Luke: [00:00:00] You’re listening to a new episode of The Brave Technologist, and this one features Harry Halpin, who is the CEO and co-founder of Nym Technologies. He completed his PhD in AI at the University of Edinburgh under Andy Clark, and then led standards around cryptography and social networking at the World Wide Web Consortium at MIT.

Now he’s focused full time on preserving privacy and freedom of speech with Nym VPN. In this episode, we discussed what he’s building at Nym, why it’s important, and how it’s integrated with Brave now, how Nym is different from a traditional VPN, and why that nuance is critical for user privacy, how Nym is building technology that becomes faster and more performant as people begin using it, and ways we can make agents and LLMs more private and safe to use.

And now for this week’s episode of The Brave Technologist.

Harry, welcome to The Brave Technologist. How are you doing today?

Harry: Oh, very good to hear you. I’m a big fan of Brave. I’m in fact using it right [00:01:00] now as I speak to you. And, we at Nym have been working really hard with some of the technologies that Brave has been creating to try to make your entire computer, more private.

So I’d love to… It’s really an honor to be on the podcast.

Luke: It’s so great to find people that are just, aligned and on, on the same kind of path of trying to improve things for users, right?

To kind of set the table a little bit for listeners, when you look at today’s internet, what is your just biggest concern

Harry: so we have, I think, two large interconnected problems. I used to work with Tim Berners-Lee, the inventor of the web. And if you read Tim Berners-Lee’s early writings, say 2008 or so, the web was founded with this vision of really sharing collective knowledge and, throughout, for all humanity.

For really creating something which empowered people and which furthered people’s kind of use of reason, and created a more, for lack of a better word, harmonious [00:02:00] digital world. And what Tim said back then, he said, “Well, look, the great thing about the web is it’s so big,” at the time he thought it was unimaginable that a single company, could take it over and what we’ve seen is that’s not the case.

So what’s happened is that there have been the rise of, of large internet monopolies. In the United States, we have Google. Mm-hmm. In China, you have obviously a whole other set of actors. Europe being effectively a colony of the United States in terms of its usage of internet platforms. So boil down, you know, Google, Apple, Meta, Metaverse, branding of Facebook, which is a bit silly.

They’re just kind of these kind of large platforms which we’re completely dependent on, and they use the web, but they don’t give back to the web. And what, what’s happening now is there’s, there was never like– they never really figured out, like, a proper business model. So their business model actually just became advertising.

Mm-hmm. And [00:03:00] insofar as it became advertising, they started collecting, for commercial purposes, lots of data, around your behavior online, which is a, a form of surveillance, even if many people thought it was fairly harmless. Cookies, IP addresses, this sort of stuff. Now, what’s really dangerous about today is because these companies have not been able to figure out how to make any real, profit, and they’re trying to transform all this user-generated data into AI, data, which is, interesting.

It may make the web so much easier to use for people. It’s becoming harder and harder to really escape this, this net of surveillance. And as we enter a world which, to be frank, is geopolitically much more unstable than it was in 2008, much more unstable than it was 10 years ago. We’re entering a world in a state of a permanent war, those surveillance apparatuses, they’re aimed not only at the enemy overseas, but the internal population.

What we’re going to see is, the weaponization of what [00:04:00] appeared to be innocent adware into effectively malware to hijack your computer, to control your computer. And just as you know, the TV used to be used to control people’s thoughts, that’s why Hollywood was always so important in US elections up till recently.

The internet is now, I think, the main conduit of effective mind control. And we have to build tools that preserve the original vision of the internet and our ability to think critically and use our reason autonomously.

Luke: The Brave Technologist is brought to you by the Brave Search API. Access billions of indexed web results from a simple API call with the Brave Search API.

Join the leading names in AI and tech using the Brave Search API to power agenic search, keep LLMs current with real-time data, train foundational

Harry: models, and bring the best of the web directly to the leading edge. Get started today at brave.com/api.

Luke: Coming from kinda ad tech before Brave, like totally [00:05:00] get what you mean.

And it’s almost like, people didn’t necessarily anticipate, the surveillance aspect of it to get as, uh, proliferated as quickly as it did, right? Is there a certain moment in time where this got significantly worse as far as like collection of data?

Was it programmatic advertising or, or, or something like that? Like

Harry: Well, it’s hard to say. I, I worked at Yahoo when I was younger, maybe a bad choice at the time. That stock is worth very little. But nonetheless, uh, what I would say is that, I think it was a more of a slow, long build-up of data.

Mm-hmm. That it’s not a particular turning point. And a lot of the data collection facilities were really built, innocently in order just to s- sell products and ads better. They weren’t really built for behavior control. They weren’t really built for prediction. They weren’t built for political purposes, but propaganda purposes.

I think the real turning point is not actually- Now, uh, and what happened in the past, I think the real turning point’s gonna be [00:06:00] what happens over the next year, maybe even few months in some jurisdictions, with a push for age verification. So you have to use an ID, you have to show your ID to your computer or to your app to use the internet.

With the push for increased, I would say almost China-style censorship in, in many of what we thought were previously civilized countries, like in Europe. And, um, we’re gonna see this push over the next few months or year, I think will actually, really be the decisive turning point.

And we’ve seen in small isolated examples how web tracking behavior, internet tracking in general, geolocation behavior, can be used. Obviously, I used to teach in, Lebanon, in the Israel-Lebanon conflict. we’ve seen it used to target people with drone strikes. The NSA said that as well, the Snowden revelations.

But these have been, like, I would say relative… Like, most people aren’t afraid, “Oh, I, I searched something wrong. They even have a drone or the police come to my house.” Most people aren’t there quite yet. Mm-hmm. But I think there’s a danger [00:07:00] that we get there over the next few months or a few years, and I think it’s coming much quicker than people expect.

Luke: Yeah. I’d agree, too. I think even in the past couple years, the kinda contracting communities even just kinda come out there more with it and said, some of these identifiers are sticky enough, like a, an ad ID at the operating system that you can switch out that nobody ever does, right?

is, Is a strong enough signal with this other metadata. And I think you bring up a good point, too, around the age verification. Let’s unpack that just a little bit so people, I think people can get a good understanding of this. Mm-hmm. Like, when there is this much metadata that’s being collected about you,

The best example I can think of is, okay, you have a driver’s license ID, right? like, Nobody really knows what yours is, but if somebody does have it and you do enough things with it, it collects it. But when you add age verification on top of that, you’re literally giving them your ID, right?

Harry: I mean- Usually,

Luke: right? Yeah, exactly. It, it, exactly. Like, your,

Harry: your address. I mean,

Luke: you- Yeah W- which kind of brings me back to, to, to Nym, ‘cause this is something where you’re starting, at least in the UK and probably elsewhere, to see people starting to kind of push [00:08:00] back against VPN usage, right?

What are you seeing on that front and how is what you all are doing at Nym, helping, to keep people’s privacy or anonymity protected?

Harry: Yeah. You have to take a look at the longer trajectory, but what’s even happening today is, is absolutely terrifying.

So in Germany, apparently, yesterday, It’s illegal to insult a politician, and someone was upset over something online, and they said, “Screw you, Scholz,” and then the police came to their door. That’s wild. And in the UK, you’ve been seeing this over social media posts, increasingly. I think the UK actually has more people in jail for social media usage than China, right?

Wow. So we’re seeing , this, uh, this acceleration of punishment for free speech and behavior control, and they’re using this metadata, this advertising data to kind of locate you, your IP address, where your router is, what browser you’re using. And, you know, if you’re like- Oh, I wanna make this even easier," just force every internet connection to have a unique [00:09:00] identity card, like your passport, attached.

I think that’s the world they’re going for, and I heard, the Prime Minister of Spain said this innocently, but I think it was a very stupid thing to say. It shows you why, certain, I would say boomers maybe shouldn’t be in charge of internet policy. He said, “Well, look- … you need a driver’s license to use a highway to drive, so why don’t you need - identity card, driver’s permit to use the internet?”

Um, And that sounds maybe a little reasonable, but if you think about it for a second, most of the interesting things that have happened over the last 30, 40 years have been because of unrestricted internet use, right? Right. Everything from, Wikipedia to WikiLeaks. And then if you step back and you say, “Well, obviously this is silly because if maybe they make it impossible to use the internet safely to speak my mind in the UK, I can just use a VPN.”

But the problem is they say, “Well, we’re gonna try to make VPNs illegal. We’re gonna try to make it so that you can’t use a VPN.” We’re seeing this in the UK. We recently saw it even in the United [00:10:00] States in Utah, very silly law got passed there. I don’t think these laws are, like, very technically, sophisticated.

The people building them have no idea how the internet works. And so what we’re doing at Nym is we’re trying to build technology that prevents this. We’re trying to build VPN technology, and not only a normal VPN technology, but a privacy-enhanced VPN technology, and a decentralized VPN technology which can’t be banned and can’t be blocked, no matter what your local petty bureaucrat or Chinese government official or whoever says.

that’s our mission, right?

Luke: Is this a product that you see my neighbor being able to eventually use? We’re hitting a part in the timeline where, people’s movement with their actions, it, now that there are solutions that are more and more usable.

Like, I just remember in our example at Brave, when we started up, it was like people were questioning whether people even cared about privacy. When you have, 100 million plus people [00:11:00] moving with their feet to an alternative that has privacy, that makes a statement about privacy, and how much people really care if something’s competitive, right?

Do you see what you guys are doing as something that my neighbor can use eventually, is it something people should try out, that are listening to this podcast?

Harry: Yeah. I mean, my dad uses it, right? Awesome. That’s the best. I want everyone to use it. And it’s interesting, the platforms like Facebook obtained real dominance because it made it easy to use.

Like, when I made my first webpage, I worked for one of the first websites, Sunsite, now ibiblio, and I made a website there. I made it by hand using a text editor and HTML, and this is kind of the late ’90s under this wonderful poet called Paul Jones. But I don’t expect my dad to make a webpage, but my dad could still benefit from having a webpage.

So my dad built a Facebook profile, and he uses Facebook primarily to communicate rather than, say, email or whatnot. And I think that’s actually great. It’s not good that Facebook is monitoring him, but it’s great the tool’s easy to use, that you can use it- Mm-hmm … without thinking. And that’s how [00:12:00] we wanna make VPN technology.

We wanna build internet technology such that it’s effectively so simple, you just press a button, or even better yet, it’s just part of your browsing experience. It’s just part of turning your computer on. I worked in internet and web standards for many, many years. And one of the reasons I, I did a startup was not because I think it’s always the best way to do things.

I think it’s, it’s the best way to be innovative. But, you know, ideally, we want this technology to be free to use and part of the base layer protocols the entire web is built on. I wanna see the entire internet from the packet layer to the application level enable people, uh, to have privacy and security.

And so they shouldn’t have to turn anything on. But unfortunately, you know, I was in these committee meetings at the World Wide Web Consortium and Internet Engineering Task Force, and when people, good people, brought up technology such as Do Not Track, which would just make it so you could not fill in all these little irritating [00:13:00] consent GDPR forms, but it would just not- just wouldn’t be tracked, they were blocked by the big companies.

Google, Microsoft, all blocked them. And so we, we couldn’t make progress on privacy via standardization, and maybe hopefully that will change in the future as more people want it. but the… I think the first step is we need users to have the option, so they can at least, even if it doesn’t, like, your computer doesn’t want do what exactly what you want it to, and it tracks you when you turn on, there should be a button that lets you opt out and lets you exit the surveillance machine and say, “Yes, I actually do want my privacy,” and you just click that once, and then everything just works, but with the added benefit of not being tracked all the time.

Luke: Mm-hmm. Yeah, and that’s another part that, I feel like, people outside of the tech space don’t have a great, um, understanding around, is it’s not just, like, a market dominance that the big tech has with the product stack that they put in the market, but the influence that they have over things like web standards, right?

What’s different about Nym compared to a more [00:14:00] traditional VPN, like how you guys are doing things?

Harry: Yeah. So what’s really interesting about Nym is that at first it started out not as a VPN. So when the internet was first created, there was no encryption and then they added encryption. And that’s that little lock, uh, on your web browser that was originally through the open, OpenSSL library, now called TLS, and actually the inventor of that library, Ben Laurie, is an advisor over at Nym.

Luke: Hmm.

Harry: Um, Also, worked on the WikiLeaks web pages and weirdly enough, Google for a bit, ‘cause you have to, have to lay low somewhere. we basically said, “Well, once your connection’s encrypted- What else is being revealed? And what’s often being revealed is who you’re talking to, when, and how often.

And that’s called– So the, The data is like the message that I’m sending, and the metadata is who’s sending it, when, where, how often. And this metadata, if you take a network of all the people I communicate to, all the web pages I go to, you can make a big graph out of this, what we call a social [00:15:00] graph. And that graph can then be used to predict and control your behavior, that who you talk to is often, more important than what you say.

There’s a great book called Social Physics by one of my mentors over at MIT called Sandy Pentland. And he does these studies where he actually would just monitor who’s speaking and how often they’re speaking and who they’re speaking to, and he could predict with, like, 80% accuracy the outcome of a decision and the action.

And that– So this is quite dangerous stuff. Right. But this data is not protected by that little lock on your computer. It’s just not, right? Mm-hmm. That data goes out, and it’s grabbed by Google. It’s grabbed by, whoever’s your ISP, your phone company, whoever, whatever country you’re in.

Uh, It’s also viewable by anyone on the internet ‘cause a lot of it’s just kinda watchable by anyone really. And so a VPN basically sits in the middle of this and says, “Okay, well, you’re gonna go through my computer before talking to the internet,” and sets up an encrypted tunnel to that computer. Uh, But then the [00:16:00] problem there is you’ve just moved the trust, right?

Uh, And that trust is just moved to, a central computer. So we do two things differently and, and just to point out how dangerous it is to move that trust to a centralized computer, a centralized computer, particularly if you pay them with a credit card, they not only see what you’re doing, but they have your credit card data.

Right. So if someone wants to get you, it’s like go to that guy who runs the VPN. Some of them are very nice people, but regardless, I had a friend that ran a VPN. He said, “Well, you know, if they threaten my kids, I’m gonna hand over everything they want. It doesn’t matter what my privacy policy says.” And I think that’s true for most people.

Mm-hmm. Understandably so. So we have to build technology which doesn’t let that happen. The two things that Nym does is we first, we decentralize the networks. There’s not a single computer, but there’s a network of computers, and your connections always go through multiple independent parties. The second thing, building upon the kind of, I would say cypherpunk pioneer David Chaum, who in the, he kind of in the ’80s said, “Well look, we could just [00:17:00] take all these encrypted messages, put them in a computer, and mix them up like a deck of cards, which, put a little bit of a delay, and then release them all, and then they’re much harder to track.”

So that’s not really a VPN. That’s what you call a mix net. Mm-hmm. And mix nets are, to our knowledge, the only technology which can be anonymous against a adversary which would watch the whole internet, such as say the NSA or maybe today, more accurately, Palantir. And so that’s what we built. We said we’re gonna build a decentralized mix net.

We call it a VPN ‘cause people know what VPNs are, but the architecture is fundamentally different. So you connect to a person’s computer, you send your traffic to that computer, uh, and that traffic gets sent to multiple different computers. It’s mixed up with other people’s traffic, sent to, depending on which mode you’re using, four more computers or maybe just another computer, and then released.

We think gives you the best protection against surveillance today, and [00:18:00] that’s really what Nym does, which is different.

Luke: How does this compare to something like Tor?

Harry: I mean, I mean, you know, the, The thing with mix nets and, and Nym is that we, we let the user tune the speed. Okay. Right? So, so you can do it, you can be very fast and be a little bit less private, or you can be, like, super slow and more private.

And, and Tor- Mm-hmm … kinda puts you in the middle. What Tor does is a little bit different. So Mixnets came first, David Chaum invented them in the ’80s, but the internet was like kind of slow and it didn’t really work that well except for like email.

Luke: Mm-hmm.

Harry: There, there’s some belief that Naka- Satoshi Nakamoto used Mixnets because the, some of the techniques from Bitcoin, like proof of work, come from that space.

But they weren’t, like, widely adopted. And then, effectively Tor came around with a technique called onion routing, which is very different. So Tor takes a message and sends it through a decentralized network, but it doesn’t, like, chop it up in different messages. that’s very important.

And it doesn’t mix them, so the messages come in kind of like first in, first out. So you still get that unique fingerprint with [00:19:00] Tor, and there’s these, the attacks on Tor where, like, even if the Tor operators are honest, and the adversary kind of watches both sides of the connection and can kind of generally de-anonymize what you’re doing.

That’s called a correlation attack. Now- Mm-hmm … Nym tries to prevent this, although not 100%, but we, we can do better by adding fake traffic and by mixing traffic. And so even though it’s an older technique, we updated it. And we updated it, interestingly enough, historically, because after the Snowden revelations, when it was revealed the US government was spying on various heads of government, the European Union said, “Hey, we need to build an alternative to Tor,” which is, uh, a bit stronger.

Because obviously Tor is really good, and I still think it’s one of the best things to use if you’re in China or Iran, and you need to kind of poke out the firewall. But if your adversary might be Palantir, it might be, the US government or the German government or, something like this, they have much wider surveillance capacities.

They can watch kind of much larger parts, if not the entire internet. And [00:20:00] even Tor says, “Yeah, we don’t really, like, do that. That’s not something we can defend against.” So we wanted to build technology which could defend against, like, the most powerful adversary, which I guess in my head is probably Palantir right now.

Um- Yeah. Yeah … It could be if you’re in China, you know, the, the CP, or in Russia, whatever, Putin and his gang, so forth and so on.

Luke: Yeah. A- and I, and I like too that you mentioned that, the users can kinda tune, the trade-off, right? ‘Cause I mean, obviously, somebody like a journalist somebody at that level whose name’s out there around this and has sources and stuff like that has a different kind of a threat model or, a degree compared to somebody that’s just trying to kind of like have better hygiene around privacy, right?

How are you approaching that trade-off, at Nym? Is it about having like a strong default that, that most people will find fine, and then you can go dial it up more? What’s the thinking kind of around how you guys are implementing it?

Harry: We put it in the hands of the user, right? Mm-hmm. So we don’t know what you’re doing on the internet. We don’t wanna know, right? Mm-hmm. We don’t wanna be a normal… A normal VPN knows what you’re doing on the internet. Mm-hmm. We have, we want to completely disconnect you from your internet usage, [00:21:00] and we want them no concept what you’re doing, want no one else to know anything about you However, uh, we don’t know if what you want to do should be like super, super private, anonymous against a Palantir or just, “Hey, I just wanna watch some video.

I’m in– I wanna watch some video in, I don’t know, from China and I’m in the US,” or vice versa- Mm … “I’m in China and I wanna watch US video,” or… And, and these are very different, kind of things to do. So what we built is we built, advanced interface and a simple interface. When you start Nym VPN, and we– It’s just called Nym VPN, N-Y-M if you can.

And it’s for like anonymous. People don’t know where that comes from. Uh, And you wanna use it, you just download Nym VPN. It’s on the App Store, works fairly well across all platforms. And it– Two things come up which are a bit weird. One is we– you don’t get a user login. You get like a weird kind of passphrase.

Looks a little bit like a Bitcoin key if you’re a Bitcoiner. because we don’t wanna know your name or anything like that. [00:22:00] But the most important thing is when the interface comes on, you get a, a kind of anonymous, you get, something which says Anonymous Mode or, Fast Mode. And this is like the basics.

So when you come on, it, you get, it says Anonymous Mode or Fast Mode, and then you click which one you want. And the Fast Mode is the fastest possible use of the Nym Network. It uses the WireGuard protocol, and it- Hmm … sends you through two different, uh, two different kind of hops in the network. But that’s not super anonymous because, like, basically defaults to something that looks basically close to Tor.

So an adversary that’s watching that entry node or watching that exit node or watching both could de-anonymize you. So then there’s this button that says Anonymous, and you click that, and then everything slows down, and we don’t really recommend watching video over it, but it’s perfectly fine for cryptocurrency, Signal messages, Telegram, email, this sort of stuff.

Things journalists might do, like thinking like Glenn [00:23:00] Greenwald talking to Snowden or- Mm-hmm … I don’t know, someone like this. And, and this is a bit slower. You’ll notice a few second delay in between things happening. , And that, but that will, that sends your traffic through five different computers and mixes them with other people’s traffic all along the way.

And the great thing is, the more… And everyone’s like, “Well, it’s a little slow.” But the cool thing about NIM, let’s say I wanna be private. Mm. What does it mean to be anonymous? Well, I have to be part of a crowd. We’re indistinguishable. Let’s say we’re all dressed in black, or all dressed in clown suits, and like the people can’t see who, tell who we are.

So what you do is when you’re all dressed in the same way, which in network terms is encrypted, it makes it possible that you’re like one of a larger set of people. And the more people that use, NIM, the faster it actually gets to maintain that anonymity, because as more people are using it, so everyone becomes more anonymous, [00:24:00] particularly if you’re using anonymous mode.

And then the time you have to mix with other packets, the time you have to hang out in the crowd becomes less. So we expect right now if you’re using NIM, you’re one of, you know- 10, 20K, max 50K people using the network at a given time. That’s not so huge. And so it’s gonna be a little slower, but as more people use it, the network should become faster, and that’s why I really think this technology can scale to handle, ideally large chunks of the world’s internet traffic.

Luke: That’s awesome. Yeah. Like I love it too in kind of the ability for it to, just get faster as, as it scales. I think it, you know, go- goes to a lot of a thoughtfulness and approach for building things at scale, scale away the problem, to a degree. I mean, like- It

Harry: sounds intuitive,

Luke: right?

Right. Right. Right. Oh, totally. I just find what we’re doing at Brave, like we, we often have to go to a lot of things that are, established in the market and approach them from a slightly different way because the defaults are so, bad, and, and hostile to the user.

you know, Rewiring some of those, fundamentals is [00:25:00] important. And I think too, you we’re not just seeing this with this ID verification stuff, but we’re also seeing a time where, civil disobedience like is getting cracked down in ways that, you’ve got, governments buying data from data brokers a- and all of these things.

When you add AI into this mix, What’s your take on that too? Like we’re seeing like AI use and AI agents, and eventually those are gonna have to get associated with IDs for them to be, used in more serious ways. Is the, the stuff you guys are working on at Nym, uh, applicable in the AI space in, in a similar way?

Harry: Oh, yeah, yeah. Well, let me first mention civil disobedience. Mm-hmm. One of the reasons I built Nym, I was working on web standards and, uh, you know, VPN. I had like a VPN nonprofit. And we were, you know, during the beginnings of the s- the Syrian revolution, there was a programmer, Basel Safadi.

Basel Khattar Bill is his real name, and he approached me, and we knew each other through kind of, I think he worked on JavaScript, uh- Hmm … some Mozilla WebKit sort of, uh, thing. And he said, “Hey, look, I need a [00:26:00] VPN ‘cause they’re having a revolution here and I don’t wanna get killed.” And I said, “Yeah, you definitely need a VPN.”

And, we gave him one, but again, the Syrian government had very powerful capabilities, and they eventually tracked him down and killed him know, I knew Basel. He never thought that anything like that would happen to him. He was just some dude, he had a normal day job, went around and programmed websites for a living, and then next thing you know, his friends are getting shot, he’s working on medical stuff, and then he’s identified as a key organizer and dissident and imprisoned in Assad.

Actually, last year I went to, to visit the prison, Syria where he was killed, and it was very gruesome. They literally had machines where they would flatten bodies. I mean, it’s such- Jeez … terrible, terrible stuff. So you never know, right? And Syria has still nice parts in it, like, but, no one saw this kind of repression coming out of their dictator who was, like, formerly a dentist, right?

So you never know- … what’s coming, right? Right. No, well- And so, and so therefore that’s why I know it sounds paranoid, [00:27:00] and people can look at me and say, “Oh, you’re some paranoid guy,” but no, I think it’s really reasonable to prepare for the worst and to add more capabilities to people’s internet browser, to people’s browsers.

You know, I worked for many years before working on Nym, I, I worked on just making cryptography work better in browsers, and we, I felt that problem was kind of solved, and now we have to move to the next harder problem. Mm-hmm. And one of the hardest problems the internet has always been access to information there’s a lot of information out there, but search engines are, are hard to use.

Their success has been degenerating. Too many ads. on some level, AI has been great. Being able to chat to a computer is really a realization, I think, of Licklider’s original vision for the internet, which is, wouldn’t it be wonderful if you could just chat to a computer and it would tell you anything in the world?

And now with AI agents, they can accomplish tasks for you. Mm-hmm. So we think this is great, but as exciting as it is, we haven’t escaped the economic paradigm of [00:28:00] Facebook, Microsoft, and this kind of, what I would call mass surveillance paradigm that’s based on, around adware.

And this is really dangerous. This is really dangerous because with a lot of these chatbots, people reveal very private stuff. They give them access to, their whole computer, um, and all this is just getting leaked. So one thing we released, actually, I think we released it two weeks ago, uh, to release Nym for Agents- Hmm

so that you could talk to, your agent or your, language model over, a mix net, and that’s an anonymous channel, so the agent has no idea who you are. We’ve seen a lot of technology claim to do this. We don’t think any of them are anonymous against a network-level adversary. All these… even say, oh, cool, you’re talking to the…

You’re doing private inference through, some cool new technology. It doesn’t matter. Whenever you talk to the other computer, your IP address is leaking. That can be used to re-identify you, right? Oh, yeah. Yeah. So you

Luke: do

Harry: need something [00:29:00] like Nym that’s in between you and the language model or you and the agent, and then vice versa, maybe the agent or the AI needs to operate anonymously.

What, what– Maybe it do- it needs to be private, right? Mm-hmm. and that could also be useful. We haven’t really thought as much about that, but I think that these kinds of technologies, we build them for humans, but we do believe that machines can use them, and it’s important. The vision of the internet has always been, since the days of Licklider, Engelbart, and Berners-Lee, a platform for collective intelligence to kind of help humanity solve problems that we would be unable to solve if we were stuck in our, by ourselves.

Luke: Mm-hmm.

Harry: And, and AI using information data, effectively is a multiplier effect to human capabilities. However, we need to access those capabilities without putting ourself at risk and while being safe and secure in our, the kind of integrity of our [00:30:00] body, our mind, and our own data.

Luke: Absolutely. it, It isn’t paranoia at this point.

I mean, and then this is the thing that people, people lose sight of, is that the depth of data collection, we’re talking about, well over a decade, right? Like, That these companies have been collecting this much information on people. We saw this with trucker protests in Canada.

We’ve seen this all over the world where these laws are getting kind of used against the citizens for doing things that they should be able to do, right? and it also kind of puts a scare on, people like whistleblowers

I really applaud, that you guys are, are taking it on from this level because,, uh, I see it just out there. It’s, uh, I think Brennan likes to refer to as, privacy lipstick o- on pigs or whatever. Even some of these ones that are claiming to be private, if you start looking at their policies, they’ll run third-party analytics on top of it, and yeah, all the inference, something they’re doing in there might have better privacy than everybody else. But, But realistically, you’re still being tracked, by third parties you know, like you said earlier, it’s a level of trust, right?

I feel like we’re hitting a moment in time where privacy is kind of a general, [00:31:00] i- i- some places of the world, they, they’ve tried to classify it more specifically, but in America, it’s, It, It’s defined by the companies, like what companies say privacy is, basically.

I really applaud you guys for working at this from a network level ‘cause it’s really essential work. And speaking of which too, I think, Brave and Nym are collaborating on something. I don’t know if you wanna give some color to what we’re working on

Harry: together.

Luke: Yeah. Yeah, yeah. But I think

Harry: it’d be helpful. I’d love to tell you what we’re collaborating on. Yeah, yeah. To mention what you just said, privacy is a holistic property of a system, right? So you know, you can have leaks at different levels where your data can be collected.

One level is the browser, and this is the level that Brave solves very well. Brave is the most private browser. It’s the browser I use every day, and it’s very effective It’s also nice that, you know, YouTube ads and stuff get stopped by accident. But, uh, but you know, in general, uh, it, it’s the most private browser.

And the way you wanna think about it, there’s different levels, and we at Nym, and VPNs in general, we build on the lowest level. So, you know, Brave is dealing [00:32:00] with websites and apps and AI communication to Leo, and we’re dealing at, like, the network level, which all this is built on top of, which is routing your packets, outside of your computer and making sure no one’s, like, coming into your computer and exfiltrating data out.

And that’s very important. So one thing we discovered, we built this Mixnet as VPN and, um, we want diverse people to use it, right? Mm-hmm. You know, we build because we are technologists are like canaries in the gold mine, and we see the problem of surveillance and privacy.

You know, We are less likely to be, like, personally gone after as much. But, you know, we want as many different kinds of people to use this as possible because, again, the more heterogeneous your user group, the more anonymous everyone is. If only, whatever, only anti-vaxxers use Nym or only, left-wing people use Nym or only cypherpunks use Nym, it’s not…

You want all the different kinds of people together using a technology so we can all be more private together. And I think what’s really key is that when [00:33:00] we’re talking to people, we discover new kinds of problems. And what we discovered is that one of the largest problems people had was not just, was, was the problem of ads and malware, that when I talk to you over this computer, know, I’m not assuming there’s hundreds if not thousands or millions of people listening in Right?

in fact, today in the modern web with modern apps, there are. And web– And Brave defends the web browser very good. But we, after talking to Brendan and talking to other people, we said, “Well, wouldn’t it be good if we could defend, like, the entire device against this kind of ad tracking and possible malware?”

You’re seeing all the, these kind of attacks. We’re not 100% there yet, but things like Pegasus and whatnot. And so what Nym does is when you install Nym, it puts a firewall that’s quite restrictive on your device to prevent the, people kind of coming into your device without your permission or people who are already inside a malicious sucking data out.

And then whenever any [00:34:00] request goes out of your computer to the internet, we check against the same list that Brave uses or lists actually, like easy lists and other community lists, if this request is from an adwa- a known a- source of adware or a known source of malware. And if that request is, we block it.

Mm-hmm. And sure, that makes some things not work, but that makes your usage of the internet much, much safer, so you can get the same kinds of protections you get with Brave over your whole device. And we think that’s pretty cool. And to build that, we talked to the Brave engineers, and we built on top of what’s called AdBlock Rust, which is a library for using these lists, and then we just t-took AdBlock Plus and we applied it on the VPN level.

, For the geeks in the audience, what we did is we basically look at IP and domain re- domain requests. We take those requests, we look at them internally before they leave your computer. We run them against the list, we block them, and then we let them outside the [00:35:00] computer, you know, ideally using a few, D- uh, DNS over HTTP and TLS.

So, so that’s, I think, like the key. Android would do things a little bit differently or to do it like kind of on a lower level ‘cause Android doesn’t let you do this kind of domain name interception work. But regardless, uh, it does work across all platforms right now.

Luke: That’s awesome. you know, it, It’s one of those great things to see ‘cause, with the open source community too, the more different applications where this stuff’s being used, the more everybody’s upstreaming.

And, like, with us especially, compatibility’s, such an important thing, with our team too that, like, hopefully, as we’re finding out things, we’re sending, fixes in as your, your community is too. it, It all just improves overall, with more of us using it.

And I think it’s a really good point you bring up too about, kind of the layering, right? Where we talked about ID verification earlier at the government nation-state level, but, your operating system is also doing things now with this, like Windows users and things like this where, it, it used to be a lot more open, and, and anonymous just opening up your machine, and now you’re kind of [00:36:00] authenticating and doing things there that are tied to your web stuff too.

I think, working from that network level is really key. And, I mean, covering off all , the surfaces as new ones emerge too, i- is awesome. I am stoked that we’re working with you guys on this and that, we have good partners in this. And, yeah, I really appreciate that you guys, had the interest and are working with us on these things.

Harry: Yeah. Yeah. We really have enjoyed working, with Brave. We actually talked to Brendan back in 2019 about the need for this technology when we first founded the company. And again- Mm-hmm … I’ve known Brendan, for many years. Obviously very well known for the inventor of JavaScript. He’s a cursed child, but particularly he took a very strong stance, unlike other browsers at the time, including his former employer Mozilla, against digital rights management.

So we know that- Mm … Brendan and the people inside Brave are people of principles, and they are willing to fight for those principles, and they can hire some of the best people to make those principles real. And it’s honestly been , a pleasure to work with Brendan and the rest of the Brave team and really get this off the [00:37:00] ground.

We’ve appreciated the support. We’re a very small VPN, right? We’re not NordVPN. We don’t have a gazillion users. You can look at our software, the interface could be better. There’s parts that could get easier to use.

It’s decentralized. You have to choose particular nodes. But then all the feedback we’ve been getting for over, I don’t know, since last August from Brave, has been absolutely wonderful and, and helped us really improve the product. Mm-hmm. And I think this is the kind of wonders of open source that, you know, Brave built your– this technology for the browser, and we said, “Oh, wouldn’t it be cool if we could reuse it inside a VPN, inside a mix net?”

And we could, and it was actually pretty easy. It took us, two to three months to ship up and ship out. And so we, we look forward to continuing to work with Brave. We think that there are… our ideal really would be if you look at technology, there’s only really a few things you need to do, right?

You need to have a social network. You need to have email. You need to have a [00:38:00] web browser. You need to have something like a VPN. You need to have something to send, money around, which is private. Ideally, something like, you know, Zcash or if you need private smart contracts, the Midnight Network. And you need these kinds of technologies and th-the vision is to have them be, like, an easy-to-use full stack so you can say, “Oh, cool, well, you bought, you know, the Google phone,” which makes you type your ID in to use the internet, but you can use this alternative thing.

Currently, I think Graphene is our best bet, but, something, that involves Brave and NIM and various other t-t-tools and techniques. And this gives you, an alternative platform, and we think that these alternative platforms will win in the end. I don’t think, th-there’s a massive loss of trust going on with the Silicon Valley giants right now.

It’s no longer, cool really to work for Microsoft or Google. Right. And even now we’re seeing some interesting stuff with [00:39:00] AI, but come on, people want to work on new or more interesting problems. Privacy, decentralization, and the intersection of this with AI is super interesting and really hard, and the f-people that crack this code and make something which is as easy to use, al- ideally transparent, for ordinary users will be victorious and will actually, I think, be, in the end, more successful than Google.

And we’ll look back at Google in the same way that we look at IBM today. No one’s like- Mm-hmm … “Oh, great, I can’t wait to boot up OS2 and go into my IBM…” I don’t know what their browser was back then, you know? Right. And we’ll think that way at some point about Google and Microsoft and a lot of these other products.

I’ve been in the space a long time, and you learn a lot about people by looking at their behaviors over not just months or years, but decades. Mm-hmm. And we’ve seen people on the Brave team fighting the good fight really f-since before Brave, since– for decades.

And that to [00:40:00] us means that it’s like a match made in heaven, basically.

Luke: Well, amen to that. I think I can’t think of a higher note to end on. where do people go to if they wanna try out NYM?

Harry: Yeah. So again, it’s on the T-shirt. Nym.com. Yeah. And you’ll go there, and you can download it. Excellent. And it’s free to try. We’re not really trying to make much money right now. We’re really trying to get people to try out the software and give us feedback. Or if you don’t wanna use a web browser like Brave, go to your Apple store or Google store, or F-Droid if you’re on Graphene, and just search NYM VPN and just download it.

It’s pretty easy. If you don’t trust us, it’s all open source. You can get it off of GitHub or GitLab. And we accept community contributions. We have your usual mix of social media channels and a very vibrant community. If we have any real geeks in the audience, one thing which is interesting about NYM is while we are working as a VPN, we are fully decentralized.

You don’t [00:41:00] need to talk to our VPN. You can do everything via smart contracts and cryptocurrency. You can… That’s what agents do, actually. AI agents don’t use our interface. They just go straight to the, the smart contract. And everything is wrapped up in a really easy-to-use SDK. So if you’re a developer and you use JavaScript, like NPM, or you use like a, a Rust crate, you can actually download our software and build it into whatever you’re building.

So just as we built on top of all the great work that Brave did with AdBlock Rust, we’re seeing new projects. A new peer-to-peer one called Iro just came by my, radar today, and they’re building on top of NYM for like, you know, things like peer-to-peer- Wow … file sharing. And so we encourage people, yeah, you could…

If you’re just a normal person, just use the software. If you’re a developer, please, please check out the code. We built it for you.

Luke: Awesome. Well, thank you, Harry. Really appreciate you making the time to come. Love to have you come back, too, and check back in on things and see how things are going with NYM.

Really appreciate you making the time.

Harry: Definitely. See you around.

Luke: Thanks for listening to the Brave Technologist [00:42:00] Podcast. To never miss an episode, make sure you hit follow in your podcast app. If you haven’t already made the switch to the Brave browser, you can download it for free today at brave.com and start using Brave Search, which enables you to search the web privately.

Brave also shields you from the ads, trackers, and other creepy stuff following you across the web.