This post is part of a series outlining the many reasons why I started Bubble. Previous installments: Part 1 (VPN Vendors Are Shady). Part 2 (Personal Data Security). Part 3 (Facebook FOMO).

I wanted to enjoy online discussions again

I’m on social media and I’m a regular reader of several news blogs. I often read the comments, and occasionally participate in the conversation.

Sometimes messages are needlessly inflammatory, offensive, polemical, or otherwise not useful to me. I find these posts distracting, annoying, and ultimately “noise” that my brain has to filter out.

It’s unfortunate, because on most sites there are genuinely thoughtful comments that I want to read, but they’re mixed in with so much trash that my reading experience becomes unbearable (Reason.com, I’m looking at you). So I end up either missing out on posts I’d enjoy reading by skipping the comments entirely, or wasting mental energy filtering out the crap that scrolls by, trying not to miss the good stuff.

Many of these sites do not have any “block user” feature at all. Even when they do, it’s often possible for the person you’ve blocked to know they’ve been blocked, when you’d prefer to have more discretion.

I wanted a one-click block user function. Whether the site has that feature or not. Click the block button and posts from that user disappear; never see posts from that user again. The blocked user would have no way to know they’d been blocked, and the site would have no way to know who you were blocking.

In part 3 of this series, I explained how ShadowBan makes this possible on Facebook. Even better, it allows keyword-based blocks and much more. So I extended ShadowBan to support other social media and news/discussion websites.

Today, ShadowBan works on Facebook, Twitter, LinkedIn, Instagram, Reddit, and a handful of blogs with discussion forums: HackerNews, MarginalRevolution, and Reason. It’s fairly easy to write plugins for new sites, so we plan to continue expanding ShadowBan over time to cover more of the sites that our users enjoy.

Are you ready to throw the trash to the curb? Want to enjoy more signal and less noise? Try Bubble!

This post is part of a series outlining the many reasons why I started Bubble. Previous installments: Part 1 (VPN Vendors Are Shady). Part 2 (Personal Data Security).

I wanted to get back on Facebook (don’t hate me)

I had been off of Facebook for many years. The constant stream of privacy violations and Facebook’s inadvertent positioning as a surveillance company really put me off. Coming to the realization that Facebook’s actual customers are advertisers and its users are the product really crystallized my decision to leave. I kept my account open, just never used it again.

Then something happened in 2018. After living in the San Francisco Bay Area for the better part of two decades, I moved to Charlotte, North Carolina. So I have many friends who live a couple thousand miles away. I try to keep in touch – I talk by phone (so old-school, I know!) with many of them every so often.

One day I was talking with one of my friends who was expecting a baby. I asked him how he and his wife were doing, and when the baby was due. He said, “We had the baby! You didn’t see? We put the pictures on Facebook.” It was a face-palm moment for me. I couldn’t be upset that he didn’t call me personally – we’re close but we’re not family, and Facebook (even with all its flaws) is a very efficient way to communicate this kind of news to everyone you know. Except I wasn’t using Facebook, so I missed out.

I thought to myself: what would it take for me to use Facebook again? I’d need assurances that Facebook couldn’t track every little thing I did on Facebook. I’d need assurances that my off-Facebook activity couldn’t be tracked by Facebook, regardless of my “privacy settings”. And then there was the signal-to-noise problem. I’d want to have some ability to filter my feed myself, independent of any tools provided by Facebook (my filtering preferences just represent more personal information for them to sell).

So I created Bubble, which includes the BlockParty and ShadowBan apps, to accomplish this.

With BlockParty, all network requests to Facebook are blocked, unless you’re on the Facebook website. This includes the millions of “Like” buttons and other hidden Facebook trackers that litter the internet, are embedded in mobile apps, and so on. Even when you’re on the Facebook site, ads and behavior trackers (sent every few seconds!) are blocked. All off-site links are scrubbed of tracking information, so you can safely click on shared articles without being redirected through data brokers.

With ShadowBan, I can block individual users, or block posts by keyword, and more. ShadowBan filters the posts out for me, so Facebook never knows what I am blocking. ShadowBan also displays a “signal/noise” number to help me understand just how much of my feed is useful. It regularly hovers around 50%. This means half my feed is ads and stuff I’d rather not see. I smile every time I think about the time and stress I have saved myself by avoiding crap that I don’t want to see.

It’s not perfect. Facebook still knows about every Like and Comment that I make. They know about every link I click on Facebook that stays on Facebook – viewing friend’s pages, community pages, events and the like. But it’s such a major improvement that I now feel comfortable coming back.

And so I’m back on Facebook! My feed is clean and my personal information is (largely) protected. And I’m already reaping the benefits — just last week I found out an old high school friend had also moved to the Charlotte area, and he lives just a few miles away from me! We’re going to grab lunch and catch up after so many years apart. Thanks Facebook!

Are you ready to get back on Facebook and feel safe about it? Try Bubble!

UPDATE: since I wrote this post, my friend and I had lunch, it was great to see him and catch up! So nice to find a new old friend living nearby!

a happy reunion

This post is part of a series outlining the many reasons why I started Bubble. Read part 1 (VPN Vendors are Shady) here.

I wanted a VPN that could do more than relay encrypted packets — I wanted to actively block and modify my own traffic

I spent most of 2019 working at Netskope, a network security company. Netskope is an amazing company, with awesome people and leading-edge tech. Their customers are the biggest-of-the-big, Fortune 500 companies and their international peers. They use Netskope to enforce corporate data security across their network. Netskope is a new kind of security system that is “API aware”, meaning that Netskope doesn’t just look at URLs and decide “block or allow”, they actually understand what’s going on, like “This is a download from Google Drive”, or “This is a post to Twitter”, and so on.

This allows Netskope to enforce some very sophisticated, cloud-aware security policies on behalf of their customers. A crucial part of the “magic” that makes this possible is something called SSL Interception (SSLI), which allows Netskope to peek inside what would otherwise be encrypted connections and perform deep inspection on these streams and their payloads.

SSLI is not for the faint of heart: it’s tantamount to breaking end-to-end encryption and performing a “man in the middle attack” (MITM), a technique normally associated with criminals and national spy agencies. But in this case, the corporate customer is paying Netskope to perform automated MITM attacks towards the end goal of enforcing the company’s data security policy.

Light Bulb! I wondered what was possible with this technique, if used by regular people to enforce personal data security, instead of for megacorps to enforce corporate data security. You could block ads and trackers. You could enhance web sites with new features. You could spy on sneaky apps that try to transmit data behind your back, and see what they’re doing. And then block them. And so much more.

BUT, the only way a system like this could be trusted is if people were really and truly only spying on themselves. If this service were offered by a vendor, it would be crucially important that the vendor had no visibility into the traffic. Otherwise, you’d run into the same problems that plague all the other VPN companies today. This is one of the ways that Bubble is truly unique – we are the only VPN service that, by design, has no visibility into the traffic between your devices and your VPN.

Thinking into the future, such a platform could be extensible: each bundle of functionality (for Bubble, these are ShadowBan, BlockParty, Snitcher, etc.) could be packaged as a “VPN app”. Developers could create new VPN Apps that did new, cool things. People could choose which VPN apps they want to run. It would be an open ecosystem, creating value for regular people without spying on them – and instead allowing them to spy on (and block or change) their own traffic.

And so Bubble was born. Up until today, this kind of technology has only been available to large corporations with deep pockets. Such systems are typically very expensive and take months to set up. With Bubble, this level of power is now available to everyone. It’s affordable and you can be up and running in minutes.

Intrigued? Ready to try Bubble? Sign up today!

I’m going to assume you know a bit about what Bubble is all about and what makes Bubble different from everything else out there. If not, you’ll probably enjoy learning about it.

In this blog series, I’m going to talk about the reasons that I started Bubble. There are many reasons, so I’ll go through them one at a time, in no particular order. Without further adieu –

I wanted to run a VPN and I didn’t trust any of the vendors

I decided it was time for me to use a VPN. As someone who dearly values their online privacy, I had been using the internet “in the clear” for far too long.

Trust Issues

After doing some research, I discovered that the VPN industry has some serious trust issues. While promising increased privacy, many of them actively violate your privacy. Others just get hacked, being the large attractive targets to criminals that they are.

So I decided I would run my own VPN. This is no small task, and requires a fair bit of technical expertise. But I was up to the task. In evaluating technology choices, my goals were to find a solution that was 100% open source, easy to use, and supported all of my devices (iOS, Android, Mac OS X, and Windows).

Open Source VPN

My technology evaluation led me to WireGuard, hands-down the best open source VPN software available today. It is 100% open source and supports all my devices, but it’s not exactly easy to use. WireGuard has a lot of knobs and dials, and I wanted to make sure they were all tuned to optimum settings. Fortunately, there are a number of open source tools available to setup and configure WireGuard for you, ensuring that the security settings are all properly tightened down. I decided to use AlgoVPN, which is one of the most popular and well-supported ways to set up and manage a WireGuard VPN.

After a bit of work, it was all set up, and I was enjoying my new VPN. But some things were tediously technical. For example, adding and removing devices was a pain: I had to login to the server, edit a file, and manually run a reconfiguration script. I decided to automate the tedious stuff and created a simple web application to manage my VPN and devices. This system was essentially the first nascent “bubble” in existence.

Sharing is Caring

Having done all of this myself, I wanted to make it easy for non-technical people to replicate what I had done. It had to be super easy to use: no technical jargon, no command-line steps, all web-based with a clean and responsive UI. This user-friendly, user-focused approach has been Bubble’s vision from the very beginning.

More than a VPN

We have built Bubble into so much more than just a VPN. While we have made great strides with our solution, we have just scratched the surface of what is possible with this powerful platform. But don’t take my word for it – request an invite and experience Bubble for yourself!