back to article Mozilla unveils $4.99/month subscription-based VPN, says it won't hang onto user logs

Those wondering how Mozilla plans to plug the holes in its finances were given a clue today in the form of a subscription-based Virtual Private Network (VPN) bearing the company's stamp. For a mere $4.99 a month, and with no long-term contract needed, Mozilla's WireGuard-based VPN service has emerged from beta testing and is …

  1. Pen-y-gors

    Coverage?

    HMA (Hide My Ass) VPN has 1000+ servers in 190+ countries.

    PureVPN has 2000 servers in 140+ countries.

    I use PureVPN for various things, including getting a fixed IP (small extra charge). Their 5-year plan works out at 99c/month! Connecting can be a bit slow at times, though.

  2. Anonymous Coward
    Black Helicopters

    Bad timing, sigh

    I'd like to support Mozila, but I finally gave in and got ProtonVPN (not that I actually have anything to hide, I'm just making myself feel a bit better) about 2 months ago. So, two months too late, really.

    1. Lon24

      Re: Bad timing, sigh

      You can get a VPS for $2-3 pm, bung on OpenVPN and you are in control. Oh and use it for other stuff too if you don't need to proxy thru random countries.

      1. MatthewSt

        Re: Bad timing, sigh

        That's all well and good but then all of your traffic can still be tracked and tied back to you with a public IP address. Using a shared VPN service means that your traffic gets combined with others.

        (not to mention that if you're doing it to save money, your argument only makes sense if the amount of time you will spend configuring OpenVPN is worth less to you than $2/month)

        1. hayzoos

          Re: Bad timing, sigh

          VPN protocols are not designed to anonymize traffic, never have been. They are designed to prevent snooping on traffic between the VPN endpoints through use of encryption. The early use cases for VPN was to allow extending a private network from one location to another over a public network.

          Later, VPN came closer to the user in remote client uses for enterprise employees traveling or working from home to provide a means of connecting enterprise client laptops and desktops to the enterprise network over public networks such as airport wifi, hotel networks, customer/partner networks, or newly emerging home broadband.

          In neither of those types of use did the VPN gateway exist outside of the private enterprise/company network. Traffic anonymization was not a consideration, in fact a detriment to the organization.

          Consumer oriented VPN placed VPN hosts in the public networks much like public proxy hosts did earlier. They took on the ability of traffic anonymization which public proxies provided with the added benefit of an encrypted connection from the client to the host. From the VPN host to the end destination encryption was dependent on the destination (i.e HTTPS vs. HTTP).

          Since the underlying VPN protocols were not designed for anonymization, it should not be attributed to VPN. It can be attributed to public proxies. Consumer VPN should be considered client side encrypted public proxies. Anonymization is no better than a public proxy. We now have the oxymoronic virtual private network (VPN) connection to a public proxy. Such anonymization can be defeated with varying degrees of success depending on the proxy implementation at both the host and client ends. More de-anonymization success occurs at the client end due to lack of skilled system administration managing the majority of consumer client machines.

          I utilize a VPS where I have installed Wireguard as a VPN host. I have both a IPV4 and IPV6 dedicated addresses at no additional cost, about the same cost as Mozilla's offering. I would go IPV6 only but things broke when I tried it. I'll need more time to troubleshoot.

          Even this setup can "leak" identifying information from the client. The biggest issue is name resolution. Client software has trended towards performing it's own network level services rather than allowing the system to do it. I have had to take extra measures to ensure all client software traffic is directed to the VPN interface.

          I had used a consumer VPN service before. I am finding that in the name of security, sites are blocking visitors coming from public proxy and VPN services and in lesser numbers, public cloud by their IP addresses. I have considered filing complaints with regulatory agencies from the basis that these sites are forcing visitors to abandon a security measure protecting the very information the site is supposed to be protecting.

      2. doublelayer Silver badge

        Re: Bad timing, sigh

        You can, and I have, but that only works for some of the use cases of VPNs. In my experience, people want VPNs for one or more of the following reasons:

        1. To provide a secured tunnel to a known endpoint.

        2. To access other machines without having them be openly available on the internet.

        3. To have anonymized traffic that's difficult to track.

        A VPS handles use case 1 easily. It can handle use case 2 with some work (for example, I have mine set up so I can VPN into it, then follow a previously-established tunnel to a device which is on another network). It does not handle use case 3 unless you allow others to use your VPN as well so you can hide among them. That's usually not a good idea because you will use up a bunch of bandwidth and may be responsible if someone uses yours for illegal actions.

      3. jgarbo

        Re: Bad timing, sigh

        How much better is it than say, Opera's built-in VPN & WebRtc blocker, which hides your IP, or Brave's built-in Tor-mode private browsing?

  3. fuzzie

    Endpoint stickiness

    What would be of even greater utility would be if one could associate a specific VPN or VPN configuration with a container and/or web site and/or tabs.

    I could then become even more elusive by funnelling, say, the facebook container's traffic through outer east Nowhere-land.

    1. iron Silver badge
      Thumb Up

      Re: Endpoint stickiness

      Great idea. I find FF containers invaluable for separating work and personal accounts on the same service, enabling me to login to both simultaneously. Being able to set a specific VPN config for a container would be really useful.

  4. This post has been deleted by its author

  5. chivo243 Silver badge

    Advertised VPNs?

    Are you serious? Naw, no, we don't share no data, no way, no how.

    Months later, Ah, well um, I guess our marketing department promised something, something... shared something, contractually bound... it is all quite legal, we have it on paper!

    1. lmorchard

      Re: Advertised VPNs?

      When has Mozilla done that, historically speaking?

      1. chivo243 Silver badge

        Re: Advertised VPNs?

        History is being written now. I use Firefox daily, and has Mozilla done anything really bad in the past? Nothing I can remember. However, I feel VPNs have been glamorized and therefore profitable, and for the meager price of 4.99 Quatloos, there must be a catch.

        I was in sales when steak knives were where the money was... I smell a flaming shit bag at the front door.

        1. lmorchard

          Re: Advertised VPNs?

          The entire reason that Mozilla is doing a VPN is a) for money to support the mission and b) because money can be made in privacy. It's not a forgiving market, so it's a fraught product. But, Mozilla has an actual mission and is not-for-profit. If there was a catch, Mozilla would be making a lot more money in general

      2. NATTtrash

        Re: Advertised VPNs?

        When has Mozilla done that, historically speaking?

        Don't get me wrong, I use them too, but there was the Cliqz thing for example...

        https://www.theregister.com/2017/10/09/mozilla_tests_cliqz_in_germany/

        1. lmorchard

          Re: Advertised VPNs?

          That wasn't willy-nilly data sharing. That was a constrained experiment with a partner that had a beginning and an end. Hell, I think Mozilla *paid* Cliqz for that. The data wasn't sold *to* Cliqz

  6. jelabarre59

    TBird

    But what ever happened to the plans to boost Thunderbird's budget? I recall some idea tossed around for them to host email services (and it would be worthwhile to go with them for the service if it ensures the Thunderbird email client stays around). Right at this point I'm actually more worried about them than Firefox.

    1. KorndogDev

      Re: TBird

      My TB has been working fine for the last decade, what's wrong with yours?

      1. Pen-y-gors

        Re: TBird

        I believe antibiotics are available now that can cure TB. No need to suffer for years...

      2. jelabarre59

        Re: TBird

        My TB has been working fine for the last decade, what's wrong with yours?

        For starters, I have to shut the client down at LEAST once per day, otherwise it will drag itself AND the entire system down to a standstill (and this is even on Linux; I would normally expect that behavior only on MSWindows).

        But I've thought selling an email service would be a nice way for them to gain regular financing, as the Mozilla project was too busy on various dead-end projects to continue supporting Thunderbird.

    2. Updraft102

      Re: TBird

      Didn't Mozilla cut Thunderbird loose years ago? I didn't think they had any funding at all from Mozilla anymore.

  7. John_3_16
    Alert

    Always a fox in the hen house...

    Moz is a bit late to the game @ $4.99 a month even with "no contract". What I don't trust is the USA government forcing them to do exactly what they say they won't do. There is not an ISP located in the USA that does not provide a backdoor for the government. Nor is there a communications company that does not have the same spyware for the government.

    Pay the $60.00 a year if you wish to support Firefox. Not because you are getting a better product that will protect your privacy. There are better services available outside our borders at a cheaper price with larger coverage & makes the same promises. All involve a level of blind trust. I would not want T-rump babysitting my kids! Would you? Just say'n... Stay safe...

    1. jelabarre59

      Re: Always a fox in the hen house...

      I would not want T-rump babysitting my kids!

      Would certainly be far better than the shit-show we'd get with Senile Joe, and whatever puppet masters will have their hands up his ass making his mouth move.

  8. Chronos
    Meh

    Meh.

    Mullvad: Raspberry Pi 3B, PiHole and WireGuard in the kernel. Full wire speed minus the usual overheads through Mullvad. Same price, 5 devices, Linux, Windows, Android, MacOS/iOS and OpenWRT configurations/apps supported, totally privacy focussed.

    I like Mozilla, I really do, but they're going to have to be a lot more transparent with the likes of, e.g. Safebrowsing before I'd trust them with a VPN solution.

  9. X5-332960073452
    Thumb Down

    $5 per month, nope, $1 maybe

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like