Most of us are aware of the necessity of having strong VPN protection in place. But what are the inherent issues with standard VPN applications, and how can they be solved? While choosing the best VPN often comes down to its features, the problem with many of the modern VPN applications concerns easily recognizable traffic in certain Internet environments despite the implemented end-to-end encryption. But what can be done about it? To discuss this matter, we’ve reached out to Alexis Gantous, a member of the Business Development and Operations team at Psiphon Inc, a company that works on providing uncensored Internet access for Windows and mobile devices. How did the idea of creating Psiphon originate? Psiphon was founded out of a research project at the University of Toronto’s Citizen Lab, founder and CEO Michael Hull saw the opportunity to take the original peer-to-peer system and further develop it to fill the needs of millions around the world who face restrictions to their access t
As part of our ongoing commitment to achieving the highest standards of transparency and security, Psiphon commissioned 7ASecurity to conduct a security review of its code base related to four new Psiphon enhancements. The resulting report is public and can be found at: https://7asecurity.com/reports/pentest-report_psiphon-e.pdf . Using a “white box” approach, meaning the complete source code was available, the security team set out to determine Psiphon’s adherence to secure coding best practices, and to provide safeguard recommendations, where appropriate, based on their findings. The security team used a variety of tools and methods against all Psiphon source code and third party libraries. Network traffic was also analyzed to identify potential attack vectors, fingerprinting and Psiphon’s behaviour under attack. The team’s conclusions were that: “ The Psiphon platform was found to be resilient to a broad range of attack vectors and provided an overall solid impression. This