i2Coalition Member Spotlight: Hide.me
After years in the the Internet security industry, tech entrepreneur Sebastian Schaub saw a need to provide privacy as a basic human right, and set out to create an affordable virtual private network that could offer privacy and security. In 2012, he launched this as hide.me.
In the years that followed, the popularity of VPNs has surged, and hide.me has kept up with the demand. It now has VPN servers in 60 different locations, and offers a comprehensive suite of services to allow users to access blocked and restricted content on the Internet safely and securely.
Hide.me is also one of the newest members of the i2Coalition and its VPN Trust Initiative (“VTI”), a consortium of leading VPN providers focused on improving digital safety for consumers by building understanding, strengthening trust, and mitigating risk for VPN users. We had a chance to connect with Schaub about hide.me, how it’s unique in the industry, and how VPN providers can earn the trust of the consumers who rely on them.
i2Coalition: What is the challenge of supporting IPv6 as a VPN?
Sebastian Schaub (CEO, hide.me): Although IPv6 was specified in 1998 and the worldwide Internet penetration was supposed to reach 50% by 2020, we still have quite a few technical challenges to overcome when it concerns VPN. Many VPN protocols and/or operating systems support it in their own particular way. A serious VPN provider has to make sure to accommodate various operating systems over each VPN protocol they may support.
In-tunnel IPv6 is just a whole new networking stack, it’s like re-implementing a VPN from scratch. Some protocols make it easier for us to implement it (OpenVPN for example), some make it hard (SoftEther, for example). For some protocols, IPv6 support seems like a huge hack. Such are usually old, outdated, and abandoned protocols. Luckily, all the protocols hide.me operates include in-tunnel IPv6 support.
IPv6 may be used as a carrier protocol, ie., VPN connections may be established over IPv6 instead of IPv4. A VPN provider has to take care of the IPv6’s characteristics and quirks when redesigning the tunneled traffic handling. A poorly designed system may easily break the tunneled traffic. Even worse, some OS-es dislike IPv6 as a carrier protocol and do not work at all with it. So, we need to take care of the customer’s circumstances when they try to establish connections. Our apps provide this intelligence.
The whole stack was a lot simpler when we had only IPv4 to deal with. We had IPv4 over IPv4 , IPv6 leak protection, and that was it. Nowadays, we have to support four combinations: IPv4 over IPv4, IPv4 over IPv6, IPv6 over IPv4 and IPv6 over IPv6. This increased complexity requires a VPN provider to invest more resources when developing new features or with keeping compatibility with the features it already supports. This directly translates to additional human resources costs.
Even though the US IPv6 adoption is at 46%, many of our former partners (data centers, networking peers) do not support IPv6 at the moment. We had to make huge infrastructural changes, switch providers, negotiate new deals with peers in order to support public IPv6 in as many locations as possible. Nowadays, hide.me operates just three locations within our network where we can’t get hold of public IPv6, soon to be just two. In-tunnel IPv6, however, works on all of our locations.
So, is supporting IPv6 a big deal? We do think so, that’s why we do support it and advocate it’s further adoption. In fact, no VPN provider has a choice regarding IPv6 support, given the fact that IPv6 is the preferred Internet protocol in a modern OS.
Our customers expressed demand for IPv6 support a while ago, and we had to provide it, as long as it was technically feasible. Also, our customer support team had to gain additional knowledge and understand how the whole and more complex stack operates now. This was, among others, one of the key challenges: the education of our support teams and engineers.
So, to sum it up, the challenges are technical, organizational, business, and customer support related. Implementation of IPv6 support takes a while and has grave repercussions on the whole operation.
i2Coalition: How do you ensure that no IPv6 traffic leaks happen?
Schaub: It is important to note that we do support in-tunnel IPv6 on all of our locations, so we do not need to activate any sort of general IPv6 leak protection. Our usual protection measures, as implemented by our firewalling engine, are still applied, though, while our kill-switch takes care of unwanted disconnects or other networking issues a customer may have.
i2Coalition: A no-log VPN is a huge step for users to have more privacy and security, but what are some of the things hide.me does to provide a truly anonymous Internet experience to customers?
Schaub: I think we will have to try and answer this question from two different perspectives.
Firstly, let’s look at the things which hide.me does to create enough trust among its users, which is beyond security features.
- External Audit – hide.me was among the first VPNs if not the first to get itself audited by an independent security analyst.
- Transparency Reports – hide.me was a pioneer in creating transparency about what legal requests we receive, where do those requests come from, and how did we respond to those. We have been publishing these transparency reports since 2012, and we just published the 2019 version a week ago.
- 8 years of history – We are not another “me-too” VPN; we have been in the market for almost eight years, and customers value this and helps them perceive us as a credible VPN service.
- Independence & Loyalty to Users – We are very proud to be an absolutely autonomous VPN provider who is not a part of any big corporate group, which allows us the complete freedom to make decisions based on our users’ privacy instead of on the basis of maximizing shareholder wealth.
- Location, Location, Location – We are based out of Malaysia as the local laws don’t oblige us to store user activity logs. We made this choice in the best interest of our users, although it’s not the most ideal country for us to be able to find the best talent to work for us.
Secondly, lets look at the features that hide.me offers to ensure anonymity.
- IPv6 support – We are again one of the pioneers in offering end-to-end IPv6 support (discussed this in a lot more detail as answer to your other question)
- Kill Switch – we offer a firewall that limits all connections to the VPN server and also functions as “Kill Switch” that blocks connectivity if the VPN connection drops.
- Split tunneling – We allow the users to choose which apps they would like to use with a VPN and which ones without so they can enjoy their online experience uninterrupted.
- StealthGuard – Allows users to choose certain apps that will not work at all without a VPN connection.
i2Coalition: The Free Anonymous Proxy Browser is an interesting way for people to see how websites might be blocked or look different depending on where you’re located. What was the intention around building this tool?
Schaub: I find a lot of pleasure when I am asked this question, and the best way for me to answer this is by explaining why I decided to build hide.me. I built hide.me because I genuinely believed that Internet security and privacy is a basic human right, not just a luxury for a few. I tried to look for VPNs, which were economical and yet to be trusted, but my search was in vain. At that moment, I decided I needed to build a reliable, fast, trustworthy VPN along with a freemium option so people could see the power of using a VPN. To get closer to my goal, one of the fastest ways was to launch a browser proxy followed by quite a few products which depict our vision. As we stand today, we offer a lifetime free VPN (Which is getting even better, stay tuned for the updates as we are bringing a revolutionary change to our free product soon), a free proxy, and free browser extension.
i2Coalition: What appealed to you about joining the VTI and more broadly the i2Coalition?
Schaub: There were two different things which appealed to us the most.
- Common goals – Educating users about online security and privacy is going to be one of the biggest challenges as we move forward but critically important, so aligning with an organization that has similar goals is always helpful. Making people aware of the online threats and helping them understand how they could mitigate them is something that is at the core of hide.me as an organization. We believe that joining hands with VTI and especially i2Coalition is a big step forward for us.
- Reputation risk – We feel that the barrier to entry for the VPN industry is so low that it makes it really easy for a lot of people to launch a new VPN, and we see new brands emerging almost every day. In such a situation, we feel that there is a very high risk that some people are in it only for money, and they might compromise on the ethics and foundations the VPN industry was built on. To come out of this winning, we feel that it’s our responsibility to do everything we can to ensure that all VPN providers follow a certain code of conduct, which is purely serving the interest of our users’ privacy, security, and anonymity. If we are unable to do this, we fear that users will find it really really difficult to trust even those VPN providers who hold themselves to very ethical standards, and that’s not a good ending.