OK, so Orchid <https://www.orchid.com> just launched. It's an open-source P2P VPN network, where users pay providers with OXT, an Etherium currency. In theory, as I understand it, Etherium currencies are ~anonymous by design, even though there's a public blockchain. And with Orchid, I gather that users can ~easily setup multi-hop VPN chains. However, in it's current form at least, it's only available to Android users. And the app is apparently only available from the Google Play Store. So I acquired a Gmail address, and created an Android-x86 9.0 x64 VM. And Google loved me enough to update, and install the Orchid app. But the Orchid app wouldn't run. Maybe it doesn't like VMs, or perhaps the virtual WiFi interface. But even Google was OK enough with all that. Although it did flag the device as iffy. Maybe because it couldn't geo-locate it. So that's what I don't get about Orchid's threat model. It's apparently available only on Android. And only from Google. So arguably Google knows everyone who installs it. Plus their IP addresses, and likely where they are at GPS-level accuracy. Plus whatever's linked from their Gmail account. And worse, no matter what multi-hop VPN someone is using, and no matter how anonymously they've paid for it, Google and other location-aware apps might know exactly where they are. Sure, they could try to restrict access to location data. But I doubt that users can ever reliably block Google access to that. And Google doesn't even need GPS. It can triangulate based on reachable WiFi networks, and achieve near-GPS accuracy. So what good is a VPN, on a device where Google always knows where you are? I gather that Orchid may ~soon be available for iOS users. That would at least force users to trust Apple. Which may be a better bet than trusting Google. But I'm a lot happier trusting Debian and Linux developers. P.S. - Android-x86 9.0 x64 is indeed a great improvement, by the way.
But somebody may be fine about Google knowing location of device, because all person want to do is anonymously use web browser or other application. Provided you trust application that it don't send location data (i.e. well known open-source apps or just permission to location data), but this app makes some connections to the Internet, it may be enough to anonymize IP address. Application may send some unique ID, but this ID may not be known for Google, so there is a chain of places to gather data from to de-anonymize person. I am not an advanced user of Android, but I heard there are ways to spoof Android phone’s location, although there are ways such as SafetyNet API for applications to check whether information provided by OS is trusted.
Sure. Most VPN services have Android clients. But Orchid is claiming much more privacy than VPN services provide. And yet they're running on devices that are entirely pwned by Google.
I don't doubt that's true. But I'm talking mainly about the people who developed Orchid. And one would hope that they're not oblivious. It seems pretty clear to me that their privacy claims are overstated. Because any app that accesses location data knows where users are, quite accurately, regardless how solid the VPN stuff is. And that's just too bloody fragile. Even if you accept that it's OK for Google to always know where you are. In my nested VPN setup, it'd take a VM-to-host breakout for an app in this VM to know its physical location. And that's arguably a lot less likely.
@mirimir you are right. It would make more sense if this stuff could be run from pure Linux phone that has nothing to do with Google android https://puri.sm/products/librem-5/ Even semi-open Blackphone 2 would be better option https://www.silentcircle.com/products-and-solutions/blackphone2/ Even thought Google's engineers have helped alot with increasing the security of Net (encouraging encrypted e-mail use, DNS-over-Https, and others...thanks for that) it's still a fact that Google's main business is not privacy... That's why I would trust those two above companies more than Google (I try to have as much stuff as possible disabled from my Android phone, max app restrictions and only enable location and mobile data when I really need them)