New open source VPN from Google’s Alphabet parent company
Tried it out since I have a digitalocean account.
Jigsaw · GitHub is the actual code, crazy how journalists fail to cite the source material.
The system is comprised of three things:
- The server
- The manager
- The client
You run the manager which opens up an electron app and you are shown a DigitalOcean login screen…not a fan but I continue. It goes through 2FA, and then asks my permission to give Outline Server Manager permissions to read/write on my account, all reasonable things.
Note that it expects you to spin up a new server via the DigitalOcean process.
In my security history I see:
- SSH key added,
- Droplet Created
The manager then provides an access key which I can use to register my “primary device” from there I can use the manager to generate new access keys.
The linux image used by Outline is:
512 MB Memory / 20 GB Disk / SFO1 - Ubuntu Docker 17.03.0-ce on 14.04
It has three tags, the apiURL, the server cert fingerprint, and “shadowbox”. According to the manager I supposedly only have 500gb of transfer, seems low, with this provisioning process you are definitely getting less than you pay for, lucky Outline provides the alternative which is to roll your own:
In the manager when saying you want to use your own server you are presented with a link to the setup script: (*docker required)
https://raw.githubusercontent.com/Jigsaw-Code/outline-server/master/src/server_manager/install_scripts/install_server.sh
The script gives you an apiURL and sha cert fingerprint so you can continue with the install process. If you read the script it installs runs a shadowbox server, sets it listen on the public IP, generates and installs a cert, then makes sure the container is always running.
The manager simply uses the shadowbox API to manage access keys and I suppose you could probably manage the server purely through API calls rather than use the electron app. I didn’t see an access token used anywhere so I’m assuming anyone with the ability to see your droplet tags can add/remove keys…nice.
Lastly the client is only supported on windows and android but you’re free to build your own or simply download the client from the releases repo. When I start up the client I’m prompted for an access key, I provide it, hit connect, and should now be able to watch Jimmy Falon on youtube from any country on earth, thanks google, err I mean Alphabet, I can’t wait to check out the apple version.
Hmm… and how’s this more trustworthy than the Facebook VPN?
I understand its open-source, but I am sure the Android version will come as an app that most people will download from the Google play store… at that point you really can’t be sure what code you are running… :-/
It is another version of shadowsocks, So… why not just use shadowsocks directly?
Is April fool’s coming early this year? This can’t be real. Is the FBI’s free VPN next?
openVPN already exists
Shadowsocks is a SOCKS5 proxy protocol, not a VPN. Why does everyone keep calling this a VPN? Does Google not know the difference between a proxy and VPN?
Outline, which will run on Windows and Android to start and Apple operating systems in the coming weeks, instead lets anyone set up their own VPN server on a virtual server either hosted on a cloud platform like Rackspace, Google Cloud Engine, or Amazon EC2, or on a physical server under their control.
uhh…
Yeah so now they want to harvest and store and analyze and monetize every goddamn Bit of data you transmit, not only what goes through Chrome and their site.
Nailed it.
Bad journalism // good PR for Google.
Old news.
Because this is not like the Facebook VPN at all. This is meant to deployed on your own server or on cloud servers you use. This is not really even meant for the average consumer in the first place.
Looks like the Github page has building instructions for the mobile apps, so even if you they put this on Play there’s an alternative way.
Easier setup and easier to manage, what it sounds like. Sure, maybe not the most difficult thing in the world for you and me to do ourselves, but we’re also not their target users.
“Journalists need safe access to information to research issues, communicate with sources, and report the news. Outline lets news organizations easily provide their network safer access to the open internet.”
I did not read or understand the link.
The Linux kernel is open source. That doesn’t mean it can’t be used to fuck you over.
Yes yes I understand this is a client / server solution you host yourself. The point is ‘being Open Source’ doesn’t automatically mean something is safe or impervious to abuse.
You gonna comb through the code yourself? Are you a crypto expert? Maybe you expect others to verify the code for you? Just because it’s “open source” doesn’t mean it respects your privacy or does what you assume it does.
Google proves time and again that they don’t give two shits about your privacy and for them to put out a free vpn is a joke to anyone who is paying attention.
How is this any different from OpenVPN or any of the existing VPN protocols/programs? Is it supposed to look prettier and be easier to use? Cuz OpenVPN is dead simple already.
I did. They say it themselves, it’s not an anonymity tool. If you run it on your own server then websites will know your IP address anyway, idk how that will make anyone anonymous.
The only reason I would use this would be to connect to my families network so I can access the full u-verse service and get all the channels instead of only a handful I get now by using their login in my apartment.
Just saying.
Fair enough, you win.
But that’s not what OP said.
so you can see for yourself