How I made my own WireGuard VPN server

Some of you may have heard about VPN protocols that let you establish a connection between your device and a server, such as OpenVPN and IPsec. But there’s a brand new shiny protocol that promises to be faster and more secure at the same time — WireGuard.

But WTF is a VPN anyway? A VPN is a virtual private network between a device in front of you and a server in a data center. If you want to hide your internet traffic from other people on your local network, you can create a tunnel between your device and a server.

All your network traffic will go through this connection, and traffic is usually encrypted from one end to the other. It means that your overzealous IT department or the Great Firewall of China can’t block any service.

And yet, it also means that the person who operates the server can see all unencrypted traffic. That’s why I never recommend using a free VPN service or even paying for an account. Using a VPN doesn’t mean that you’ll be more secure on the internet. You’re just moving the risk down the VPN tunnel.

Many VPN companies analyze your browsing habits, sell them to advertisers, inject their own ads on non-secure pages, steal your identity, log your internet traffic, share information with law enforcement and more.

When it comes to VPN companies, trust no one.

Looking at the protocols

There are multiple ways to create a point-to-point VPN tunnel. Your device and the server need to use the same protocol to talk to one another. The most popular protocol is OpenVPN. It’s a secure implementation that works on pretty much any device, as long as you’re willing to install an app.

IPsec, combined with IKEv2 authentication, is another popular protocol. It works natively on iOS, macOS, Windows and Linux. That’s why it’s a great option for devices where you can’t install any app you want.

You may have also heard about PPTP or L2TP as well. But those protocols aren’t as secure and nobody should use them anymore.

It seems like there are plenty of options already. But OpenVPN has been around for 17 years. It is slow and it was never designed for mobile devices.

OpenVPN and IPsec also have a huge codebase, which creates a bigger attack surface. It’s unclear whether the NSA has found vulnerabilities in those protocols because it’s harder to audit big codebases. WireGuard creator Jason Donenfeld only wrote 4,000 lines of code for the initial release.

Connecting to a WireGuard server is pretty much like connecting to a remote server using SSH. You generate a set of public and private keys and exchange public keys with the server. It’s both secure and hard to fool.

Compared to other VPN protocols, WireGuard relies on your device’s network interfaces. It adds a new interface to natively route all traffic through the tunnel, whether you’re using Wi-Fi, Ethernet, LTE, etc.

Regular VPN users also know that you have to reconnect to the VPN server every time you switch from Wi-Fi to LTE to Ethernet… WireGuard servers can maintain the connection with your device, even if you switch to another network and get a new IP address.

WireGuard is still quite new and experimental. For instance, you won’t find any WireGuard client for iOS. There are also very few WireGuard implementations with a graphical user interface.

Building your own VPN server

If you want to give WireGuard a try, it’s not that hard. You may remember that I talked about Algo VPN in the past. It’s a great open source project that lets you set up your own VPN server in just a few minutes. You don’t need any coding skill.

It turns out Algo VPN now supports WireGuard in addition to IKEv2. In other words, creating a VPN server with Algo VPN will let you connect to this server using both protocols.

Algo VPN runs on any Ubuntu server, but the easiest way to host your server is to create an account on DigitalOcean. After that, you’ll need to download a zip file and follow the instructions.

Once the setup is done, you should have a new folder on your hard drive with everything you need to connect to your VPN server. If you’re on a Mac, you can double-click on the .mobileconfig file to connect to your VPN server from your Mac using IKEv2.

If you want to try WireGuard, you’ll need a computer that runs macOS or Linux, or an Android phone. The easiest way to use WireGuard is to install the Android app and add the .conf file to your phone.

On your Mac, you need to install WireGuard using Homebrew (brew install wireguard-tools). You can then move the myvpnserver.conf file to /etc/wireguard/ on your hard drive and connect using a simple command line (“wg-quick up myvpnserver” and “wg-quick down myvpnserver”).

I wanted to go one step further and skip the Terminal window. On macOS, you can create an AppleScript using the Script Editor app and put it in your menu bar by enabling the menu bar option in the settings.

In my script, I also fetch my current hostname using icanhazptr.com. I then display my current hostname in a notification to check that I’m connected to the VPN server. In this case, I created a VPN server on Scaleway:

There you have it. Now you can’t say that you prefer to use a commercial VPN service because they have a nice menu bar app. This setup offers the same convenience but with a more stable VPN connection.

Once again, WireGuard is experimental. You need to assess your risks before using WireGuard at a production level. If you’re Edward Snowden, WireGuard might not be ready for you just yet. You also need to be comfortable with a buggy implementation. For instance, I had a DNS issue after shutting down a WireGuard connection, so I had to reset the DNS settings in my network interfaces.

But the fact that you can close your laptop, switch to another Wi-Fi network and stay connected to the VPN server is pretty neat. It’s clear that WireGuard represents the future of VPN protocols.

Apple touts iPhone gaming performance in new ad

Many people have talked about the performances of the new MacBook Pro over the past few days. But Apple focuses on the A11 Bionic chip in its new TV ad.

Named ‘Unleash’, this ad shows a young man walking down the streets of a Chinese city filled with Mobike and Ofo bikes. He’s playing a game on his phone, receiving text messages and watching a live stream on YouTube Gaming.

The game quickly becomes bigger than his phone. He fights monsters and virtual characters in the real world. The tagline says “Unleash a more powerful you”.

If you opened up the App Store today, you may have seen a promotion for Vainglory in the Today tab. That’s because this ad is all about Vainglory, a multiplayer game that works more or less like League of Legends or Dota 2.

Apple has been updating its system-on-a-chip every year to make it more performant. For the first time, Apple designed its own GPU with the A11 Bionic.

This is one of Apple’s competitive advantage against generic Android manufacturers. The company now has a clear advantage when it comes to benchmarks and gaming performance.

ezCater acquires GoCater to expand beyond the US

Catering marketplace company ezCater is already putting its big $100 million funding round to good use. The company is acquiring GoCater, a European marketplace that operates in the same field. This is ezCater’s first international expansion move.

If you’re in charge of ordering catered lunch at your office, you probably have heard about ezCater . The company lets you order breakfast, lunch or dinner for 10, 30 or maybe 100 people at once. This service could be particularly useful to impress a client, throw an office party, get lunch together during an off-site and more.

But ezCater doesn’t cook anything itself. The company is a marketplace and connects you with catering companies and big restaurants around you. In other words, ezCater lets you browse the menu of dozens of restaurants around you from the same website and place an order without picking up the phone.

Of course, ezCater didn’t invent catering. But catering is a fragmented industry with a lot of friction. It’s hard to know how much you’re going to pay in advance, it takes a lot of effort to find a new restaurant outside of your usual list. And restaurants could use a new way to promote their offering. Those are the perfect ingredients to create an online marketplace.

You may already know all the options around your office, but ordering through ezCater provides additional benefits. For instance, all your receipts are centralized in the same interface, which lets you get a clear overview of your spendings on catering.

You can also let other people order food for their clients and events. ezCater lets you set maximum amounts, tipping policies and more.

GoCater offers more or less the same thing, but in France and Germany. The company started as a spinoff from French startup La Belle Assiette. GoCater lets you create a whitelist of catering options. You can also set up an approval system so that the intern doesn’t order ice creams for everyone. Finally, GoCater clients only get billed once per month, even if companies order multiple times.

You pay the same price if you order through GoCater or the catering company directly. Catering companies end up paying a cut on GoCater orders. But the startup takes care of billing, accounting and accounts receivable. This way, you can focus on your core business instead of chasing money from past clients.

ezCater is an order of magnitude bigger than GoCater. ezCater works with 60,000 restaurants, while GoCater only has a few hundred restaurants on its platform. It’s worth noting that ezCater has been around for much longer.

But GoCater has one big advantage over ezCater — they have a team on the ground in Europe, ready to attract new restaurants and corporate clients. It’s clear that ezCater was looking for a way to get started in Europe, and GoCater seems like the right fit.

For now, the company will keep both brands after the acquisition. The teams will slowly merge the platforms into a single product.

“The entire GoCater team is staying, and we’re now going to rapidly expand the European team of the company — both the sales team for Europe and the tech and product team for the group,” GoCater founder and CEO Stephen Leguillon told me.

Wilson is like Longreads for podcasts

Meet Wilson, a new iPhone app that plans to change the way you discover and listen to podcasts. The company describes the app as a podcast magazine. It has the same vibe as Longreads, the curated selection of longform articles.

With its minimalistic design and opinionated typography, Wilson looks like no other podcasting app. On an iPhone X, the black background looks perfectly black thanks to the OLED display. It feels like an intimate experience.

Every week, the team selects a handful of podcast episodes all tied together by the same topic. Those topics can be the Supreme Court, the LGBTQ community, loneliness, dads, the World Cup…

Each issue has a cover art and a short description. And the team also tells you why each specific podcast episode is interesting. In other words, Wilson isn’t just an audio experience. You can listen to episodes in the app or open them in Apple Podcasts.

Navigating in the app is all based on swipes. You can scroll through past editions by swiping left and right. You can open an edition by swiping up, and go back to the list by swiping down. This feels much more natural than putting buttons everywhere.

Wilson also feels like tuning in to the radio. Podcasts are great because they let you learn everything there’s to learn about any interest you can have. But it also narrows your interests in a way. Podcast apps are too focused on top lists and “you might also like” recommendations.

Gone are the days when you would switch on the radio and listen to a few people talk about something you didn’t know you cared about. Human editors can change that. That’s why Wilson can be a nice addition to your podcasting routine.

Tempow’s Bluetooth stack can improve your TV setup

French startup Tempow has been working on improving the Bluetooth protocol at a low level to make it more versatile. The company is introducing a new audio profile for your TV or set-top box.

TV and set-top box manufacturers can license Tempow’s software and integrate new features in their devices. It works with regular Bluetooth chips, but it opens up new possibilities.

In particular, Tempow has been working on a one-to-many pairing model. You can pair multiple Bluetooth speakers with your TV to create a wireless surround system using good old Bluetooth speakers.

The reason why soundbars slowly replaced 5.1 systems is that you don’t have to run cables on the floor to the back speakers. Tempow solves that, and Bluetooth speakers are much cheaper than a bunch of Sonos speakers.

With Tempow’s stack, you can also stream different audio tracks to different devices. In other words, you could pair multiple headphones with your TV and watch a movie in different languages. If your kid is too young to read subtitles, you no longer need to make compromises.

You can also configure each speaker individually so that you can reproduce the same sound profile across the board, even if you’re using speakers from different brands.

The startup first worked on an audio profile for smartphones. For instance, if you have a Moto X4 phone, you can pair it with multiple Bluetooth speakers at once. With today’s news, the company is expanding beyond smartphones. But it’s still about Bluetooth.

Apple reportedly confirms keyboard reliability fix in internal document

An internal Apple document distributed to Apple Authorized Service Providers and obtained by MacGénération and MacRumors confirms that there’s a membrane under the keyboard to “prevent debris from entering the butterfly mechanism”. This is the first time Apple acknowledges that the third generation butterfly keyboard tries to fix unreliability issues.

“The keyboard has a membrane under the keycaps to prevent debris from entering the butterfly mechanism. The procedure for the space bar replacement has also changed from the previous model,” the internal document says.

When Apple introduced the updated MacBook Pro, the company told everyone that the keyboard had been updated for quieter typing. But iFixit found out that the company actually added thin silicon barriers under each keycap.

It’s clear that Apple didn’t want to publicly state that there is a reliability issue with its recent 12-inch MacBook and MacBook Pro models. The company doesn’t want to fuel those lawsuits.

But if you’ve been using a MacBook Pro or a 12-inch MacBook, you know that the butterfly keyboard isn’t ideal. While some people love typing with it, the main issue is that it’s not reliable. Sometimes, keys become stuck, you can’t use a letter, or it inserts two letters every time you press that key.

Even worse, if you try to bring it to an Apple Store to get it fixed, it’s an expensive process that involves replacing a good chunk of the computer. Dust, sand or hair can render your computer unusable.

It’s still too early to say if the 2018 MacBook Pro is more reliable. But Apple needs to update the 12-inch MacBook right away because it’s outrageous that they still sell a laptop with a broken keyboard.

Meero raises $45 million for its on-demand photography service

Have you ever wondered why photos on Airbnb, UberEats and your favorite hotel platform always look so good? French startup Meero has been working on a marketplace and AI-powered technology to make it easy to get good photos of products and places.

The company has raised a new $45 million round led by Alven Capital and Idinvest. Eight months ago, Meero already raised $15 million from Global Founders Capital, Aglaé Ventures, Alven Capital and White Star Capital.

“We focused on this idea because we wanted to make the web beautiful,” co-founder and CEO Thomas Rebaud told me last year. “We realized that we are all on Instagram and that photos are beautiful. But then, you go on a marketplace and photos aren’t great.”

The company first looked at the real estate market and partnered with real estate companies to optimize the photography process as much as possible.

It starts with finding a photographer. Instead of working with hundreds of photographers in hundreds of cities, Meero lets you find a photographer in over a hundred countries. Prices, contracts and processes are all standardized in order to avoid any surprise. Meero takes a cut on every transaction.

After the shooting, photographers usually have to spend hours selecting and editing the best photos. This usually takes even longer than the shooting itself.

Meero has been working on AI-powered algorithms so that you don’t have much to do. You upload your photos, and the service will automagically take care of the editing. By speeding up this process, a photographer can work on more projects. And Meero can also cut variable costs drastically — this is key when it comes to Meero’s scalability.

With today’s funding round, the startup is going to open new offices in the U.S. and somewhere in Asia. Meero will also hire more computer vision experts in France.

Meero currently has 40,000 clients and processes a new transaction every 30 seconds. Clients usually get photos within 24 hours. The company now also lets you order videos from the same platform.

Ledger finally has a good app for its crypto wallet

French startup Ledger has been working for a while on a brand new app to manage your crypto assets on your computer. The company is designing and manufacturing one of the most secure hardware wallets out there.

While it’s clear that security has always been the first focus of the company, the user experience has been lacking, especially on the software front. The company launched a new app called Ledger Live to handle everything you used to do with Chrome apps before.

That’s right, before today, the company relied on Google Chrome for its desktop apps. You had to install the browser first, and then install a new app for each cryptocurrency. There was also a main app to update the firmware. It could quickly become a mess.

Now, everything is centralized in a single app. After downloading and installing the app on Windows, macOS or Linux, you can either configure the app with an existing Ledger device or configure a new Ledger wallet.

The app first checks the integrity of your device and then lets you manage the device. You can upgrade the firmware and install apps on your Ledger Nano S or Ledger Blue from the “Manager” tab.

More interestingly, you can now add all your wallets to the Ledger Live app. You won’t have to switch from one app to another to view your wallets. When you click the add button, the app will try and retrieve existing wallets on your device. You can also generate a new set of keys (and a new wallet) from there.

Once you’ve added all your wallets, you can get an overview of your entire portfolio. The app gets historical pricing information from popular exchanges, such as Kraken and Bitfinex. You can also click on individual accounts to see how a specific cryptocurrency has evolved over time.

The portfolio interface looks like a Coinbase account. It’s well-designed and it’s a great way to get a quick look of your accounts.

Many Ledger users have been using tracker websites and apps. These services let you enter a cryptocurrency and the amount you own to get an overview of everything you own independently of the wallet.

Ledger’s new app partially replace tracker services. If you don’t need to check your balance from your phone, you can get enough information with the Ledger app. You can see your balance without having to plug your Ledger device.

The company is already working on new features. You’ll be able to view and manager ERC20 tokens in the future. So if you invested in a bunch of obscure ICOs, your tokens will be there too.

Ledger also told me that you could imagine an integration with decentralized exchanges eventually. This way, you would be able to send tokens to an address and get another set of tokens back on another Ledger-generated address. It would be a great way to exchange cryptocurrencies without signing up to a centralized exchange and leaving the Ledger app.

Watch all the interviews from TechCrunch Sessions: Blockchain

What a day. Yesterday, hundreds of people gathered in Zug, Switzerland for TechCrunch Sessions: Blockchain. In addition to some of the key people of the Ethereum Foundation, the team interviewed the entrepreneurs behind Binance, Coinbase, ConsenSys, CryptoKitties and many other organizations.

The event was packed with interesting content. But if you couldn’t be there in person, don’t worry as you can watch everything that happened in Zug:














Disclosure: I own small amounts of various cryptocurrencies.

Deliveroo opens its first shared kitchen in Paris

Food delivery startup Deliveroo opened its first shared kitchen in Paris earlier today. Deliveroo first launched this concept of shared kitchens called Deliveroo Editions in London last year.

As the AFP reports, the company is starting with 12 kitchens in a warehouse in Saint-Ouen, right next to the north-western part of Paris. So far, 8 restaurants have agreed to make a deal with Deliveroo.

You’ll find top restaurants on Deliveroo, such as Blend, Petit Cambodge, Tripletta and Santosha. Restaurants can choose to pay a rent or get started for free and pay higher fees.

Deliveroo customers currently pay €2.50 per order for the delivery in Paris. But the company also gets a cut of the total order amount — customers don’t realize that Deliveroo gets a cut from both sides. It can be as much as 25 or 30 percent of what you order. It’s unclear how much Deliveroo is asking for those new kitchens.

But it makes sense for restaurants that can’t expand indefinitely. Deliveroo lets you accept orders without any additional table.

Gérard Julien / AFP / Getty Images

While there are multiple Blend or Petit Cambodge restaurants in Paris, they can’t deliver everywhere around the city. But opening a new restaurant also represents a huge investment.

That’s why those Deliveroo kitchens can be a good compromise. You can hire a handful of people and see if there’s enough demand in the area. It’s also a good way to differentiate Deliveroo from UberEats and other compatitors.

This is the first site in France. Let’s see if it gets out of control like in the U.K. The Guardian reported that Deliveroo Editions are now tiny containers with no window on car parks. It gets hot in the summer, cold in the winter, and you can hear a ton of mopeds getting orders from those metal boxes.

Deliveroo first started with the idea of helping regular restaurants accept online orders — not just pizza places with existing delivery persons. But containers on a car park don’t sound as attractive.

Gérard Julien / AFP / Getty Images