Hacker News new | comments | ask | show | jobs | submit login
Why hasn't any VPN StartUp used the PR Hype of Firesheep to promote itself?
8 points by andreasklinger on Oct 26, 2010 | hide | past | web | favorite | 12 comments
There should be several already existing VPN StartUps that enable me to tunnel to their gateways, when i am using public WiFi.

Shouldn't the Startpage of HN be filled with Promotion and Comparision Blogposts?

DIY: Do you know any you would recommend?

Because it moves the problem away from the local Wifi network to the VPN's exit point.

If you use a VPN service, don't be surprised if the local equivalent of the NSA has a sniffer on the termination point. Lots of them do this with Tor, because lots of them use Tor.

Your best hope as far as VPNs are concerned is to run your own, or an SSH-based SOCKS proxy. The best thing to do is for sites to use SSL for anything sensitive.

Security until an exitpoint provided by an security company is still better than Public Wifi.

And (imho) if this is your corebusiness you should be better good in making sure there are no sniffers at your exit points.

Regarding "own server" - to me this is similar to "own email server". The amount of people who don't have servers that are more secure than professionally hosted ones is big enough as a market.

Thanks for your comment. I understand where you're coming from, but that's an assumption. There's no actual assurance that someone's core business means that they may be more secure. As for the issue regarding sniffers, in the UK if the VPN termination is in the UK and they're providing a service, then under the Regulation of Investigatory Powers bill they may be considered an ISP, and would therefore be required to keep traffic logs. In other countries YMMV.

Likewise, if the endpoint is being used for malicious activity targeted against the critical national infrastructure of country foo, the provider is not necessarily going to have the option to become aware of the interception of their exit traffic.

With your own server it may or may not be more secure, and may or may not be intercepted at the endpoint, but providing you can reasonably configure it the only person that would attract state-level interception (over and above other local connections) would be you.

Understand your point of view. Still. We trust companies doing Email, Storage, etc etc

I am not "scared" of people who are able to do "state-level interception".

People on the Airport or in Coffee Places with Firesheep annoy me.

I've considered doing a VPN startup before; however, it seems that the market is pretty small and margins are low. Your customer base is basically: number of people who are concerned about privacy AND frequently use insecure WiFi AND don't already have an existing VPN to use.

from what I have seen (I provide VPS, not VPN, but some of my customers buy the VPS just so they can set up a VPN) what you are really providing is US internet.

Bandwidth, cpu, etc... is all but free. your big costs would be handling the abuse desk.

Now, depending on how efficiently you handle the abuse desk, your margins could be pretty good.

On the other hand, your fee per user would have to be pretty low. The people who live in countries with restrictive firewalls tend to be /really/ cheap. but, if you can keep your abuse costs down, the cost of servicing a particular user is almost zero.

I would have actually paid a small fee for that sort of service from a non-US based provider recently, to avoid MLB blackout restrictions on their online playoff coverage. (Except a free proxy in China was easy enough to find.)

Because the problem is trivially solvable if the companies in question bump all traffic to SSL, which they hopefully will do en masse now.

Sorry to troll but to me this sounds like "If all companies who didn't care about security enough in first place start caring about security"

I would like to take control that's the reason i am so bullish on this.

because that doesn't solve the problem.

there are all sorts of choke points between your vpn provider's output and your destination server where unencrypted packets can be read, and many of them are not guarded well. BGP even is not particularly secure. You should treat an unencrypted packet as less secure than a post card.

Because it has only been 1 day?

But the problem exists since years doesnt it?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact