This is a delightful talk on VPNs, tradeoffs, levels of paranoia, threat models, I enjoyed the application to everyday security.

You don't have to trust Obscura—you just have to trust that not both Obscura and Mullvad are compromised. Henry sat down with Carl, former Bitcoin Core developer and founder of Obscura VPN, to discuss how it's the first VPN that mathematically can't log your activity, what makes it censorship-resistant against networks like the Great Firewall, and what it really means to build privacy that's more than "a pinky promise."

::: spoiler Summerizer

Obscura VPN: censorship-resistant multi-hop design

What Obscura is for

• Reliable VPN connectivity in restrictive networks; daily-use UX; reduced reliance on any single party.

Base architecture

• Two-hop tunnel: client -> Obscura ingress -> Mullvad WireGuard egress; user traffic exits on Mullvad IP space.
• Ingress uses QUIC/HTTP/3-style traffic shaping so blocking looks like blocking major web services.
• Egress is standard WireGuard, so the last hop stays fast and widely audited.

Why QUIC fronting

• WireGuard handshakes are fingerprintable; DPI can block or throttle them.
• QUIC blends into common web traffic; the Great Firewall cost to block QUIC is high.
• Obscura can fall back to a “compatibility mode” using a plain WireGuard first hop when needed.

MASQUE and iCloud Private Relay relationship

• Apple’s iCloud Private Relay uses a similar two-hop relay idea with a second-party egress; Obscura generalizes the concept for arbitrary traffic.
• MASQUE (CONNECT-UDP / HTTP Datagrams over HTTP/3) provides a standardized way to tunnel UDP inside HTTP/3; Obscura built this stack in Rust/Go.

Trust separation and key handling

• Obscura cannot decrypt user packets after the QUIC layer because payloads are encrypted to Mullvad’s published WireGuard server keys.
• Users can verify the active egress via Mullvad’s connection-check page; correlation is possible only if parties collude.

Privacy stance

• “No logs” comes from architecture: ingress lacks plaintext visibility; egress is Mullvad; both sides are separated by design.

Client and platform support

• Native apps focus on macOS/iOS; WireGuard configs exist for other platforms with the same multi-hop path.
• Split tunneling is hard to do safely; per-URL routing can leak DNS/traffic patterns; work ongoing for safer patterns.

Comparisons

• Tor and decentralized VPNs target stronger anonymity but have exit-node trust and performance limits; Obscura targets everyday throughput with censorship resistance.
• OpenVPN is complex to audit; WireGuard’s smaller surface makes auditing more tractable.

Performance and operations

• Front hop adds overhead but keeps connections stable under loss and censorship; bare-metal performance aimed near line speed.
• Payment options include Lightning; Monero planned; Obscura pays Mullvad for egress capacity.

References

• [00:04] Bitcoin Core — https://bitcoincore.org/
• [00:04] Reproducible Builds — https://reproducible-builds.org/
• [00:05] WireGuard: Next Generation Kernel Network Tunnel — https://doi.org/10.14722/ndss.2017.23160
• [00:06] iCloud Private Relay Overview (Dec 2021) — https://www.apple.com/icloud/docs/iCloud_Private_Relay_Overview_Dec2021.pdf
• [00:06] QUIC: A UDP-Based Multiplexed and Secure Transport (RFC 9000) — https://doi.org/10.17487/RFC9000
• [00:11] iCloud Private Relay security — https://support.apple.com/en-sg/guide/security/secad8ce3233/web
• [00:12] MASQUE Working Group — https://datatracker.ietf.org/wg/masque/about/
• [00:13] HTTP/3 (RFC 9114) — https://doi.org/10.17487/RFC9114
• [00:14] Proxying UDP in HTTP (RFC 9298) — https://doi.org/10.17487/RFC9298
• [00:15] HTTP Datagrams and the Capsule Protocol (RFC 9297) — https://doi.org/10.17487/RFC9297
• [00:20] Mullvad Servers — https://mullvad.net/en/servers
• [00:25] Collateral freedom — https://en.wikipedia.org/wiki/Collateral_freedom
• [00:29] Mullvad Connection check — https://mullvad.net/en/check
• [00:31] Tor Project — https://www.torproject.org/

:::