What do you think about Nym VPN?

I went through their page, some of the entries in their blog plus looked over some of the people involved (technical ones not "pr" related) and I have mixed feelings (pun not intended).. From one side it does look promising based on the concept of mixed networks but the fact they have their own "crypto tokens" makes me feel like they may pull some stupid shit to gain profits via the crypto scam..

While they're few years in (6+) their VPN is still in early alpha, so there's not much to base opinion on.. I'd wait for an actual data proving how this works in practice, not another AI sales pitch..

FlipSid

I might be inclined to try a new service to see if it hasn't been blacklisted from many sites like the other well known vpns have been. For example you can't post on 4chan while using protonvpn

DeletedUser200
From their web page the NYM team

Alexis Roussel; Alexis is Nym's COO and co-founder.
Before Nym, he established Bity, a Swiss crypto brokerage
and financial services firm,

Ania Piotrowska; She also explores blockchain in the context
of cryptocurrency privacy.

Ben Laurie; Currently, he works at Google as a Principal Engineer.

so a direct link to crypto currency a G**gle engineer and a new "all singing all dancing" secure VPN and its free for now.. Its just too much to believe, I think I will pass on Nym, that's my gut instinct

Hi, happy to answer any questions you have about NymVPN. Disclosure: I work at Nym Technologies.

Plobberfroth not going to register without knowing plan costs.

@Plobberfroth we launched our paid version a couple of weeks ago. You can check pricing at nym . com / pricing.

wuseman They are most definitely not the only VPN that can ping you around different nodes to make it harder to figure out who you are. Proton even has that, I believe.

@wuseman Indeed Proton does offer a multi-hop setup (not by default though). NymVPN offers 2 modes, both a multi-hop VPN, and our signature "mixnet" mode. This mode does aim to hide your metadata, something typical VPNs do not offer.

N1b I think it's shady that they hide their price

@N1b As a new product, we were in a free beta mode. We launched our paid version on March 13.

N1b Over time, it will become more reliable to judge one way or the other.

Indeed, trust is built over time! To jump start that trust, feel free to have a look around our Trust Center, which provides info about our open source code (server and clients), security audits, university partnerships, peer-reviewed papers, and more.

FlipSid in the end one question would still remain why one would, or should, use them over Mullvad, IVPN or Proton?

Indeed! Trust will be built over time, and it's up for everyone to try. Get 5 or 10 years back in time: Why one would, or should, use Mullvad, IVPN or Proton? And yet...

ryrona Actually, routing through more than 3 nodes does not improve anonymity any further, as the largest risk at that point is if the attacker control both your first and last hop, in which case they can deanonymize you reliably regardless of number of nodes in between.

@ryrona while we respect Tor a lot, the mixnet is built with a different architecture. Nym is not just "adding another 2 nodes". Packets are onion-encrypted, and also delayed and mixed with cover traffic to further improve the privacy properties of the network.

angela Can anyone create a node? What is to stop governments from creating 100 honeypot nodes?

Anyone (including you!) can run a node. Nodes can (and will be) run by governments. Limiting these behaviours is done by actively managing our community of operators, and making use of the mechanisms described in the “Reward sharing for mixnets” article (“costs” to setup a node + a reputation system). Limiting the impact of this is done by being multi-hop by default (so one node doesn’t see both your IP address and the destination of your traffic – which is not the case of single-hop VPNs). Users can also limit that by frequently rotating the nodes they use.

In the future we plan to include mechanisms to detect active attacks and penalize/exclude nodes found to engage in active malicious behavior, as well as to limit opportunities for passive (undetectable) malicious behavior through the use of secure hardware.

area51 so a direct link to crypto currency a G**gle engineer and a new "all singing all dancing" secure VPN and its free for now.. Its just too much to believe

The Nym founders also comprise renown computer scientists and cryptographers (MIT/Inria, KU Leuven). Ania Piotrowska designed the "Loopix Anonymity System", the communication system from which Nym originates, and which was presented in 2017 at the USENIX Security Symposium, a renown security conference. The advisory board comprises (co-)designers of cryptography all of us use (ChaCha, TLS 1.3, etc.).

nym-product Do you have any ideas on how to protect yourself against this?

I pointed to the LEA risk in this thread (expand by dots). I generally criticize VPNs for misleading users. Nym seems very innovative to me though and address a lot of the issues that could be pointed out. I hope Mullvad, Proton, and IVPN will also change their infrastructure in line with yours solution.

nym-product btw: It is really valuable that Nym's CEO (Harry Halpin) openly admitted that China has such developed network tracking tools that Nym can't find solutions for it and afraid that this type of tools will also be used in the west to track users.

nym-product thanks for being available here for review. I checked the website again and have some feedback plus a general game theory question.

Feedback: It's not easy to understand from the website what Nym is about. For fact finders it would be helpful to explain the background or link to a more extensive blogpost, e.g. why you claim that Nym is a trustless network. I also checked out your user experience upon payment and was pleasantly surprised that you offer 50% discount when paying with crypto. This is nowhere mentioned on the main page but a huge USP for privacy and Bitcoin/Monero enthusiasts. I had to click through the checkout process until the last page in order to even get this information. If I were you I'd make this clear on the upper main page.

As for game theory: In my opinion the only truly decentralized and trustless system out there is the Bitcoin protocol, as it is thermodynamically secured and now at a point where it requires too much energy to break. For this to work, it had to start very weak and under the radar of big threat actors who could have easily attacked it in its infancy. It also needed a good incentive infrastructure for people to come in and secure it with energy, and it had to be without any premining, proof of stake nonsense or intransparencies to build trust. Bitcoin fulfilled all those requirements and is very popular today.

But this also means such a story can't repeat. Threat actors like governments and big companies are aware of blockchain technology now and will attack any project that starts with similar traits. Also winner takes it all, and most miners wouldn't allocate energy to a secondary network if there's Bitcoin. So assuming Nym has a Bitcoin-like protocol with truly decentralized intentions, it still wouldn't work because of the inherent weakness in the beginning and the pure existence of Bitcoin today. Therefore any new idea that tries to be truly decentralized and trustless has to build on the Bitcoin network (usually as a layer on top of the Bitcoin network, like Lightning, Stacks, Liquid or Merlin). At least this is what I believe.

So how does Nym plan to create a trustless system based on blockchain technology? It doesn't look like it builds on the Bitcoin Blockchain and would therefore never at its core be decentralized or trustless. And how would it protect itself against threat actors? How would it incentivize individuals to contribute protection? Just like with Monero, the idea and intentions behind the project might be great and honorable, but how does it have a chance to survive in the long term?

argante Do you have any ideas on how to protect yourself against this?

Nym's official take on it is https://nym.com/blog/privacy-under-threat-switzerland.

N1b Feedback: It's not easy to understand from the website what Nym is about. For fact finders it would be helpful to explain the background or link to a more extensive blogpost, e.g. why you claim that Nym is a trustless network.

Point taken.

N1b you offer 50% discount when paying with crypto. This is nowhere mentioned on the main page but a huge USP for privacy and Bitcoin/Monero enthusiasts.

Yes. This is a temporary launch offer, the team didn't want to promote it too much. It will be removed within a couple of weeks.

N1b So how does Nym plan to create a trustless system based on blockchain technology?

Let me get back to you with a more elaborate answer.

@nym-product Would be interesting to take a look at your audit reports. Is it possible to get a link to the Cure53 report? The link on your page does not work, and I can't find a report about Nym on cure53.de. https://nym.com/trust-center/Cure53-security-audit-2024

nym-product It's good that you wrote it so directly:

A new digital surveillance ordinance in Switzerland is being proposed that would require telecommunication companies in the country, including encrypted email providers like Proton and VPNs like NymVPN, to collect identification from people using their services. Egregiously, it also demands a backdoor on encrypted content.

Similar regulations are planned in Sweden. If I remember correctly, Mullvad defended that they are not ISP and do not have to log in user activity. But these regulations can be updated. Next, even if VPN declares that it does not save logs and does not track user activity, such user activity can track monitoring in data centers, where the VPN server is located. CDN will already ensure that all network traffic is as visible as possible. Halpin believes that the Nym services in China are tracked despite the use of Mixnet. In his opinion in China, the network traffic should be as similar as possible to the typical and on the smallest scale. DAITA generates a similar problem - it makes it difficult to track, but it makes such network traffic very distinctive and simply the attack vector will be different. In China OpenVPN instead of Wireguard would be definitely more appropriate, because all traffic is more similar to typical network traffic.

argante I somehow get a feeling you're shilling for nym while bashing anything else... Kinda sus, don't you think? And you have yet to provide any evidence for your claims in other threads I did ask about. Obviously we all are entitled to out own opinions, but the way you interact speaks lot more than your words..

0xsigsev I think Nym solved the problem of masking IP very well. They have two options for launching: Fast (Wireguard) and Anonymus (mixnet). This shows that the first option, despite two servers, is not considered by them as anonymous. My negative attitudes to VPN come from the fact that they often have only one server and say to users that they will be anonymous. This is misleading. Nice that there is Mullvad, IVPN or Proton. However, I would like them to declare to users that they are doing what they can to provide users anonymity, but for various reasons they are not able to provide it. I was positively surprised when Harry Halpin openly said that for some time they succeeded in China, but now their solution is no longer effective in this country. And he added a very important thing: tools that were used in China will also be used by other countries.

Mixnet solves half the problem: hiding IP. However, relying on UDP (Wireguard) causes that such network movement becomes much more visible and unusual. This makes it easier to isolate. And this opens the way to a more targeted analysis. The second problem that remains is the fingerprint, but VPN will not help here.

And you have yet to provide any evidence for your claims in other threads I did ask about.

I presented my point of view. Ignore what I write if you disagree. Argumentation with providing precise sources is a lot of work, and not always someone has time to do it.

argante I am all for naming and shaming and I do agree that many VPN providers are just running a proxy network disguising as a VPN and trick users into believing they are 'secure'.

But all the posts I have seen made by you were putting all providers into one bag while naming Mullvad and few others saying they do XYZ and therefore lie to their customers. That part is what I have problem with, and don't get me wrong I am not trying to put Mullvad here as some kind of a martyr or holy grail of VPNs I trust them as much as any other such company which is which is absolutely zero trust, but I did my evaluation and they (for me) are much more trustworthy than something like Proton.

As for nym for now all I see is a buzzword bs bingo. Yes, they say one of the team members is a crypto expert (with PhD and shit) but for now I see them as just a 'face' of the project and not actual SME.. I would also like them to relink the cure53 audit. @nym-product

Xtreix Mullvad and Nym are working on proposals against traffic analysis attacks

Can you help me locate where in their (nym) docs/blog etc this is mentioned?Searching for it does not yield any results..

Xtreix Thanks was thinking that they maybe have some actual documentation but so far just marketing stuff..