A peer-to-peer VPN allows a community of users to pool together and route their internet connections through each other.

There is a misconception that peer-to-peer VPNs are insecure, and "have malware-like behavior". This is true for some popular peer-to-peer VPNs, but it doesn't have to be the case if the VPN is designed with security in mind from the beginning.

The most common concerns with a peer-to-peer VPN are the following:

  1. Bad Responses: Instead of returning the content you ask for, a peer could serve you malware.
  2. Connection Contamination: A peer might infect your computer by requesting malware.
  3. Remote Hijacking: A peer might be able to remotely access your computer to cause mischief.

These concerns are addressed below.

1. Bad Responses

A peer-to-peer VPN is no more vulnerable to bad responses than your regular internet connection. This issue comes not from using a proxy, but from visiting insecure websites.

If you are on a website that does not use HTTPS, anybody can see the information passed back and forth between you and the website. They can even intercept your request and serve you any content that they want, in what is called a man-in-the-middle (MITM) attack. This is true even if you're not using a VPN. For example, large ISPs have been caught red-handed injecting ads into insecure websites.

MITM attack

There is nothing that any VPN (centralized or peer-to-peer) can do to make these insecure websites more secure. Even if the connection between you and the VPN is secure, the VPN (or peer) still has to pass along the unencrypted request to the website.

On the other hand, if you're on a website that uses HTTPS, the connection is encrypted all the way between you and the website. There's no way for anybody in between to read the contents of a request, so it's safe to ask an untrusted peer to make that request for you. This is the reason that we suggest using something like HTTPS Everywhere, which redirects unsecured requests to encrypted ones if possible.

2. Connection Contamination

Your computer warns you when you open a pdf or word file from your email, open an unknown executable, or unzip a rar downloaded from the internet. But why is there no warning against downloading these files in the first place? It's because viruses need be executed in order to activate. Until they are executed, they are just a series of harmless ones and zeroes.

insecure pdfs

Because of this, even if a peer requests malware through your connection, you remain perfectly safe as long as you don't execute it. All a proxy does is take the result from the requested website and forward it over. To your computer the payload is only a sequence of data, temporarily stored in memory and never executed.

3. Remote Hijacking

Much of the bad reputation for peer-to-peer VPNs comes from Hola, which behaved badly in a number of ways, including selling their users' connections to botnets and injecting ads. The Hola client is designed for power, not security, and allowed remote access to every user's computer, including the ability to read and execute files.

In contrast, a peer-to-peer VPN client designed to be secure needs to be extremely limited. There should be no functionality or ability to read or modify arbitrary files on your computer. Nor should it have the ability to evaluate or render the results of any query, or the ability for remote users to execute code on your computer.

Introducing PenguinProxy

PenguinProxy is a peer-to-peer VPN client designed to be more secure than centralized VPN services (and certainly more secure than Hola), without sacrificing any speed (like Tor does).

The PenguinProxy client can only do 2 things:

  • Contact our server to get requests to fulfill (in a specific, limited format)
  • Connect to the requested website and forward the response back to the user.

These mitigations help make PenguinProxy as secure as a centralized VPN, but we can do even better. Many centralized VPNs claim that they store no logs, but there's no way to verify their claims. We're working on improving our peer-to-peer protocol to make it impossible for us to store logs, and for you to be able to verify that claim. Stay tuned!

Security Note: PenguinProxy, like any centralized VPN, allows the computer you are proxying through (the peer or centralized VPN) to know your IP address. Tor gets around this by proxying through multiple peers before finally getting to its destination, but this causes a dramatic slowdown in the speed of your connection. PenguinProxy takes the more pragmatic approach of hiding your IP address from just the websites you are visiting, without your connection becoming unbearably slow. If you absolutely must not let anybody, including peers, know your IP address, use Tor, not PenguinProxy.