We have not investigated too much into this topic - but from what we know it would probably be easier to implement a bandwidth cap than monitoring the bandwidth.
And from a priority perspective it is likely to take a while until we get to these topics, our focus lays elsewhere at the moment.
> And if you check country prefix with the list of country prefixes anyway... Why do you even bother with country AND prefix?
For users subscribing to the SPN, we are required by law to pay taxes. In order to attribute an Internet user to a country you have to collect 2 of these 3 data points, and naturally they have to overlap.
- an IP address
- a country the user selects
- a phone prefix the user selects
Many tech companies collect all three, with the addition of collecting the full phone number instead of only the prefix.
We chose the approach we felt respected user privacy the most. We know the resulting UX with the phone prefix is uncommon, but thought it superior to storing your IP (which most companies do while hiding that fact away in the Terms of Service)
---
For the DNS implementation, we do have in depth docs talking about DNS integration. As a summary, local queries or not leaked. [0]
We are not too content with Cloudflare as the default. We opted for them since they were the fastest at a time when Portmaster itself had speed issues. A re-evaluate is probably due since a lot happened in the meantime. Thanks for this input, I took a note. Also, here is the context of that time if you are interested. [1]
---
And lastly, yes Portmaster deeply integrates into the OS via a kernel extension. Specifically, via the Windows Filtering Platform APIs [2] This means network packets can be intercepted. Just as browsers, who enforce DoH, manipulate network traffic, or VPN software.
I have difficulties seeing your concerns here. We document everything we do and that can be verified by inspecting the source code.
> We know the resulting UX with the phone prefix is uncommon
Sure it is. I've encountered this type of selection, but extremely rare.
Maybe add an (i) explaining why do you ask for the prefix? Could be a free bonus point for you for respecting the users privacy. Current link (i) just throws you to Wikipedia without explaining anything. This is pretty confusing.
> local queries or not leaked
For the well known zones (listed on that page) sure. I'm talking about any other named zone. Eg I would have a split-brain DNS with only a handful of A records on the public side, while a lot more on the internal side (accessible through VPN, for example). If I understand from your blog [0] you would intercept and reroute this query to the DNS servers configured in the Portmaster. Which not only would leak the internal names but explicitly break the resolving, because it would be performed from the public Internet.
Also reading further the only place where the /behaviour/ is somewhat explained is the end of DNS configuration article [1] It is not a good marker what I needed to deep-dive in the multiple docs and blog articles to find out how exactly you iteract with DNS.
And also knowing what you outright disabled 'dnscache' on Windows machines before... Means you have a pretty perverse understanding on how things can and should be done. And for me it would be another hard 'no' for using your product - you are thinking you know better than me or even guys from Redmond.
> I have difficulties seeing your concerns here
> Just as browsers
Excuse me? My browsers doesn't install WFP filters to 'manipulate traffic'. FF can query DoH, but does it by running a user-mode code in the browser process.
Okay, now I have a way formulate my concerns:
Not only you do the things you shouldn't do (eg dnscache disablement); you are omitting how exactly your 'Secure DNS' works in your documentation (no, blogs are not documentation); you purposely skew your wordings on things you shouldn't (WFP filters for browsers?!).
> Maybe add an (i) explaining why do you ask for the prefix?
True, could be a bonus. Took a note.
> And for me it would be another hard 'no' for using your product
Reading about your setup I do agree with you. One shoe must not fit all, totally fine with us. My goal was not to convince you, but to provide explainers and pointers to your input.
> Okay, now I have a way formulate my concerns:
> Not only you do the things you shouldn't do (eg dnscache disablement); you are omitting how exactly your 'Secure DNS' works in your documentation (no, blogs are not documentation); you purposely skew your wordings on things you shouldn't (WFP filters for browsers?!).
Now generally speaking, I acknowledge I responded with technical inaccuracies. The sentence with VPNs and browsers should have been left out.
I normally tend to BS check technical stuff with Daniel, but did not want to ping him in his vacation because of a HN response. However, I should have disclaimed I am not a Portmaster dev or networking expert. I come from a web development background.
> you are thinking you know better than me or even guys from Redmond.
I am certain I know less than you in this field. Thankfully Safing does not rely on my skills in that area.
I do however strongly push the docs, through which I want to bridge the gap between the high level claims on our website and the source code. If you are willing to contribute, I am happy to receive a write up of yours about the things you feel are missing. It can be technical and beyond my expertise, since I would discuss it with Daniel anyway and see how to best proceed.
> My goal was not to convince you, but to provide explainers and pointers to your input.
The thing is, I should be convinced by your documentation alone. My shoe is unique (as in 0.001% at best), but the questions are valid not only for my setup only. The typical situation would be some VPN provider installing a global route through the VPN service and configuring resolvers to internal company DNS servers (to be able to resolve internal names, duh). This is not /that/ unique situation in WFH world.
> but did not want to ping him in his vacation because of a HN response
Yep, you shouldn't!
> I come from a web development background.
Ah, that explains some things.
> Thankfully Safing does not rely on my skills in that area
Ahah, being humble and self-conscious. Gladly I already drank my coffee.
> If you are willing to contribute
Thanks, no, I have too many posts unread, too many comments not replied.
But overall:
You should have a clear and straight explanation on how P. uses DNS in [0] (right at the start, before anything else) and in [1].
Preferably in typical scenarios, eg:
1. I want to use only secure DNS of P.? A: Configure your OS' DNS resolvers to point to 127.0.0.1/::1; configure P. to use secure DNS providers (or leave the defaults enabled)
2. I want to use my own resolvers, how P. would work with them? A: P. would intercept non-secure DNS requests (plain udp/53) and perform the request itself and return the result back to the querier.
3. I use P. secure DNS, but my work resources (which I access with VPN) isn't working! A: Make following configuration changes in P. config to route queries for you work: ...bla.bla.bla.
For anyone else (who doesn't need typical scenarios, like me?) I need to understand how exactly you provide a secure DNS without changing my configuration. Because now it is looks like this is exactly what happens - no changes, system configured with external plain UDP/53 resolvers... and P. magikally makes them secure.
Anything beyond the scope of the next few weeks or max 1-2 months is hard to predict. Things change fast and suddenly priorities have to shift because of XYZ.
That is why we only communicate what we are working on at the moment. Thanks for checking in on the roadmap, it will be the place we will say when we start macOS.
For now I can tell you macOS is unlikely to be worked on in Q1 2022, as our resources are focused elsewhere. Beyond that, we honestly do not know.
fyi, in case you are not already, you can subscribe to the rss feed or the newsletter - which is a short version of the progress updates - to reduce friction of staying in the loop.
Thanks for checking it out and your kind words! If something comes up don't hesitate to create a bug report or feature request.
We are looking into other linux package managers we can support. We actually have an open issue for creating an `.rpm` package, see https://github.com/safing/portmaster-packaging/issues/4. We plan to address a couple things with our installers in fall and hopefully will then also ship an `.rpm` installer.
You can also show extra support for a platfrom by voting for it in the micro-survey when signing up for a Safing Account. (https://account.safing.io/account/sign_up)
Some questions you might have - for further questions, just ask anything. Question everything.
### What do you make and sell? ###
We are developing the Safing Privacy Network (SPN), most easily understood as a "VPN on steroids". However, we built the SPN from the ground up and do not rely on the decades-old VPN technology. As a result, we can truly protect our customers from prying eyes, such as an abusive Internet Service Provider.
### How do you distinguish yourself from the competition? ###
We wrote blog posts on how the SPN compares to VPNs and Tor:
### What keeps you up at night (about your business) ?###
The importance of privacy has in upholding our democratic societies. If we cannot effectively resist mass surveillance, our society will slowly fade into a totalitarian, thought controlling dystopia. How to bring privacy solutions to the masses is what drives us.
### What are you hoping to do over the next year that you have not done before? Why? ###
In the next year, the SPN will evolve from a lab-tested product to a network handling hundreds and thousands of users. Since 2017, we were heavily investing into research and development. Finally bringing our product to the market is very exciting to us!
### What was your "eureka moment" that led you to start this organization or company? ###
The Snowden revelations triggered an "eureka moment" for Daniel, who realized how current privacy solutions simply don't cut it with the vast surveillance programs of intelligence agencies and big tech.
### Are you solving problems for your industry, for society, the world? Which Problem? How come nobody solved those problems before? ###
Mass surveillance impacts everyone connected to the Internet. With our world being so connected, it is hard to think of areas this does not affect. Manipulation, targeted financial exploitation and large scale censorship all already exist in societies around the world because of it.
There are a lot of smart people working on solving pieces of the puzzle, but most solutions end up being very technical and relying on technology not initially built for protecting privacy.
The SPN is built from the ground up, looking on how one would solve privacy with today's technology. It also focuses on ease of use before all, making it a breeze to use.
but as you said, on the higher levels you can no longer differentiate by app...