Warrant Canaries, Audits, and Linux-based Protocols Shake Up VPNs

Over the past few years, VPNs have become a vital cog in the world of online privacy. Whether you’re looking to safeguard your data, browse anonymously, or simply bypass internet restrictions, there is so much more that VPNs can offer.

Being well into the year, it’s now easier to correctly point out the major trends that are promising to dominate the VPN industry in 2020.

Transparency has dogged VPN providers for many years.

According to the Federal Trade Commission, there were over 3 million reports of identity theft in 2018 alone. And a good number of these come from VPNs.

While almost all VPNs will claim to have a no-logs service, studies have shown that only a few providers live up to those claims.

The truth is, there are a lot of sketchy VPN providers in the market.

Some will share your data with their affiliates, and others will outright sell it to the highest bidder.

All this is enough to spook any VPN user. And it doesn’t help that even after GDPR kicked in 2018, most of the VPNs based out of the EU partially updated their privacy policies to cover European users only.

But things are changing. In addition to being GDPR compliant, many VPNs are now conducting independent audits to win the trust of their users.

In doing so, providers can easily backup their no-logs claims with tangible evidence and dispel any fears of false advertising.

Security audits vary in scale and scope. While some look to verify a company’s logging practices, others are more comprehensive.

Following a 2018 data breach, NordVPN commissioned a full-fledged audit by PricewaterhouseCoopers, which covered the entirety of their operations, including their server network, code, and employees.

But NordVPN isn’t the only VPN to be fully audited.

Many providers, including ExpressVPN, Mullvad, and Surfshark, have since followed suit.

While any security audit is a step in the right direction, you should pay close attention to the reputation of companies conducting these audits.

Warrant canaries have been around for quite some time.

However, they have yet to be fully adopted in the VPN industry.

Last year, only a few providers had warranty canaries, but as we move into mid-2020, more and more VPNs are starting to provide this important legal declaration.

Before carbon monoxide detectors were a thing, coal miners used canaries to protect themselves from poisoning.

If the bird stopped moving, everybody knew it was time to pack and leave. 

A warrant canary works similarly. It is a simple statement that declares the company has not received any secret data request from the authorities.

Its availability on the website indicates the “all clear.”

A typical warrant canary can read as follows:

If your VPN provider receives a National Security Letter (NSL) or gag orders, they can simply remove the warrant canary to alert you without violating any laws.

VPN technology is always evolving, with innovations popping up every now and then. While many eventually fall by the wayside, some have the potential to transform the industry.

Among the new VPN technologies, WireGuard has been getting the most attention. The protocol is incredibly fast and enables you to keep your VPN’s impact on the speed at minimum.

WireGuard is an open-source VPN protocol that is meant to deliver significantly better speeds than existing options.

Besides being fast, WireGuard is also well encrypted and utilizes state-of-the-art cryptography to keep your data safe.

Despite WireGuard’s rapidly increasing popularity, only a few VPN services support the protocol. The key reason here is because the protocol is still under development and as such, can be a liability where privacy is of high importance.

You should, however, expect to see more providers join in as the WireGuard moves towards a stable release.

Already, VPNs like NordVPN and Mullvad offer the technology or a form of it.

Some of the key features of the WireGuard protocol include the following:

While speed can be limiting to VPNs, it’s the one area where WireGuard shines. The protocol uses high-speed cryptographic primitives and system-level integration with the Linux kernel, which yield low packet overhead.

Jason Donenfeld, the developer behind WireGuard, stated that the idea was born out of frustrations to bypass internet restrictions. Back then, he was living overseas and looking for a VPN that can access Netflix.

As you probably know, Netflix employs powerful geo-restriction measures, which aren’t exactly easy to bypass. WireGuard works well against censorship and other internet blocks and is capable of not only bypassing Netflix but also the Great Firewall of China.

WireGuard uses an entirely different set of encryption compared to OpenVPN, IKEv2, L2TP/IPsec, SSTP, and other current protocols. The technology relies on cryptographic primitives like ChaCha20, Curve25519, BLAKE2s, and SiphHash24.

WireGuard ciphers are modern, and in the world of cryptography, that holds some sway. Also, the protocol has less than 4000 lines of code, which gives it a minimal attack surface and makes it much easier to audit for security vulnerabilities.

While WireGuard is highly promising, it does have its downsides. In its current state, WireGuard lacks dynamic address management and, instead, relies on static IPs. This is a big problem where anonymity is concerned.

With proprietary innovations like NordVPN’s NordLynx and Mullvad’s Anonymous Account, the providers have found a way to leverage WireGuard’s incredible speed while eliminating the privacy concerns associated with the beta version.

2020 is shaping up to be a great year for the VPN industry.

New exciting technologies are quickly being implemented, and providers are finally focusing more attention on performance.

With the adoption of WireGuard, you can now reduce your VPN’s impact on speed and enjoy fast connections.

Again, transparency is improving, and with VPNs now moving mainstream, this can only hasten the process.