The security gap between our expectations and harsh digital reality is deepening as AI-powered tools allow Internet Service Providers (ISPs), authorities and even data brokers to track our online activities despite to be encrypted. That's why one of the best VPN services on the market, Mullvad VPN, has just launched a new feature to prevent AI-powered spying.
The vendor says its Defense Against AI-Guided Traffic Analysis (DAITA) is “the first step” in the battle against sophisticated traffic analysis. Completely built on an open source framework, DAITA beta is now available in Mullvad Windows VPN apps on Windows 10 and 11.
Online surveillance meets AI
Whether you're using a secure VPN, the Tor network, or any other privacy-focused web browser, encryption alone cannot protect you from increasingly invasive surveillance practices. This is because every time you access a website, an invisible exchange of data packets occurs in the background between your device and the site you are visiting.
When you use a VPN, this traffic is encrypted, meaning a third party cannot record the information shared between you and your destination. However, your ISP can still see that some packets are being sent, their size, and how often this exchange occurs.
“Even if the data is encrypted using a VPN and all the packets of information leaving your computers are unreadable, at the very least you will leak the fact that your computer is on and communicating,” Jan Jonsson, CEO of Mullvad VPN , told me. “An analysis of [what’s known as] Metadata can reveal a lot. especially if it is collected massively throughout the planet.”
Vice already revealed in 2023 how the FBI has been using a tool to access users' netflow data to fight crime. According to Jonsson, this type of surveillance is increasing due to artificial intelligence tools that can allow your ISP or any other snooper, such as a data broker or law enforcement officer, to trace these traffic patterns back to specific websites and users. . Pattern recognition is, in fact, the strong point of AI. All of this ultimately makes VPN users vulnerable to online surveillance as well.
“We do not need to speculate on the extent to which traffic analysis is used today. We simply look at the development of AI and the development of authoritarian societies. We also do not need to speculate on what role traffic analysis will play in the future. “Jonsson stated. “What we need to do is recognize the threats and opportunities and work on resilience.”
How Mullvad DAITA fights AI tracking
Mullvad partnered with Karlstad University's Computer Science department to develop a proactive AI-powered traffic analysis solution. That's when DAITA was born.
At a simple level, Mullvad's goal is to confuse observers by modifying the appearance of these data packets. As Jonsson said, “to make analyzing encrypted traffic and correlating it with website traffic is very difficult.”
DAITA does this, for example, by making all packets sent over the VPN the same constant size. It also adds some random traffic to make it harder for third parties to distinguish between meaningful activity and background noise. It then modifies the traffic pattern by unpredictably sending coverage traffic in both directions between the client and the VPN server.
Mullvad introduces Defense Against AI-Guided Traffic Analysis (DAITA) https://t.co/bfOVYCT0ziMay 7, 2024
DAITA is built entirely using an open source defense network called Maybenot, an academic work partially funded by Mullvad. According to Tobias Pulls, a researcher at Karlstad University who participated in the project, Putting traffic analytics defenses into practice has been a long-standing need, considering how “the area is changing due to the rapid development of AI.”
While Mullvad's DAITA is a unique security feature in the VPN market, another provider recently developed an innovative solution to protect its users against these sophisticated surveillance practices.
NymVPN employs a tool called Mixnet to reroute data packets through five different VPN servers while shuffling them like a deck of cards along the way. This process, the provider claims, ensures that traffic data comes out completely randomly, hampering the ability of authorities, hackers and any other snoops to identify who is sending which packet.
What we must do is recognize the threats and opportunities and work on resistance.
Jan Jonsson, CEO of Mullvad VPN
“I assume there are many ways to route traffic between different streams to vary latency and make tracking difficult. However, DAITA focuses on an attacker who can see ALL traffic on the network and use AI to analyze it all. Mixnet typically does not protects against this,” Jonsson told me, adding that although other security software offers similar solutions, DAITA is the only open source tool developed by university researchers specializing in this topic.
To use DAITA, go to your app's Settings and click on VPN Settings. You must activate the DAITA option in the WireGuard configuration tab.
The initial version of DAITA is currently available only on Windows 10 and 11, with the plan to expand the functionality to all operating systems. Not in the Mullvad browser, however, as “it only protects browser traffic and would not be sufficient protection,” explains Jonsson, adding that the team is looking to continue refining and developing the feature based on feedback to ensure that privacy remains intact. the priority.
He said: “We have funded this research for years, and there will be more research and more releases as we learn more. And we will also adapt to new threats.”
We test and review VPN services in the context of legal recreational uses. For example:
1. Access a service from another country (subject to the terms and conditions of that service).
2. Protecting your online security and strengthening your online privacy when abroad.
We do not support or tolerate illegal or malicious use of VPN services. Future Publishing does not endorse or approve the consumption of paid pirated content.
