Worried About Digital Privacy? VPNs and Tor Aren’t Enough Anymore

For years, VPNs have been a one-stop online privacy solution. But security consultant and former intelligence analyst Chelsea Manning says they’re no longer enough to stop censorship-minded nation-states or prying authorities and encourages people to consider mixnets instead.

Data suggests that 77% of people use VPNs for personal use, primarily as a security precaution. But it’s getting easier for authorities and government to block VPNs and monitor Tor web traffic. Russia and China have blocked VPN use in their countries, either by demanding that app store providers like Apple remove them or by contacting the VPN firms directly.

But while VPNs have gotten significantly faster and better over the years, Manning says VPN traffic data collection has also spiked.

“One of the issues has been the geopolitics of the world have become increasingly unstable,” Manning tells PCMag in an exclusive interview. “The internet is rapidly becoming a sort of splinternet, which has led to more demand for censorship resistance.”

VPN providers are now “capitulating” to nation-states in some cases, she says. “It’s been trending towards more established VPN providers cooperating with everything from state actors to even DMCA strikes.”

Chelsea Manning at Web Summit 2023 in Portugal. (Photo By Lukas Schulze/Sportsfile for Web Summit via Getty Images)

Nation-states and internet service providers can see when you’re connected to a VPN node and pick up on the metadata of the communications, but can’t read the contents. This escalating threat of VPN censorship and less-than-ideal privacy is why Manning joined Nym Technologies as a consultant in 2021.

Nym is developing a “mixnet” solution for digital privacy that breaks down all communications into packets, and sends them in short bursts (versus continuous connections) from a user’s gateway across the internet, making usage difficult to disrupt.

Mixnets have been around for a while, but haven’t yet been offered as a public solution for everyday internet users at scale. Nym offers a free public beta that gives users the choice of a “five-hop novel Nym mixnet,” which is slower but more secure and censorship-resistant, or the faster but simpler two-hop decentralized VPN.

Manning says Nym is more sustainable, secure, and scalable than the decentralized browser Tor in part because Nym rewards its node operations with a crypto token, while Tor runs on a network of volunteers. While Nym’s blockchain is separate from its mixnet operations, it’s there to incentivize “mixnode” setups. The more mixnodes there are globally, the more decentralized and censorship-resistant the mixnet could ultimately become.

(Credit: Nym Technologies)

“I was a bit skeptical” at first, Manning said of Nym’s blockchain aspect. “But you’re doing something that is tangibly useful instead of just mining zeros and ones.”

Manning used Tor in the 2010s—when the former Army private was sentenced to 35 years in prison for stealing classified Defense Department documents and turning them over to WikiLeaks. She served almost seven years before President Obama commuted her sentence in 2017. These days, Manning says “Tor needs to be significantly upgraded in order to provide protection going into the 2020s.”

For now, mixnets could be a solution for those in countries where VPNs are being banned and removed from the web. But there’s always the possibility that state actors could figure out how to censor mixnets in the next 20 to 30 years, Manning suggests. Or, it’s possible the US could sanction such services for similar reasons that it sanctioned cryptocurrency mixing services like Tornado Cash, which offer blockchain users more transaction privacy but can also be used for laundering ill-gotten gains.

Manning says she’s thought about the possibility of a mixnet ban a lot. But because the service isn’t directly money-related, it’s not really used for money laundering, and there are plenty of other reasons to want to use a mixnet, like to browse the web without being tracked or see your data sold online.

“If that happens in the United States, then we just treat the United States as another censorship-resistance project,” Manning said.

What are Manning’s biggest privacy tips? Use encryption by default, set strong, unique passwords for every account with a password manager, use pen and paper instead of online storage when you can, and shut down your devices when you’re not using them.

“We want to have some privacy,” Manning says. “I think that technology has invaded that drastically.”

About Kate Irwin

Reporter

I’m a reporter for PCMag covering tech news early in the morning. Prior to joining PCMag, I was a producer and reporter at Decrypt and launched its gaming vertical, GG. I have previously written for Input, Game Rant, Dot Esports, and other places, covering a range of gaming, tech, crypto, and entertainment news.

Read Kate’s full bio

Read the latest from Kate Irwin