Meet Algo, the VPN that works

I think you’ll agree when I say: there’s no VPN option on the market designed with equal emphasis on security and ease of use.

That changes now.

Today we’re introducing Algo, a self-hosted personal VPN server designed for ease of deployment and security. Algo automatically deploys an on-demand VPN service in the cloud that is not shared with other users, relies on only modern protocols and ciphers, and includes only the minimal software you need.

And it’s free.

For anyone who is privacy conscious, travels for work frequently, or can’t afford a dedicated IT department, this one’s for you.

Don’t bother with commercial VPNs

They’re crap.

Really, the paid-for services are just commercial honeypots. If an attacker can compromise a VPN provider, they can monitor a whole lot of sensitive data.

Paid-for VPNs tend to be insecure: they share keys, their weak cryptography gives a false sense of security, and they require you to trust their operators.

Even if you’re not doing anything wrong, you could be sharing the same endpoint with someone who is. In that case, your network traffic will be analyzed when law enforcement makes that seizure.

Streisand is no better

Good concept. Poor implementation.

It installs ~40 services, including numerous remote access services, a Tor relay node, and out-of-date software. It leaves you with dozens of keys to manage and it allows weak crypto.

That’s a hefty footprint and it’s too complicated for any reasonable person to secure. If you set up an individual server just for yourself, you’d never know if or when an attacker compromised it.

OpenVPN: Requires client software

OpenVPN’s lack of out-of-the-box client support on any major desktop or mobile operating system introduces unnecessary complexity. The user experience suffers.

Speaking of users, they’re required to update and maintain this software too. That is a recipe for disaster.

Worst of all, OpenVPN depends on the security of TLS, both the protocol and its implementations. Between that, and past security incidents, we simply trust it less.

Other VPNs’ S/WAN song

The original attempt at free VPN software -FreeS/WAN- died in the early 2000’s when its dev team fractured. Three people forked it into LibreSwan, strongSwan and Openswan.

To use any of them today, you need something approaching tribal knowledge. The available documentation stymied and appalled us:

  • Little differentiation – If you search for information about strongSwan’s configuration, you could easily end up at a LibreSwan page. The terms will look familiar, but the instructions will be wrong.
  • Impenetrable language – Instead of using standard terms like ‘client, server, remote and local,’ they use ‘sun, moon, bob, carol,’ and a bunch of other arbitrary words.
  • Brittle methodology – The vast majority of documentation and guides insist on using ‘tried and true’ methods such as L2TP and IKEv1, even though IKEv2 is simpler and stronger. Since Apple added IKEv2 to iOS 8, there’s no reason not to use it.

Only the strongest S/WAN survived

After wading through the convoluted quagmire that is the S/WAN triplets, we settled on strongSwan.

Its documentation -such as it is- is the best of the bunch. It was rewritten recently from scratch to support IKEv2 (a positive step when supporting a major new protocol version). It’s the only IPSEC software that even offers the option for a trusted key store.

And the community is helpful. Special thanks to Thermi.

But it’s still super-complicated. Too many contributors made it very arcane. Again, you need that tribal knowledge to make IPSEC do what you want.

These are examples of why cryptography software has a well-earned reputation for poor usability. A tightly knit development community only communicating with itself tends to lead to a profusion of options that should be deprecated. There’s no sign that the user interface or experience has been reviewed on behalf of less-experienced users. For anyone bold enough to consider these points, here lies the path to widespread adoption.

So, we built Algo

Algo is a set of Ansible scripts that simplifies the setup of a personal IPSEC VPN. It contains the most secure defaults available, works with common cloud providers, and does not require client software on most devices.

The ‘VP of all Networks’ is strong, secure and tidy. It uses the least amount of software necessary to get the job done.

We made Algo with corporate travelers in mind. To save bandwidth and increase security, it blocks ads and compresses what’s left.

We shared an early version of Algo at Black Hat this year and people loved it.

Algo’s Features Anti-features
  • Supports only IKEv2
  • Supports only a single cipher suite w/ AES-GCM, SHA2 HMAC, and P-256 DH
  • Generates mobileconfig profiles to auto-configure Apple devices
  • Provides helper scripts to add and remove users
  • Blocks ads with a local DNS resolver and HTTP proxy
  • Based on current versions of Ubuntu and strongSwan
  • Installs to DigitalOcean, Amazon, Google, Azure or your own server
  • Does not support legacy cipher suites nor protocols like L2TP, IKEv1, or RSA
  • Does not install Tor, OpenVPN, or other risky servers
  • Does not depend on the security of TLS
  • Does not require client software on most platforms
  • Does not claim to provide anonymity or censorship avoidance
  • Does not claim to protect you from the FSB, MSS, DGSE, or FSM

Designed to be disposable

We wanted Algo to be easy to set up. That way, you start it when you need it, and tear it down before anyone can figure out the service you’re routing your traffic through.

Setup is automated. Just answer a few questions, and Algo will build your VPN for you.

We’ve automated the setup process for Apple devices, too. Algo just gives you a file that you AirDrop to your device. You press ‘install’ and you’ve got your VPN. Or ‘VPNs.’

You don’t have to choose just one VPN gateway. You could make yourself 20 on different services; Digital Ocean in Bangalore, EC2 in Virginia or any other combination. You have your choice.

One last reason that Algo is such a good solution: it’s been abstracted as a set of Ansible roles that we released to the community. Ansible provides clearer documentation, ensures that we can repeat what it is that we’re doing, and allows us to monitor configuration drift.

Thanks to the roles we created in Ansible, it’s very easy for us to add and refine different features independently. Members of our team will keep up on feature requests.

We’ll make sure it’s right. You can just use it.

Try Algo today.

Want help installing Algo?

We’re planning a virtual crypto party for Friday, December 16th at 3pm EST where we’ll walk you through installing Algo on their own. Register to join us.

Source: https://blog.trailofbits.com

Leave a Reply