Estonia – 3 January, 2023 – XKeyscore, initiated back in the 2010s, and a number of similar U.S. government programs have reached unprecedented heights today, allowing for the compromise of practically any security certificates. This provides control over VPNs, cryptocurrencies, SSL, even TOR, PGP-secured Email, messengers, and more automatically. Any certificate can be compromised in a matter of weeks.
As a result, the interception of user data from all significant VPN providers is carried out in real-time, court decisions – relic of the past. Some providers were takeover or are loyal due to jurisdiction, while others only declare that they do not keep logs and do not collect user information, etc., passing audits that are essentially meaningless—access to private data for monopolies today is practically unlimited.
The rabbit hole is actually deeper than many suspect – the era of digital slavery has arrived.
PROBLEM SOLUTION
The main idea – it is possible to compromise multiple certificates, yet as of today, it remains technically practically impossible to compromise the multitude of certificates that undergo regular re-issuance.
For each client, a unique VPN server and unique security certificate are automatically created. Additionally, at any moment, the user can reset the token: the current session will be destroyed, and a new server with a new security certificate will be created. The operation takes less than a minute.
The concept of a classic client record on the service is absent – access is provided through anonymous VPN Tokens. Each token is 100-character hash codes that grant the right to use the service for a specified period. For complete anonymization, a token exchange functionality is implemented.
An additional level of protection is the transfer of session settings with a one-time certificate generated on the user’s side and a set of functions to detect data tampering during a “man-in-the-middle” attack.
Resetting multiple times under the protection of the previous VPN session plus a new one-time certificate via random internet providers (internet cafes, public Wi-Fi, etc.) allows to create of a top- level security session. It can be used for regular work on the main internet channel. The chain of certificates and sessions is insanely difficult to trace and compromise.
DefioLab is currently conducting public testing of the service, providing access to all interested parties.
More details: www.defiolab.com
DefioLab OÜ
Estonia, Tallinn
Media Contact
Company Name: DefioLab OU
Contact Person: Oleksii Khomich
Email: Send Email
Country: Estonia
Website: https://www.defiolab.com/