pull down to refresh

Obscura VPN is liveobscura.net/
1775 sats \ 10 comments \ @k00b 11 Feb privacy
write
preview
related posts
1000 sats \ 0 replies \ @shafemtol 12 Feb
Obscura seems like a great concept, and I like the use of QUIC and the client being implemented in a memory-safe language.
I have two concerns, both regarding identity correlation:
  1. What is the lifetime of a client's Wireguard public key?
    The only way to make this system completely anonymous is if a separate Wireguard pubkey is used for each internet endpoint. E.g. if I visit stacker.news and dunlaoghairechessclub.ie and alcoholicsanonymous.ie at the same time, they should each go through separate Wireguard connections with separate, short-lived Wireguard pubkeys (see Tor's stream isolation concept). Otherwise the exit node can build a profile of the user from the set of visited sites and track them even across Wireguard pubkey changes. Most people have a quite distinct set of sites that they tend to visit.
  2. The Wireguard protocol has a nanosecond-precision timestamp field which the exit node can use to perform identity correlation of clients based on their clock offset, drift and wander. Is anything done to address this?
    The Wireguard implementation, at least on Linux, has a very weak mitigation against this issue in which the precision is reduced to 16.777216 ms, but a mere precision reduction is not enough to fully address this issue. As noted in the Wireguard paper, it must only be a per-peer monotonically increasing number. Ideally the field should be used as a counter starting at zero whenever a new Wireguard pubkey is used. Alternatively, assuming short-lived Wireguard pubkeys, one could use timestamps with per-pubkey random offsets.
reply
40 sats \ 2 replies \ @Jon_Hodl 12 Feb
I just downloaded it and am running it but does this mean that I don't need Mullvad anymore?
I just pay $6-8 per month to Obscura and they pay a percentage of that to MullVad on the back end to access the exit server?
I can't seem to run both at the same time.
reply
21 sats \ 1 reply \ @k00b OP 12 Feb
I haven't used it yet, but I would assume you don't need Mullvad anymore.
reply
77 sats \ 0 replies \ @Jon_Hodl 12 Feb
Yeah, it seems like MullVad is somewhat deprecated on desktop but still very valuable on mobile.
Obscura is cool so far but it needs features like MullVad's "Kill Switch" and "Lockdown Mode" so I can't mess things up and accidentally leak my IP.
reply
69 sats \ 0 replies \ @ek 12 Feb
And they accept Bitcoin over Lightning!
edit: wow, even nostr support in the "Request your platform" form. Are they bitcoiners??
edit 2: Oh yes, Carl Dong at least is
reply
25 sats \ 0 replies \ @Wumbo 11 Feb
Also TFTC has a podcast episode up to with Obscura #883172
reply
16 sats \ 0 replies \ @kepford 11 Feb
Obscura only sees your IP address and never your browsing history
More tools, more options, more better. Love it.
reply
24 sats \ 1 reply \ @Wumbo 11 Feb
Looks like it is only for Mac OS at the moment.
reply
50 sats \ 0 replies \ @alt 12 Feb
A shame, but I suppose they had to start somewhere. So long as the Linux support ends up being good, I'll be happy.
reply
0 sats \ 0 replies \ @nitter 11 Feb bot
https://xcancel.com/carl_dong/status/1889381916081791265
reply