66 comments

[ 2.5 ms ] story [ 126 ms ] thread
In light of the latest news of Comcast selling your data and almost weekly reports of threats to privacy and censorship around the world, we want to now share and invite HN folks to check out the public beta of Tenta Browser. It's a private, encrypted browser with built-in 256bit encryption and OpenVPN. We're in the early stages of development, but have a clear mission of protecting your browsing data instead of selling it and every feature we design is based on this foundation. To help make sure we do it right, we appreciate any and all comments and feedback.
> a private, encrypted browser with built-in 256bit encryption and OpenVPN

Can it be used to bypass censorship with the built-in tools? (VPN is not enough for bypassing censorship in China though.)

vpn is enough to bypass censorship in china. How do you think international corporations do it?
I've read (in Hacker News comments from developers in China) that international corporations get specially-licensed dedicated connections in China that don't go through the Great Firewall at all. So any VPN use on a connection like that would be for security, not to defeat the censors.
Yup, there are methods to fight this problem already. Our goal is to build a browser which faithfully produces the web while respecting users privacy
Are the sources for the browser available?
Great question. We do plan to open source the security and privacy code because we know that's critical to building trust for this type of product. We're still heads down to get through beta phase though, so it's just a bit early to take that step. We're on version 0.99.5 now and once we get out of beta, we will open up the code for 3rd party review
Why don't you open source the whole product? Critical software should be auditable by anyone imho.
> we will open up the code for 3rd party review

Open for general access or limited to certain entities?

We'll open for general access. And to the other point, we're still in beta development with a small team, so we will open up each portion as we go, so we can manage and address the feedback properly
Without full access to all the code it seems untrusted
Who makes this?
Tenta, LLC.
And how can a user be sure that Tenta, L.L.C. is not an agent of the NSA or the Chinese government?
We know these type of questions would come up. We're thinking a lot about how to build trust as a new player in the world of privacy tools and being transparent about who we are is part of that plan. We've been in the mobile startup world for almost ten years now and based in Seattle. We'll put up our bios, share video intro and you'll be able to meet us at the conventions, etc. Of course at the end of the day, that's not enough either. We'll also start reaching out to other companies we admire in this industry to review our product and we will work hard to earn their respect, so you can have real 3rd party validation. Also love to hear what you would want to know from us to make you give Tenta a try.
I understand your apprehension open sourcing the source code, but 90%~ of your userbase will be people who don't trust closed source code (some even would want to verify the app integrity somehow). So I really suggest you guys seriously consider open sourcing. I don't really see any of the free browsers using VPNs catch up because they are closed source, and although it might open up possibilities of IP theft, the chance of this being a successful product will be much greater.

And those great OSS contributors will help out too!

More importantly, how do they make their money?
I was wondering how fast my background in adult mobile industry would come up. :) Happy to address it though, because I don't want to give the impression we want to hide it. So we're also the co-founders of mikandi (NSFW) http://www.wired.com/2015/10/the-porn-business-isnt-anything.... We're very proud of building the first app store that treats you like an adult and all our fans that support it. In fact, it's our experience with this that has really shaped our views on free speech, privacy and censorship.

But we don't want to bring it up first because bottomline, Tenta is a separate company. We love what we're building with Tenta and want to discuss the problems that Tenta is trying to solve. When we have conversations in person, we've noticed that as soon people know we do porn tech, the conversion inevitably stays on that topic instead. Of course we know why. It's more fun and sexier, but dammit crypto and privacy issues can be sexy too! :)

> We love what we're building with Tenta and want to discuss the problems that Tenta is trying to solve

Great, so back to my original question then. How does Tenta make its money?

I'm not interested in precise details, but if it's a free browser touting privacy and security then I want to be able to follow the money and know what if any of my data/habits are being used/sold, and whether the business model is stable enough, and self-sustaining enough that I'm not going to be sold out to the highest bidder several years from now.

I just answered this question above. check out my response to user niij. If you have further questions though, let me know.
(comment deleted)
Privacy policy?
We'll get that up today, thanks for asking. Overall, we're taking a zero knowledge approach to your browsing data. We also do not store your keys on any servers for additional security measure, which means we are simply unable to provide access to your account to anyone.
Since there's not one technical detail on their marketing site I'm going to assume this is reskinned Firefox with SQLCipher dropped in.
Please see my relatedresponse above to laksjd. We're about to publish our technical blog and will expand on the technical details.
This just doesn't feel right to me. Firstly, what's a "Private Encrypted Browser" supposed to be? What's making it private? What's even being encrypted? There's a high density of buzzwords and a serious lack of explanation.

While it's not always fair to judge a book by its cover, statements like "Smart Incognito™ and Built In 256-bit Encryption" sure feel weird. Good security doesn't come from random trademarked buzzwords or providing a bit number without any context. Actually, those are major warning signs that the product is probably not nearly as secure as it pretends to be. The fact that this is not open-source just underlines that point nicely. Projects that are serious about privacy and security as their main goals always provide source code, not doing so is a sure sign that something other than privacy and security is the main goal.

The entire project seems very flashy but it just gives of an odd smell. The video,too, explains very little and leaves many more questions than it answers. All this seems to be is a somewhat convenient frontend for a proprietary vpn system which allows you to have multiple connections running and associate them to tabs. That's not bad but it's certainly not some world changing super-private thing and the fact that you're trying to present your proprietary VPN solution as your great gift to humanity just rubs me the wrong way.

It doesn't help that VPNs are basically pointless for anonymity since any browsing experience that's usable by normal people (e.g. executes javascript) can be trivially de-anonymised.

It's not for anonymity, it's for privacy. And the VPN extensions are actually nice... You can do something similar now with a bunch of extra tools, but building them all into one seamless interface enables regular people to get the benefits without needing to spend time learning new technology. If there is a market for this, this would be the first tool to address that market need.
Your comments touch upon a challenge we had when deciding how to market Tenta. At the end of the day, we want this to have mainstream appeal, which means everyone should feel comfortable using and understanding the browser and not necessarily have to know or care how the tech works, but that it simply works. For example, a good test we went through during development was to ask our own parents to review it, to make sure non-tech savvy folks understood the main points and were willing to try this out. Having said that, as I mention below, we are acutely aware that we have a trust and reputation issue since we're brand new. We'll supplement our site with a more technical blog and provide in-depth descriptions of how each feature works and our philosophy behind it.

So I totally understand your concern and we'll do our best to address it. If there's anything specific that you'd love for us to write about on our blog, let us know.

I don't know why you're marketing this outside of your background. If the average internet user cared very much about state/company privacy we'd have riots in the streets. But alas, we don't. The average HN reader is going to care a lot more about privacy, but they're going to want you to give tech specifics, they won't blindly adopt this based on marketing whizzbang.

Since you're from the adult background, why not market this browser to people wanting to view porn at work and not get caught? I'm sure it'd get a lot more adoption since legitimate use case, realistic goals.

We'll provide the tech specifics too. We know that's super important.

Yeah we're not going to run from our background. But having experience in that industry for so long, we already know it will do well there. We're also planning to reach out to people who already use and love incognito mode, ad blockers, vpns/proxies, etc.

And to your first point, part of our job now is to do our part in educating people why privacy matters and why Tenta exists. For example, explain why tools like your average browser's incognito mode is useless. That term is completely misleading/false and we will redefine the standard for what it means to be incognito mode.

How do you hope to monetize your product, considering there are already free secure browsers and paid VPN providers? Are you going to become your own VPN provider as well as browser developer?

edit: Oh, I see all the other media apps now. You're trying to become a "privacy platform", I guess? Just use our products so you don't have to think about privacy? And locking down the access so once you put your media in Tenta's valut only Tenta's apps can do anything with it, that's smart. Downside: You're going to look very attractive to criminals.

Additional question: are you going to implement a warrant canary?

I just mentioned this note above, but to respond directly, the browser will always be free. We believe everyone should be able to access the world's information without censorship and you shouldn't have to pay to access that right. Media Players and private storage are great ideas we've thought through too. Currently the VPN is applied to the browser only, so we're thinking of charging to switch the VPN on for device-wide protection. There's also security and privacy extensions and customization support, such as adding custom DNS or your own server location.
I would like to know, does this support IPv6? Opera tried offering a built-in browser VPN, but it only supported IPv4 websites.
Yeah we saw that too. We're working on this now. I'll get back to you with a firm answer soon.
I assume this would be a paid service (and I have no problem with it), so a concrete figure ($$$) or tentative figures (tier based?) would help potential users either follow up and start using the beta or forget it.
By default, the browser will always be free. You should be able to browse anonymously and control your data without paying. Currently the VPN is applied to the browser only, so we're thinking of charging to switch the VPN on for device-wide protection. Without getting ahead of myself too much, but we can also consider offering other security and privacy extensions and customization, such as custom dns or your own server location.
How is this free?
You'll always be able to browse on Tenta securely and anonymously for free. And it's not just your traffic that is encrypted, but think about all the other browsing data that is traditionally not hidden such as your bookmarks, downloaded files or even keeping tabs open to view later. We encrypt and block access to ALL of your browsing data. And again this is what the free version offers.

Most browsers are ad-based and their business model is your data. They may add new privacy tools, but they have an identity crisis and can never go all in on protecting your data. We are not ad-based at all, so we can provide uncompromising support to protecting your data instead and that will be our business model. To pay our bills, we are considering offering premium support for people who want to expand our VPN service to all other apps on their device. We will look into partnerships to sell other privacy tools and browser extensions. In fact, we already have interest from other startups to customize our browser to work behind their own firewall, so we can offer custom browser support as well. So there are a variety of viable options that we're excited about and selling your data will never be one of them.

Okay, so paid subscriptions is how you'll remain free. Got it.
If the browser will always be free, what is your business model?

(No offense, but I just get very skeptical of “security” products that are ‘free’.)

If the browser will always be free, what is your business model?

The answer is in the third sentence of the parent comment:

Currently the VPN is applied to the browser only, so we're thinking of charging to switch the VPN on for device-wide protection.

Where can we report vulnerabilities? ;-)
support@tenta.io, we welcome your help. Please keep in mind we are in beta, so you'll notice some feature will state that they are under construction, but more feedback the better.
* support for .bit domains out of the box is very very cool

* is it based on Firefox? Chromium?

* emphasizing the number of bits in your encryption can be the opposite of reassuring. is this encryption on the wire or of data at rest? what algorithm(s) do you use? do you use a standard implementation or your own?

Sweet, someone noticed the .bit domain support!

chromium.

We're writing up details in a blog post, since this question has come up in various forms. We'll share the link in a bit.

As a wrapper for the other instances of this question in this thread: why is the source code not open and free to view by default? Afraid we'll notice tab-indenting? ;)
Mainly because we're still getting beta feedback and in development. We're on version 0.99.5 and working toward 1.0, so depending on what beta testers tell us, there could potentially be sections of the app that change completely and some features are simply not complete. We want to get it out of beta and into 1.0 first, otherwise it will be a distraction for our small team. ..so yeah tab-indenting and lack of code comments. :)
I noticed that the user-agent string still reveals my device type and build number. Searching the device type reveals that the device was only sold in the country I am in, defeating a lot of what this browser is supposed to be about.

Where is the privacy aspect when you're leaking my country, device type, and even what build of Android my phone is using to literally every website I visit?

I can use existing products to identify your particular device even in a completely encrypted connection; if I can see the requests' content, I can tell even more, regardless of user agent string. And if I can see the requests, I can probably inject a response, which allows for a large range of probes and attacks to further identify your device. Worst case I can even use your latency to identify where you are.

Privacy means that nobody but you and the site you are visiting have your private information. Anonymity means the site you are using has no idea who you are. They really need to clarify these things.

Yes, and statements on their website like the following don't help:

"With Tenta Browser, your IP address and location is kept private and discreet."

A clear, published threat model would be great.

On the UA string, thats a good suggestion. We can look how much device info we need to send and add some settings for that. On the privacy question, it sounds like the zone you used was connected to a local connection instead over the VPN connection. In the next build we're going to make this more obvious. Tap on the flag or blue pin icon in the top right corner to open Zone settings and you can see a drop down of locations to choose from.

Btw, it's not added yet, but we will make the default selection "Fastest Connection".

As far as trusting us to run the VPN edge for you, we will work on variety of ways to earn that trust as I've mentioned throughout my comments. But this is also why we're working on a way to let people run their own edges.

Thanks for the feedback, we'll make sure to clarify this all on the site!

Is this for android only? (It isn't mentioned, but download links go to Google play store.)

I see no mention of ad-blocking, tracker blocking, or script blocking. Can it use things like uBlock Origin, Privacy Badger, and Noscript?

We're starting with Android first (we'll make that clear on the site) and iOS second. Then we'll decide what platforms to prioritize next.

Regarding the second question, the short answer is that we plan to support this. It's just a matter of our time and what to focus on for the initial v1.0 launch. Long answer is that we do agree this is something that’s best solved by an ecosystem of providers (like the ones you listed) where users can easily block ads as they desire. So we'll take this approach rather than the browser unilaterally determining which features websites are allowed to have. Even major browsers with built-in ad blockers have false positives and break websites inadvertently. Take our own website for example. We have zero ads on it. It displays properly in Chrome, but completely ruined in Opera Mini which has built-in ad blocker.

>closed source

>security

Nothing to see here, folks.

How do i download this without loggin into google? thanks.
Wait until they opensource it so f-droid can build it :). Of course I could upload the apk somewhere for you but how would you verify it's real (unless theres virustotal for it already)
Couldn't they put a direct APK link from the website?
After beta, we'll allow direct downloads of the apk. During this test phase, it's just easier for us to manage the tester feedback with the Play store admin tools.