Mozilla about to launch VPN beta
Mozilla, maker of the Firefox web browser, will launch the first beta of its upcoming VPN service in the coming weeks.
The organization launched Firefox Private Network in September 2019 which added a browser proxy to the web browser. Available only for users from the United States at the time, it resembled the VPN feature of the Opera web browser and third-party VPN extensions the most.
Firefox Private Network protects user data by encrypting it and masking the IP address of the connection at the same time. Mozilla picked Cloudflare as its partner for the service; Firefox users get connected to the nearest Cloudflare data center when they activate Private Network in the web browser.
The initial solution lacked several important features: there was no option to select a different region/server to connect to, and no information about the connection among other things.
Mozilla revealed the next steps of the project in a new announcement on the official Firefox Private Network site.
A version of Private Network will still be free
As one of our beta testers, you’ll automatically be converted to a new version of Firefox Private Network. This offers all the same benefits as before, but for a limited amount of time each month.You’ll get 12 hours of Private Network in the form of four three-hour passes. Next time you’re on public Wi-Fi, turn on Private Network to claim one of your passes. Once you validate a pass, it runs without stopping for three hours. You’ll get four new passes at the beginning of every month.
For unlimited access, you have the opportunity to join our invite-only VPN beta
We’re nearly ready to invite our beta testers to try out Firefox Private Network full-device protection. You can join the waitlist right now — before we open it up to the public. This invite-only VPN beta will protect your entire device and offers the option to switch between servers in 39 countries.Thanks again for participating in the Firefox Private Network beta. You’re helping us build products that put people and their privacy first.
The organization plans to move to a new beta phase with two main changes:
- Private Network will remain free to use but it will be limited.
- Launch of the VPN service that runs on the device-level.
Firefox Private Network beta testers will automatically be migrated to the new version of the solution once it becomes available. The free version of the solution limits the amount of time that users of the network have each month.
Mozilla plans to provide users with four three-hour passes per month that they may use. The passes run non-stop for three hours without option to split the time between different periods.
The upcoming VPN service takes the service to the next level. It runs on the device just like any other VPN service, e.g. NordVPN or Private Internet Access. Mozilla revealed little about it in the announcement. In fact, the only information that the organization revealed is that it will feature servers in 39 countries. The invite-only beta will launch in the coming weeks and since everything is labeled beta, subject to change.
Closing Words
Private Network and the upcoming VPN service are beta products at this time and therefore subject to change. Information is scarce at this point; we don't know if Mozilla will operate the VPN on its own (unlikely) or have a partner (likely), how much it will cost when it comes out, and what features it will bring along with it.
It seems likely that Mozilla will maintain both products: Private Network as an in-browser solution with a free option and the VPN as a device-wide solution for users who want to protect all Internet traffic.
I'm not a fan of the three-hour long passes of Private Network as they are not very flexible. While these may work in some cases, they lack flexibility as you cannot really use them for quickly checking emails on the airport as you'd waste a full pass that way.
Now you: what would you like to see in regards to private network and the VPN?
I am using the “NordVPN†.
Recently, the NordVPN hoax has been spreading.
“Hackers steal secret crypto keys for NordVPN. â€
https://arstechnica.com/information-technology/2019/10/hackers-steal-secret-crypto-keys-for-nordvpn-heres-what-we-know-so-far/?utm_brand=ars
For that hoax, a verified article has been published.
NordVPN Hack – Everything You Need to Know (Updated Info) | restoreprivacy.com
https://restoreprivacy.com/nordvpn-hack/#comment-58236
October 23, 2019 By Sven Taylor
Summary of the article:
In March 2018, someone posted TLS certificates from NordVPN, TorGuard, and VikingVPN on 8chan. While the 2018 post seems to have fallen under the radar, the issue recently erupted on Twitter, which culminated in an article from TechCrunch alleging NordVPN had been “hackedâ€.
What could a hacker do with an expired TLS key?
This was an isolated case, and no other servers or datacenter providers we use have been affected.
Are NordVPN users compromised?
First, the hacker would not have any access to server logs because NordVPN is a no logs VPN provider that does not store anything on its servers. NordVPN passed a third-party audit by PricewaterhouseCoopers verifying its no-logs policy.
Second, NordVPN utilizes perfect forward secrecy, which generates a unique key for every session using ephemeral Diffie-Hellman keys. This means that even with a TLS key there’s little a hacker could even do, since the keys are used for server authentication and not traffic encryption.
The impact for NordVPN users is essentially null.
NordVPN is already one of the few VPN providers that have undergone a full third-party audit to verify their no-logs claims. This audit was completed in November 2018 and it appears a second audit is currently underway.
Additionally, NordVPN has told me they will reconfigure their server network to run in RAM-disk mode only. This indeed is a more secure setup over traditional hard drives as nothing can be stored on the server. Perfect Privacy runs their network this way and ExpressVPN has also transitioned to running all servers in RAM-disk, which they call the TrustedServer feature.
TechCrunch is a media outlet owned by Verizon, which also has a VPN service called “Safe Wi-Fiâ€. In this article you can see TechCrunch promoting Verizon’s VPN service, which is a direct competitor of NordVPN. This may explain why TechCrunch suddenly announced the “NordVPN hack†with such fanfare.
People appear to be somewhat divided on the issue. Some argue this shouldn’t even be called a “hack†as it involved an expired TLS key on a single server in Finland with no access to user data or traffic. Others are following the tune of TechCrunch and denouncing NordVPN.
On Firefox I use two plugins for VPN — ZenMate & TunnelBear. They are both easy to use and by checking “Whatismyip.com”, it does change the IP address. And that is all I need for sidestepping basic IP blocking. I suppose if I was up to nefarious things I’d use ProtonVPN, which I do when Edward Snowden and I hang out together. :) But the two I mentioned are sufficient for me.
Do you ever answer any of the comments on your articles?
Yes.
Woosh.
hi martin.
does this vpn support Iranian people? and can they use it in Iran?
I don’t know. For now, it is only available in the US.
Is Tor still being planned to be baked in Firefox?
you are referring to the Tor uplift project, not quite the same thing a baking Tor into Firefox
Uh, yeah. Would you trust a device level (meaning a downloaded and installed program) VPN from google or microsoft? Facebook had one…Ha ha! Something that filters every outgoing request from every program on your device?
What could Mozilla possibly gain by selling a VPN that really doesn’t track users? Do they honestly want to join the handful of trustworthy VPN’s because they think they can make money from that market? A little late for that and the market’s tiny.
It’s hard enough to find legitimate VPN’s. The biggest one, starts with E and ends with press, installs a file called “the client that doesn’t suck” or something similar. Proton began uploading crash data without notifying users with no opt out and hijacks your once free email if your VPN account expires. Etc, etc, true VPN’s with no foolishness or underhanded tricks are very difficult to find.
If this ostensible VPN is completely run from Romania or another country with little or no data retention laws and they can prove connections logs are deleted on disconnect, it may be OK. From USA, not even a starter.
There’s significant trust given to a VPN service; I use FF ESR, mod the hell out of it and use system filter apps to get some privacy but don’t trust Mozilla.
Nah.. will give it a pass until NSA VPN edition comes out. :)
ps. what if all these “free VPN’s” are nothing but mere privacy honeypot traps collecting info on people susceptible taking measures disguising themselves on the internet? :)
Good for them, if the customers agree. I am no longer a Firefox user. Mozilla had one target only: to be loyal to his past and big group of users.
They utterly failed at it. Their current trend is to follow some vacuous idea about freedom etc. but in reality they are going to other wa around.
You can fool someone sometimes, but…
I think this being for United States users at this time should be highlighted in bold.
I must have been a “chosen one” or kept up with Mozilla on a different tech site because I’ve been using the beta VPN for over three weeks.
What a splendid idea. Trusting your privacy and security to a large corporation which has proven time and again its outrageous political slant.
Real, paid-for VPNs are already subject to much suspicion as to the actual privacy they provide, and the real commitment of their owners to defend their users. Good luck begin “protected” by Mozilla.
Another of Mozilla’s vices is in full view here : never make it simple when you can make it horribly complex. Keep throwing similar features at the wall until one of them sticks.
It would have been too easy for users to understand if Mozilla said : all right guys, we’re going to revolutionize VPN, and here’s the deal. Best thing since baked bread.
Fat luck : on one hand you’ll have “Firefox Private Network” (which does not even have VPN in its name), on the other hand you have “invite-only VPN beta”.
Their website says this is a “proxy service” (so, not a VPN ?).
The free version is limited to 4 times 3 hours per month. Gee, that’s simple… But wait : not 3 hours whenever you want. You start using the service, and if you stop before the 3 hours are up, your allowance is exhausted. Because of course, everybody sits in front of his computer all day, staring at Firefox. Just like Mozilla developers.
This is what a VPN would look like if it were developed by bureaucrats.
The confusing techie verbiage, exceptions and sidestepping could easily keep this pig in a poke going for a year or so until it’s finally understood by the masses (although most don’t have the patience to try) and ignored. I also see the concept as ridiculous.
The three-hour pass thing isn’t good. Let’s hope they change that before they roll this out widely! I’m not thrilled with the use of Cloudflare for this, either, but Mozilla and Cloudflare appear to have become best buddies now, so that’s not terribly surprising.
Other than those issues, this looks like a good way to get VPN service to people who would not otherwise use a VPN. If it can bring some non-Googly revenue to Mozilla, that’s a good thing as well.
Personally, I wouldn’t use this for two reasons: Cloudflare, and the inability to choose the location of the exit point.
“If it can bring some non-Googly revenue to Mozilla, that’s a good thing as well.”
Cloudflare, non-Googly revenue, are you sure ?
The company’s last $110 million funding round in 2014 included investors such as CapitalG (formerly Google Capital)
https://www.reuters.com/article/us-cloudflare-funding-idUSKBN1QT1EH
@Anonymous:
I was unaware that Cloudflare was paying Mozilla any money.
“I was unaware that Cloudflare was paying Mozilla any money.”
I don’t know if Cloudflare pays Mozilla directly for promoting the service, but any money that Mozilla gets from users of a Cloudflare service while Mozilla’s main contribution is to promote this service, and that Mozilla does not give back to the service provider, should obviously be considered as Mozilla being paid by Cloudflare for the promotion.
Could Mozilla launch VPN in China?
It’s nice…
that I’m no longer a Firefox user :D
“Private”
“Cloudflare”
…
Mozilla is a good company. But I don’t trust Cloudfare. The dictator of my country- Bangladesh is India-Israel backed and has very good relation with USA. They regularly ban websites every week. 20000 sites including Reddit, Al Jazeera, Intercept, Internet Achieve etc is banned. They cleverly do it in name of pornography control but most people know the truth. A trusted in browser vpn (using a separate VPN might make you suspicious to authority) in a trusted browser like Firefox would be very good.
A Mozilla VPN, unsurprisingly centralizing more data to big US surveillance & censorship tech companies. No thanks. They could at least have chosen more trustworthy partners, but of course no, it’s Mozilla. This company is really becoming more visibly a mere storefront for the likes of Google and Cloudflare.
“They could at least have chosen more trustworthy partners”
Like? For example?
Otherwise your statement is nothing but vaporware…
Bashing as “Anonymous” – yes, that’s really unsurprisingly.
A shill using an anonymous “Tom” handle to complain about the internet anonymity of those criticizing his corporate masters, how ironic. Don’t worry, your friends at the Silicon Valley will soon make anonymity impossible anywhere, and they will also do their best so that there’s hardly any place left on the internet where it’s allowed to criticize them. Oh, and look who else in that region of the world seems to share your progressive views against anonymous bashing:
* Want a US Visa? Be Prepared to Hand Over Your Twitter Handle *
https://www.flyertalk.com/articles/social-media-requirement-on-visa-applications-is-sure-to-slow-tourism.html
* US border officials are increasingly denying entry to travelers over others’ social media *
https://techcrunch.com/2019/08/27/border-deny-entry-united-states-social-media/
Anonymouses around the world welcome Tom on his first visit to the internet and his unsurprising attempt at english.
Way too big corp to be trusted.
Mozilla should have done what Proton guys did with mail and vpn but as always missed the opportunity.