Bitmask

User-friendly and secure VPN configuration

• The project's own website: https://bitmask.net

Why does this actually matter to end users?

The internet is unfortunately not only populated just by kind and careful people. And it wasn't designed to be secure either. This is a dangerous and rather unfortunate combination of circumstances, and one you should take into account when you use the internet. When you go online outside of your house or office, chances are you use whatever wireless network you can find to get online. Mobile internet subscriptions are still expensive, so it is logical people seize every opportunity to connect for free. While this is a daily habit for many millions of people, and often nothing bad happens, it does expose you to serious risks.

This is because your computer doesn't really know a lot about the world. It depend on information it gets from the networks it connects to. If the network happens to cheat, the computer often has very little defenses. If you use an untrustworthy network to connect you to the internet, you move yourself into the middle of enemy territory. While you happily enjoy your free bits it provides as a way to buy money, it has ample opportunity to exploit all kinds of security weaknesses against you. Essentially, if you got away scot free with connecting to an unsafe network, it probably wasn't your security that held anyone back. You were just lucky that no-one serious tried to do anything - this time. So it is recommended to not connect over wifi networks you don't know.

Unless of course you've arranged for a secure tunnel that allows you to teleport your internet traffic across the unsafe local network to the real internet unscathed. The concept is surprisingly simple: individual messages sent through the Internet, called packets, are encrypted using some mechanism, and this encrypted message then substitutes the original one, making all communications sent through the tunnel unreadable to eavesdroppers and unalterable to attackers. Proven cryptography protects the integrity of the traffic flowing through the tunnel. And once the packets reach the other end of the tunnel, they can be unpacked. From that point onwards they may continue their life as normal internet traffic. Travelling the path in reverse path is of course also possible: packets sent from the internet to your computer are protected in exactly the same way.

In anticipation of better technologies that should arrive with the next generation internet, such tunnels (which can be created with a virtual private network or VPN) are a key technology to guarantee consumer safety. They play a major role in protecting users both from snooping and malicious traffic injection. Sadly, the tools to create these secure tunnels is rather cumbersome (if not plain hard) to work with. This has prevented mass adoption.

Bitmask wants to make encrypted communication accessible and easy for users to use. The open source application offers email encryption which handles all the complicated cryptography on its own and a virtual private network that takes extra security measures to make sure no personal information is leaked. This project aims to make these privacy and trust enhancing technologies more accessible and 'plug & play' by fitting BitmaskVPN into commonly available routers. Any VPN provider will be able to offer their clients a router with VPN built in: all they have to do is install it in their home and flip the switch. This way privacy and trust enhancing technology can actually become a part of the everyday devices internet users are accustomed to, making their online experience more private and secure without any complex technological setup or hassle.

Run by LEAP Encryption Access Project