Outline VPN

Outline VPN
Developer(s)	Jigsaw
Written in	TypeScript, Go, Java, Swift, Objective C, C++, C#
Operating system	Windows ; macOS ; Linux ; ChromeOS ; Android ; iOS ;
Available in	English
License	Apache License 2.0
Website	Official website

Last updated March 18, 2024

Outline VPN is a free and open-source tool that deploys Shadowsocks servers on multiple cloud service providers.^[1]^[2] The software suite also includes client software for multiple platforms. Outline was developed by Jigsaw, a technology incubator created by Google.^[3]

The Outline Server supports self-hosting, as well as cloud service providers including DigitalOcean, Rackspace, Google Cloud Platform, and Amazon EC2.^[3] Installation involves running a command on its command-line interface, or in the case of installing on DigitalOcean or Google Cloud, its graphical user interface.

Components

Outline has three main components:^[4]

The Outline Server acts as a proxy and relays connections between the client and the sites they want to access. It is based on Shadowsocks, and offers a REST API for management of the server by the Outline Manager application.
The Outline Manager is a graphical application used to deploy and manage access to Outline Servers. It supports Windows, macOS and Linux.
The Outline Client connects to the internet via the Outline Server. It supports Windows, macOS, Linux, ChromeOS, Android, and iOS.

Security and privacy

Outline uses the Shadowsocks protocol for communication between the client and server. Traffic is encrypted with the IETF ChaCha20 stream cipher (256-bit key)^[5] and authenticated with the IETF Poly1305 authenticator.^[6]

Outline is free and open-source, licensed under the Apache License 2.0, and was audited by Radically Open Security and claims^[7]^[8] not to log users' web traffic. The Outline Server supports unattended upgrades.

Outline is not a true VPN solution but rather a Shadowsocks-based proxy. The two technologies are similar in the way they can be used to redirect network traffic and make it appear as originating from another device (the server), and hide the traffic's final destination from observers and filters until it reaches the proxy server. However, a VPN has additional capabilities, such as encapsulating traffic within a virtual tunnel, and allowing connected devices to "see" each other (as if they were connected to a LAN).

Outline is not an anonymity tool, and it does not provide the same degree of anonymity protections as Tor Browser, which routes traffic through three hops rather than just one and also protects against attacks like browser fingerprinting.

Critical reception

In March 2018, Max Eddy of PCMag stated that a preview version of Outline VPN was "startlingly easy to use" and "removes privacy concerns associated with VPN companies". However, Eddy criticized the software for not encrypting all traffic on Windows, and warned users that "individual use may lack some anonymity compared [to] large VPN companies".^[9]

Since version 1.2, the Outline Windows client came out of 'Beta', effectively beginning to encrypt all traffic from the device, on par with the Outline clients for macOS, ChromeOS, Android, and iOS.

Related Research Articles

In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and performance in the process.

Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible.

OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.

<span class="mw-page-title-main">LogMeIn Hamachi</span> Virtual private network application

LogMeIn Hamachi is a virtual private network (VPN) application developed and released in 2004 by Alex Pankratov. It is capable of establishing direct links between computers that are behind network address translation (NAT) firewalls without requiring reconfiguration. Like other VPNs, it establishes a connection over the Internet that emulates the connection that would exist if the computers were connected over a local area network (LAN).

An anonymizer or an anonymous proxy is a tool that attempts to make activity on the Internet untraceable. It is a proxy server computer that acts as an intermediary and privacy shield between a client computer and the rest of the Internet. It accesses the Internet on the user's behalf, protecting personal information of the user by hiding the client computer's identifying information such as IP addresses. Anonymous proxy is the opposite of transparent proxy, which sends user information in the connection request header.

GraphOn GO-Global is a multi-user remote access application for Windows. GO-Global is a product of GraphOn Corporation.

Jigsaw LLC is a technology incubator created by Google. It used to operate as an independent subsidiary of Alphabet Inc., but came under Google management in February 2020. Based in New York City, Jigsaw is dedicated to understanding global challenges and applying technological solutions, from "countering extremism", online censorship and cyber-attacks, to protecting access to information. Its current CEO is Yasmin Green.

OpenConnect is a free and open-source cross-platform multi-protocol virtual private network (VPN) client software which implement secure point-to-point connections.

A DNS leak is a security flaw that allows DNS requests to be revealed to ISP DNS servers, despite the use of a VPN service to attempt to conceal them. Although primarily of concern to VPN users, it is also possible to prevent it for proxy and direct internet users.

DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver. By March 2018, Google and the Mozilla Foundation had started testing versions of DNS over HTTPS. In February 2020, Firefox switched to DNS over HTTPS by default for users in the United States.

DNS over TLS (DoT) is a network security protocol for encrypting and wrapping Domain Name System (DNS) queries and answers via the Transport Layer Security (TLS) protocol. The goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data via man-in-the-middle attacks. The well-known port number for DoT is 853.

Proton VPN is a VPN service launched in 2017 and operated by the Swiss company Proton AG, the company behind the email service Proton Mail. According to its official website, Proton VPN and Proton Mail share the same management team, offices, and technical resources, and are operated from Proton's headquarters in Plan-les-Ouates, Switzerland.

HMA is a VPN service founded in 2005 in the United Kingdom. It has been a subsidiary of the Czech cybersecurity company Avast since 2016.

KeepSolid VPN Unlimited is a personal virtual private network software product available for iOS, macOS, Android, Windows, and Linux.

ZeroTier, Inc. is a software company with a freemium business model based in Irvine, California. ZeroTier provides proprietary software, SDKs and commercial products and services to create and manage virtual software-defined networks. The company's flagship end-user product ZeroTier One is a client application that enables devices such as PCs, phones, servers and embedded devices to securely connect to peer-to-peer virtual networks.

1.1.1.1 is a free Domain Name System (DNS) service by the American company Cloudflare in partnership with APNIC. The service functions as a recursive name server, providing domain name resolution for any host on the Internet. The service was announced on April 1, 2018. On November 11, 2018, Cloudflare announced a mobile application of their 1.1.1.1 service for Android and iOS. On September 25, 2019, Cloudflare released WARP, an upgraded version of their original 1.1.1.1 mobile application.

NordLocker is a file encryption software integrated with end-to-end encrypted cloud storage. It is available on Windows and macOS. NordLocker is developed by Nord Security, a company behind the NordVPN virtual private network, and is based in the UK and the Netherlands.

A virtual private network (VPN) service provides a proxy server to help users bypass Internet censorship such as geoblocking and users who want to protect their communications against data profiling or MitM attacks on hostile networks.

NordLayer, formerly known as NordVPN Teams, is a network access security service with applications for Microsoft Windows, macOS, Linux, Android and iOS. The software is marketed as a privacy and security tool running on zero trust architecture providing protection on hybrid and multi-cloud cloud environments.

References

↑ Greenberg, Andy (2018-03-20). "Alphabet's 'Outline' Software Lets Anyone Run a Homebrew VPN". Wired. Retrieved 2018-09-11.
↑ Dillet, Romain (2018-03-22). "Alphabet's Outline lets you build your own VPN". TechCrunch. Retrieved 2018-09-11.
↑ Ghoshal, Abhimanyu (2018-03-21). "Alphabet's Outline lets you run your own self-hosted VPN for free". The Next Web. Retrieved 2018-07-02.
↑ "Jigsaw". GitHub. Retrieved 2018-06-29.
↑ Tung, Liam. "Google parent's free DIY VPN: Alphabet's Outline keeps out web snoops | ZDNet". ZDNet. Retrieved 2018-07-02.
↑ "Outline Server source code". github.com. Retrieved 2018-09-11.
↑ "Outline VPN - Making it safer to break the news". getoutline.org. Archived from the original on 2018-10-03. Retrieved 2018-06-29.
↑ "Penetration Test Report for Jigsaw LLC" (PDF). Radically Open Security B.V. 2018-03-11. Retrieved 2018-09-11.
↑ Eddy, Max (2018-03-27). "Alphabet Outline VPN". PCMag. Retrieved 2018-09-11.

External links

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Greenberg, Andy (2018-03-20). "Alphabet's 'Outline' Software Lets Anyone Run a Homebrew VPN". Wired. Retrieved 2018-09-11.

[2] Dillet, Romain (2018-03-22). "Alphabet's Outline lets you build your own VPN". TechCrunch. Retrieved 2018-09-11.

[3] Ghoshal, Abhimanyu (2018-03-21). "Alphabet's Outline lets you run your own self-hosted VPN for free". The Next Web. Retrieved 2018-07-02.

[4] "Jigsaw". GitHub. Retrieved 2018-06-29.

[5] Tung, Liam. "Google parent's free DIY VPN: Alphabet's Outline keeps out web snoops | ZDNet". ZDNet. Retrieved 2018-07-02.

[6] "Outline Server source code". github.com. Retrieved 2018-09-11.

[7] "Outline VPN - Making it safer to break the news". getoutline.org. Archived from the original on 2018-10-03. Retrieved 2018-06-29.

[8] "Penetration Test Report for Jigsaw LLC" (PDF). Radically Open Security B.V. 2018-03-11. Retrieved 2018-09-11.

[9] Eddy, Max (2018-03-27). "Alphabet Outline VPN". PCMag. Retrieved 2018-09-11.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]