, can use through the company's 1.1.1.1 mobile application, launched in November, last year.

Warp promises not just an easy-to-use interface free of the clunkiness of most other VPN clients, but also a level of performance and security that the vast majority of VPN services don't have.

For starters, Warp uses the much more modern Wireguard protocol, not OpenVPN. [...] Cloudflare [...] is in a good spot to offer fast connectivity to many websites whose content Cloudflare may already be caching near you.

[...] Cloudflare [...] aims to pay for the free service via its premium "Warp+" subscription plan that users can buy to gain access to an even faster private Cloudflare infrastructure, plus other features.

[...] The Warp VPN service is not yet available for use but should be soon, Cloudflare said.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Interesting) by Hyperturtle on Tuesday April 02 2019, @01:14PM (1 child)

    by Hyperturtle (2824) on Tuesday April 02 2019, @01:14PM (#823588)

    I have the same concerns, and also encountered the same CAPTCHAs.

    Or, at least, I did after I allowed noscript to have the CAPTCHA time out, since I was blocking all the Google domains they rely on to make the CAPTCHAs work. CAPTCHAs rarely ever seem to have a fallback. You simply are denied if the CAPTCHAs can't load.

    My issues are shared with lots of people that don't want to deal with that. I'd rather not help train google's AI for free. Second, I don't want my privacy and freedom to move around without getting marketed to getting somehow being tied up with Google's profits so they can better track objects in the real world to profit from it. Third, by the time I figure out why the page isn't displaying, I usually just click the back button and move onto something else. Waste my time and I'll stop wasting theirs if I can help it, and go somewhere else. Maybe I do not cause a lot of ad revenue, but I still manage to spend money.

    Ultimately, it boils down to how I am being treated; if I am considered to be a criminal because I am not running their scripts, then I'll make a concious effort to randomly surf somewhere else that doesn't view privacy precautions as suspicous.

    Considering they want to sell a premium service for extra privacy, which would seem to be a contradiction (it's OK to be private if you pay us in a trackable fashion...) I am wondering what their consent/EULA agreement contains in regards to how the user/customer data is treated.

    There are root internet domain name servers that are also free to connect to and do lookups against; they are also neutral, and often slower... but act as a great centralized hub for your own roll-your-own DNS. You don't need a whole lot of horsepower to filter your home this way.

    Their neutrality subsequently means that they also send you to ad domains and anywhere else that gets added to the root domain servers if you've been directed to those domains via various internet activities. People would be best served to get their water from that well of unbiased domain lookups, and then filter out what they don't want. If you have a local DNS server that resolves various ad/malware/whateveryoudontwant domains to 127.0.0.1 or ::1 or something that doesn't leave your machine, then ad blockers don't even have to tie up CPU time to block, or download and then hide, ads and tracking beacons. Your connection simply won't visit those places.

    I won't get into DNSSEC, but my understanding is that plaintext DNS lookups across ISPs that are not to their own servers are not frequently mined--it's too much effort. They use their own DNS servers for that purpose, especially because they can mine those logs easily.

    That said... privacy through DNS is rewarding and initially time consuming to set up manually. There are tutorials/images/raspberry pi tutorials to get started (an old windows server or linux server with bind could work, of course...) But the easiest is a paid service that can handle all of the irritating upkeep, but... there are lots of free lists that are good enough. Hosts files are still a thing, and if you do it at the network edge with a firewall, router, or dedicated device of some kind, you can even block domains that Microsoft explicitly ignores host settings about (like their telemetry domains).

    Once you start blocking domains like that, their "faster connection" through a paid VPN won't be necessary or as beneficial--you too can go faster by blocking at your own network edge. You don't need to adblock what you aren't even downloading due to the DNS server not even letting you connect to the ad server to pull content that just slows you down.

    Note that I am not going to say that using a public IP associated with yourself (via not using a VPN) is somehow going keep your identity private--but really if you are using a phone or computer with hardware addresses you won't or can't manipulate, the IP address is only a small aspect to worry about for privacy purposes (security is a larger concern if you're doing something untorward, but that's a seperate issue entirely). Amazon doesn't usually show you the ads other family members see, just because you all exit the house on the same IP--no, they are way more granular than that.

    Companies have gotten really good at figuring out who you are on a cell phone or modern OS/browser without even taking the IP address into account. A VPN's transit out of a different IP address is not as great as it used to be as a privacy mechanism, especially for modern mobile connectivity, but there are many workarounds. A VPN into a VPN into a VPN, though...

    (or if you're truly elite, you gotta be behind seven proxies...over a few VPNs. and uh I write too much.)

    Starting Score:    1  point
    Moderation   +3  
       Interesting=3, Total=3
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 0) by Anonymous Coward on Wednesday April 03 2019, @12:59AM

    by Anonymous Coward on Wednesday April 03 2019, @12:59AM (#823880)