This post is part of a series outlining the many reasons why I started Bubble. Read part 1 (VPN Vendors are Shady) here.
I wanted a VPN that could do more than relay encrypted packets — I wanted to actively block and modify my own traffic
I spent most of 2019 working at Netskope, a network security company. Netskope is an amazing company, with awesome people and leading-edge tech. Their customers are the biggest-of-the-big, Fortune 500 companies and their international peers. They use Netskope to enforce corporate data security across their network. Netskope is a new kind of security system that is “API aware”, meaning that Netskope doesn’t just look at URLs and decide “block or allow”, they actually understand what’s going on, like “This is a download from Google Drive”, or “This is a post to Twitter”, and so on.
This allows Netskope to enforce some very sophisticated, cloud-aware security policies on behalf of their customers. A crucial part of the “magic” that makes this possible is something called SSL Interception (SSLI), which allows Netskope to peek inside what would otherwise be encrypted connections and perform deep inspection on these streams and their payloads.
SSLI is not for the faint of heart: it’s tantamount to breaking end-to-end encryption and performing a “man in the middle attack” (MITM), a technique normally associated with criminals and national spy agencies. But in this case, the corporate customer is paying Netskope to perform automated MITM attacks towards the end goal of enforcing the company’s data security policy.
Light Bulb! I wondered what was possible with this technique, if used by regular people to enforce personal data security, instead of for megacorps to enforce corporate data security. You could block ads and trackers. You could enhance web sites with new features. You could spy on sneaky apps that try to transmit data behind your back, and see what they’re doing. And then block them. And so much more.
BUT, the only way a system like this could be trusted is if people were really and truly only spying on themselves. If this service were offered by a vendor, it would be crucially important that the vendor had no visibility into the traffic. Otherwise, you’d run into the same problems that plague all the other VPN companies today. This is one of the ways that Bubble is truly unique – we are the only VPN service that, by design, has no visibility into the traffic between your devices and your VPN.
Thinking into the future, such a platform could be extensible: each bundle of functionality (for Bubble, these are ShadowBan, BlockParty, Snitcher, etc.) could be packaged as a “VPN app”. Developers could create new VPN Apps that did new, cool things. People could choose which VPN apps they want to run. It would be an open ecosystem, creating value for regular people without spying on them – and instead allowing them to spy on (and block or change) their own traffic.
And so Bubble was born. Up until today, this kind of technology has only been available to large corporations with deep pockets. Such systems are typically very expensive and take months to set up. With Bubble, this level of power is now available to everyone. It’s affordable and you can be up and running in minutes.
Intrigued? Ready to try Bubble? Sign up today!
