Alexis Gantous, Psiphon: “the world is becoming more and more privacy-conscious”
Most of us are aware of the necessity of having strong VPN protection in place. But what are the inherent issues with standard VPN applications, and how can they be solved?
While choosing the best VPN often comes down to its features, the problem with many of the modern VPN applications concerns easily recognizable traffic in certain Internet environments despite the implemented end-to-end encryption. But what can be done about it?
To discuss this matter, we’ve reached out to Alexis Gantous, a member of the Business Development and Operations team at Psiphon Inc, a company that works on providing uncensored Internet access for Windows and mobile devices.
How did the idea of creating Psiphon originate?
Psiphon was founded out of a research project at the University of Toronto’s Citizen Lab, founder and CEO Michael Hull saw the opportunity to take the original peer-to-peer system and further develop it to fill the needs of millions around the world who face restrictions to their access to information online.
Can you introduce us to your circumvention system?
One of the big issues with standard VPN applications is that the traffic, while it’s encrypted, can be very easily recognizable and disrupted in the Internet environments that perform DPI and aggressive filtering of Internet traffic. Psiphon’s state-of-the-art protocols offer multiple creative pathways to obfuscate and connect our users to the content they are seeking online. This, combined with our diverse network of servers placed in over 20 countries around the world, means Psiphon has a robust circumvention network that can much more reliably stand up to interference, as evidenced by tens of millions of citizens around the world turning to Psiphon when facing severe blocking events.
Tell us more about Psiphon’s vision.
Any potential user should be able to review our code and ensure that we are providing the service that we claim to. At Psiphon, we are committed to ensuring our user’s privacy and security are maintained to the best of our ability. We do not require users to create accounts or submit any personally identifiable information to use our service. All of our code is open source and over the years we have posted several 3rd party audits of our code, including penetration tests on our blog.
Do you think the recent global events altered the way the public perceives cybersecurity?
I do, there is a lot of confusing information out there for people new to the topic of cybersecurity. But with the number of data breaches and hacks that have occurred over the last few years, reports of organized hacking groups on the rise, etc., the public and private sectors are starting to increase the focus on cybersecurity risks and exposure.
What would you consider to be the worst Internet habits detrimental to one’s digital privacy and security?
Password security or lack thereof is number one, important accounts especially with access to personal or banking information should always be protected with strong passwords and multi-factor authentication where possible.
Protecting one’s Internet connection on public wifi connections is always a big topic as well and the use of Psiphon or a VPN that encrypts your connection can be very helpful. Finally, be wary of unfamiliar or unexpected emails/messages that ask you to click a link or enter passwords/information. These types of scams are on the rise and can be less obvious than you might expect.
What best practices or tools should Internet users adopt instead?
Password managers can be a great tool to save you from having to remember many complicated strong passwords, many are free for personal use and ensure that you don’t use the same passwords for everything. Typically they also ensure multi-factor authentication with apps like Authy or Google Authenticator which can be another great step in protecting yourself online.
With remote work becoming the new normal, what security measures should companies invest in to secure their network?
As mentioned already, passwords and MFA are important for personal use but should be even more important for businesses, many phishing scams target employees and payroll staff of small companies.
Make sure that employees have access to a reputable VPN service that publishes and adheres to open source development principles and methods. This will ensure employees have access to important services for work and will help to protect company information and data.
Do you have any predictions for the future of the Internet? What improvements do you hope to see in the next few years?
It seems much of the world is becoming more and more privacy-conscious. I predict that we will see more legislation following the lead of GDPR and European regulations around privacy and consent-oriented handling of user data.
What does the future hold for Psiphon?
At Psiphon, we are continually improving and refining our technology, we have some exciting projects in the work including a newly released service called MalAware which, when connecting to our network through a Psiphon app will automatically monitor for any connections coming from malware/adware on your device and notify you if your device has been compromised.