Outline VPN

Outline VPN
Developer(s)	Jigsaw
Written in	TypeScript, Go, Java, Swift, Objective C, C++, C#
Operating system	Windows ; macOS ; Linux ; ChromeOS ; Android ; iOS ;
Available in	English
License	Apache License 2.0
Website	Official website

Last updated December 30, 2024

Outline VPN is a free and open-source tool that deploys Shadowsocks servers on multiple cloud service providers.^[1]^[2] The software suite also includes client software for multiple platforms. Outline was developed by Jigsaw, a technology incubator created by Google.^[3]

The Outline Server supports self-hosting, as well as cloud service providers including DigitalOcean, Rackspace, Google Cloud Platform, and Amazon EC2.^[3] Installation involves running a command on its command-line interface, or in the case of installing on DigitalOcean or Google Cloud, its graphical user interface.

Components

Outline has three main components:^[4]

The Outline Server acts as a proxy and relays connections between the client and the sites they want to access. It is based on Shadowsocks, and offers a REST API for management of the server by the Outline Manager application.
The Outline Manager is a graphical application used to deploy and manage access to Outline Servers. It supports Windows, macOS and Linux.
The Outline Client connects to the internet via the Outline Server. It supports Windows, macOS, Linux, ChromeOS, Android, and iOS.

Security and privacy

Outline uses the Shadowsocks protocol for communication between the client and server. Traffic is encrypted with the IETF ChaCha20 stream cipher (256-bit key)^[5] and authenticated with the IETF Poly1305 authenticator.^[6]

Outline is free and open-source, licensed under the Apache License 2.0, and was audited by Radically Open Security and claims^[7]^[8] not to log users' web traffic. The Outline Server supports unattended upgrades.

Outline is not a true VPN solution but rather a Shadowsocks-based proxy. The two technologies are similar in the way they can be used to redirect network traffic and make it appear as originating from another device (the server), and hide the traffic's final destination from observers and filters until it reaches the proxy server. However, a VPN has additional capabilities, such as encapsulating traffic within a virtual tunnel, and allowing connected devices to "see" each other (as if they were connected to a LAN).

Outline is not an anonymity tool, and it does not provide the same degree of anonymity protections as Tor Browser, which routes traffic through three hops rather than just one and also protects against attacks like browser fingerprinting.

Critical reception

In March 2018, Max Eddy of PCMag stated that a preview version of Outline VPN was "startlingly easy to use" and "removes privacy concerns associated with VPN companies". However, Eddy criticized the software for not encrypting all traffic on Windows, and warned users that "individual use may lack some anonymity compared [to] large VPN companies".^[9]

Since version 1.2, the Outline Windows client came out of 'Beta', effectively beginning to encrypt all traffic from the device, on par with the Outline clients for macOS, ChromeOS, Android, and iOS.

Related Research Articles

In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and possibly performance in the process.

Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network, such as the Internet. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible.

Extensible Messaging and Presence Protocol is an open communication protocol designed for instant messaging (IM), presence information, and contact list maintenance. Based on XML, it enables the near-real-time exchange of structured data between two or more network entities. Designed to be extensible, the protocol offers a multitude of applications beyond traditional IM in the broader realm of message-oriented middleware, including signalling for VoIP, video, file transfer, gaming and other uses.

SOCKS is an Internet protocol that exchanges network packets between a client and server through a proxy server. SOCKS5 optionally provides authentication so only authorized users may access a server. Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded. A SOCKS server accepts incoming client connection on TCP port 1080, as defined in RFC 1928.

IEEE 802.1X is an IEEE Standard for port-based network access control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.

<span class="mw-page-title-main">LogMeIn Hamachi</span> Virtual private network application

LogMeIn Hamachi is a virtual private network (VPN) application developed and released in 2004 by Alex Pankratov. It is capable of establishing direct links between computers that are behind network address translation (NAT) firewalls without requiring reconfiguration. Like other layer 2 VPNs, it establishes a connection over the Internet that emulates the connection that would exist if the computers were connected over a local area network (LAN).

This page is a comparison of notable remote desktop software available for various platforms.

An anonymizer or an anonymous proxy is a tool that attempts to make activity on the Internet untraceable. It is a proxy server computer that acts as an intermediary and privacy shield between a client computer and the rest of the Internet. It accesses the Internet on the user's behalf, protecting personal information of the user by hiding the client computer's identifying information such as IP addresses. Anonymous proxy is the opposite of transparent proxy, which sends user information in the connection request header. Commercial anonymous proxies are usually sold as VPN services.

GraphOn GO-Global is a multi-user remote access application for Windows. GO-Global is a product of GraphOn Corporation.

In computing, SPICE is a remote-display system built for virtual environments which allows users to view a computing "desktop" environment – not only on its computer-server machine, but also from anywhere on the Internet – using a wide variety of machine architectures.

OpenConnect is a free and open-source cross-platform multi-protocol virtual private network (VPN) client software which implement secure point-to-point connections.

A DNS leak is a security flaw that allows DNS requests to be revealed to ISP DNS servers, despite the use of a VPN service to attempt to conceal them. Although primarily of concern to VPN users, it is also possible to prevent it for proxy and direct internet users.

NordVPN is a Lithuanian VPN service with applications for Microsoft Windows, macOS, Linux, Android, iOS, Android TV, and tvOS. Manual setup is available for wireless routers, NAS devices, and other platforms.

DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver. By March 2018, Google and the Mozilla Foundation had started testing versions of DNS over HTTPS. In February 2020, Firefox switched to DNS over HTTPS by default for users in the United States. In May 2020, Chrome switched to DNS over HTTPS by default.

DNS over TLS (DoT) is a network security protocol for encrypting and wrapping Domain Name System (DNS) queries and answers via the Transport Layer Security (TLS) protocol. The goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data via man-in-the-middle attacks. The well-known port number for DoT is 853.

Proton VPN is a VPN service launched in 2017 and operated by the Swiss company Proton AG, the company behind the email service Proton Mail. According to its official website, Proton VPN and Proton Mail share the same management team, offices, and technical resources, and are operated from Proton's headquarters in Plan-les-Ouates, Switzerland. On June 17, 2024 the company announced that it will be transitioning to a non-profit structure under the Proton Foundation.

HMA is a VPN service founded in 2005 in the United Kingdom. It has been a subsidiary of the Czech cybersecurity company Avast since 2016.

NordLocker is a file encryption software integrated with end-to-end encrypted cloud storage. It is available on Windows and macOS. NordLocker is developed by Nord Security, the Lithuania-based company behind the NordVPN virtual private network.

A virtual private network (VPN) service provides a proxy server to help users bypass Internet censorship such as geo-blocking and users who want to protect their communications against data profiling or MitM attacks on hostile networks.

References

↑ Greenberg, Andy (2018-03-20). "Alphabet's 'Outline' Software Lets Anyone Run a Homebrew VPN". Wired. Retrieved 2018-09-11.
↑ Dillet, Romain (2018-03-22). "Alphabet's Outline lets you build your own VPN". TechCrunch. Retrieved 2018-09-11.
↑ Ghoshal, Abhimanyu (2018-03-21). "Alphabet's Outline lets you run your own self-hosted VPN for free". The Next Web. Retrieved 2018-07-02.
↑ "Jigsaw". GitHub. Retrieved 2018-06-29.
↑ Tung, Liam. "Google parent's free DIY VPN: Alphabet's Outline keeps out web snoops". ZDNet. Retrieved 2018-07-02.
↑ "Outline Server source code". github.com. Retrieved 2018-09-11.
↑ "Outline VPN - Making it safer to break the news". getoutline.org. Archived from the original on 2018-10-03. Retrieved 2018-06-29.
↑ "Penetration Test Report for Jigsaw LLC" (PDF). Radically Open Security B.V. 2018-03-11. Retrieved 2018-09-11.
↑ Eddy, Max (2018-03-27). "Alphabet Outline VPN". PCMag. Retrieved 2018-09-11.

External links

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Greenberg, Andy (2018-03-20). "Alphabet's 'Outline' Software Lets Anyone Run a Homebrew VPN". Wired. Retrieved 2018-09-11.

[2] Dillet, Romain (2018-03-22). "Alphabet's Outline lets you build your own VPN". TechCrunch. Retrieved 2018-09-11.

[3] Ghoshal, Abhimanyu (2018-03-21). "Alphabet's Outline lets you run your own self-hosted VPN for free". The Next Web. Retrieved 2018-07-02.

[4] "Jigsaw". GitHub. Retrieved 2018-06-29.

[5] Tung, Liam. "Google parent's free DIY VPN: Alphabet's Outline keeps out web snoops". ZDNet. Retrieved 2018-07-02.

[6] "Outline Server source code". github.com. Retrieved 2018-09-11.

[7] "Outline VPN - Making it safer to break the news". getoutline.org. Archived from the original on 2018-10-03. Retrieved 2018-06-29.

[8] "Penetration Test Report for Jigsaw LLC" (PDF). Radically Open Security B.V. 2018-03-11. Retrieved 2018-09-11.

[9] Eddy, Max (2018-03-27). "Alphabet Outline VPN". PCMag. Retrieved 2018-09-11.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]