VPNs could do more to protect your online privacy

VPN
(Image credit: Shutterstock / Elaine333)

There are hundreds of different VPN services on the market that offer an added layer of online privacy, encrypting all data sent and received by users.

There are some, however, who believe traditional services could do more to preserve user privacy, by concealing browsing activity from the VPN provider itself, as well as the user's internet service provider (ISP).

To find out more, TechRadar Pro spoke to Dr. Steven Waterhouse, CEO at Orchid, a VPN company using blockchain technology to provide an additional measure of anonymity.

Why use blockchain for a VPN? Aren't VPNs secure enough, already?

Traditional VPNs still route data centrally through their servers, which means they themselves have visibility into their users’ online activity. If they get hacked or leak, then your traffic is at risk. Orchid’s blockchain-based solution lets people combine VPN providers and configure multiple “hops,” so no single provider can see the whole picture. In the event that a given VPN server was hacked, only a trace amount of data would be exposed. The blockchain component of Orchid is also used to incentivize VPN providers to ensure the network has ample bandwidth.

It’s not a traditional VPN and it’s not exactly Tor, so what is the Orchid protocol?

The Orchid software is designed to use a custom VPN protocol, similar in scope to OpenVPN or WireGuard. The Orchid protocol is designed for high-performance networking and runs on top of WebRTC, a common web standard, widely used to transmit video and audio from inside browsers. Our protocol allows users to request access to remote network resources and pay for these resources using OXT via the Orchid nano payments system.

What’s the probabilistic nano payments system? Doesn’t it add another layer of complexity in terms of the service’s usability?

Actually, nanopayments are designed to make the network operate more efficiently. Probabilistic nanopayments are a way of incentivizing the bandwidth suppliers.

When you access Orchid’s network, your OXT wallet is charged based on the number of packets you consume. That payment gets pooled with many other payments and each bandwidth provider is issued what is essentially a lottery ticket to win that pot of OXT.

This reduces the congestion on the blockchain since Orchid isn’t issuing millions of tiny payments and incurring many Ethereum transaction fees, but instead is issuing fewer, larger payments to the bandwidth providers. Over time, the compensation paid to the providers approximates what it would have been using the far more congested payments methodology.

As far as usability goes, from a user perspective the service operates just as any other pay-as-you-go VPN -- you can sign up and start using Orchid with nothing more than an ordinary credit card. 

You say Orchid can work in countries where traditional VPNs can’t. How’s that?

Many countries have banned VPNs and the IP addresses associated with them. Using Orchid allows people in those countries to access an increasingly large list of unbanned IP addresses by ‘hopping’ between bandwidth providers. If they come across a banned IP, they can just ‘hop’ to the next one until they find one that works. 

What are the kinds of overheads that come with using Orchid?

To use Orchid all you have to do is download the app and purchase credits with an ordinary credit card to access the network. You can also link an existing crypto wallet and buy the OXT needed to access Orchid from any major crypto exchange. You don’t need to provide an email address, create a login or surrender any personal information whatsoever. So there’s little to no overhead required. All you need is the ability to download the app and either process a payment through apple or link an existing crypto wallet. 

Is Orchid just meant for individuals or can it be used by entire companies as well?

Anyone can use Orchid! The service is meant to be used by everyone from individuals to larger corporate organizations.

The use of whitelists and blacklists on the proxy routers sounds a lot like censorship?

The Orchid client calls an on-chain ‘curated list’ function which filters the viable nodes on Orchid (that is, nodes that have properly staked) into a custom subset. Initial releases of the official Orchid client will use this feature to prevent certain kinds of attacks from malicious exit nodes (e.g. SSL downgrade attacks) by using a default list consisting of trusted VPN partners.

Overall, the curated lists are a federated reputation solution for determining what VPN providers on Orchid you can trust. The system is fully programmable, exists on-chain and is Turing complete. The list function can take information as an argument, and then use that information to determine, for any given Orchid node, whether you want to connect to that node or not.

Customized Orchid clients can use their own lists, the official Orchid client can select from different lists and eventually we expect well known third parties to emerge as curators. Given that this system is on-chain, an entity such as a DAO could manage a list too. The curated list mechanism is a means for the importation of external reputational trust to supplement the economic incentive based trust provided by node staking.

  • Here's our list of the best proxy services services
Desire Athow
Managing Editor, TechRadar Pro

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website builders and web hosting when DHTML and frames were in vogue and started narrating about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium.