Project Rogue is Winston Privacy’s newest technology to deliver convenient protection against unwanted data collection on mobile phones.
Rogue combines decentralized networking technology with an intelligent privacy firewall, encrypting internet activity (including DNS) while providing uncensored access to the global internet, free from spying eyes and logging.
Read on to learn more about Rogue or sign up now for the early access waitlist. Space is limited. Join our waiting list to receive access to beta builds, exclusive invites and discounts.
We're building Rogue with the following design goals in mind
Device data is the holy grail of digital surveillance
The ability to correlate browsing activity with a unique device is incredibly valuable to the tracking ecosystem. For years, big tech interests have steadily chipped away at the barriers to omniscient data collection.
For instance, the typical home setup is somewhat problematic for eavesdroppers because of something called “Network Address Translation” (NAT). NAT was designed as a solution for the shortage of internet addresses (IPv4)… there were simply not enough of these to go around. For context, there are approximately 4.3 billion IPv4 addresses available but there are somewhere around 35 billion hardware devices online.
NAT provides a way for devices to share the same IP address. It does this by acting as a decentralized intermediary, effectively hiding local device data from the outside world.
It turns out that this is a great privacy tool...
So of course, there is considerable interest in eliminating it.
Enter IPv6. It’s a new scheme with enough addresses to fulfill the world’s demands forever. So many, that every device on earth could have its own. It eliminates NAT and maybe reduces latency by a few milliseconds. What’s not to like?
Well, it turns out that giving every device a unique identifier coincidentally makes data collection much easier. You can even embed a network device’s Ethernet MAC address into an IPv6 address.
To be fair, there are safeguards which have been proposed or even implemented to prevent this, such as assignment of random IPv6 addresses on a regular basis. However, these are optional afterthoughts (they are called “extensions” for a reason). It is up to the client to implement them. And we know the track record of big tech companies when it comes to caring about privacy.
If you like privacy, you should be firmly against IPv6. All things being equal, it is far better to rely on a proven decentralized technique (NAT and edge-based IP assignment) instead of a new and improved way controlled by a tech conglomerate to do the same thing.
Oops… too late!
It turns out there’s a very common scenario in which this technology has already been turned against you: mobile devices.
A typical mobile phone connects directly to the internet via a wireless carrier, frequently with IPv6.
While the content of the web pages you visit is largely encrypted, the metadata emitted by your phone is not. The IP and MAC addresses are exposed, along with DNS and TLS handshake messages, thus enabling data collection of individual devices by the provider, most of whom sell this data.
Why it matters
The IMF has recently called for your web browsing activity to be used to determine your credit score. In China, web browsing factors into citizens' "social credit score". And in some parts of the world, this data is even used to profile individuals for criminal investigation.
We can’t change the mobile networks, but we can encrypt and unblock the internet. In fact, solutions such as VPNs have been around for ages. To some degree, these are effective. But they come with some major disadvantages:
We’re setting out to change this with Rogue.
Rogue starts by establishing an encrypted tunnel, rendering your internet activity inaccessible to infrastructure eavesdroppers.
Legacy tunneling technologies do something similar but unlike theirs, our protocol is able to change ciphers in mid-stream without disrupting the underlying connection. This is one of the sources of connection drops experienced on legacy VPNs. We have even filed a patent for this technology (“Method and System for Asynchronous Side Channel Cipher Renegotiation”).Winston’s tunneling protocol is UDP based and was designed to achieve encryption with low latency. This protocol is capable of much higher throughput than many legacy TCP-based protocols.
Beyond this, the destination address is randomized and can even jump ports in mid-stream. This concept has been proven to be an effective technique for traversing the great firewall of China, as it prevents simple manual blocking of traffic.The above manages to get your traffic to a cloud endpoint. We still need to get it through the cloud and to its eventual destination.
What about logging?
Quick detour to address the primary consideration of anyone considering a service such as this.
A legal guarantee from a reputable company located in a country with strong privacy protections is the best protection here. We’re based in the US, not China, Russia or Pakistan. In the event that we were forced to comply with a subpoena, we would be obligated to hand over a user’s subscription data. We would not have billing information or any records of internet activity.
If we were to voluntarily break that legal representation, then we would be subject to civil litigation under US law.
Consider also the provider's other vested interests.
Remember: If the product is free, then you are the product.
Back to networking topology. A key design goal of the Rogue project is to enhance privacy through decentralization. As with our hardware privacy filter, this is achieved with a data “tumbling” model.
The diagram below roughly illustrates how this works. Imagine that A, B and C below are different Winston users, each communicating with the internet:
A portion of user A’s traffic is sent through B and C. While a portion of B and C are sent through A. The bounced traffic is encrypted, then mixed together at any given node. This greatly reduces the confidence of an eavesdropper in the accuracy of the data they collect. So even if an ISP manages to get around NAT (such as by renting you one of their fancy all-in-one modem/routers, which you should always avoid), this routes individual device traffic around their wiretap.
This approach also defeats machine learning and AI-based traffic filtering methodologies. These are excellent at filtering out false, machine-generated traffic but cannot filter out real human traffic without introducing intolerable errors into their models.
To avoid censorship and blocking, one must also consider current VPN detection technologies which collect utilization data on IP addresses. VPN providers typically service large numbers of users with a tiny collection of IP addresses (1000-5000 to 1). Our goal is to maintain a much lower ratio of users. This means that we fully expect to spend more per user than a legacy VPN. While this does likely mean that Rogue will be a premium priced product, it also means that we will come with premium speed, privacy and other benefits.
Finally, Rogue’s design goals also call for intelligent blocking of unnecessary web resources, primarily tracking services. Not only does this lead to significant reductions in page load time (up to 90% on some sites), it also reduces data consumption and battery drain on mobile devices. Expect to hear more from this when the time comes.
Want to try Rogue before anyone else? Space is limited. Join our waiting list to receive advance access, exclusive invites and discounts.