Creating Self-Hosted VPN Servers With Algo

When the Senate voted to repeal internet privacy rules and allow ISPs to sell data about their customers without consent, recommendations for third-party VPN services increased. These services keep your internet connection on public networks safe and secure, but they shouldn’t be relied upon if you value your privacy. While your internet traffic is encrypted between your device and the VPN service, it’s still being routed—and likely logged—through someone else’s server. Ultimately, you can never know for sure what they do with this data or who has access to it.

Reputable VPN services make this quite clear. Peter Sagerson, one of the co-founders of Cloak, wrote a detailed blog post in 2013 explaining what his service can and cannot do:

Cloak is designed to keep you safe from threats on public and untrusted networks, like at coffee shops, airports, hotels, and conferences. We believe that our policies strike a strong balance for meeting this goal.

This said, we wish to remind you that Cloak is not intended to keep you safe from repressive governments, to provide you with online anonymity, or to otherwise shield you from potential data collection on the Internet at large. We are of the opinion that no third party VPN service is sufficient to meet these goals, regardless of logging policies or legal jurisdiction. If you need true anonymity, or you need to stay safe from repressive regimes, we strongly recommend avoiding all third party VPNs (including Cloak!). Instead, you might consider using something like the TOR Browser Bundle — although even TOR is no panacea.

A self-hosted VPN server is another option worth considering as you have complete control over it. They’re generally not recommended, however, because of the level of complexity in creating and maintaining them. But thanks to security firm Trail of Bits, the entire process can be done automatically.

Algo is an open-source command-line tool that automatically creates a VPN server using any of the supported cloud-hosting platforms. Don’t let the fact that it’s a command-line tool put you off; all it needs is an API key for your chosen platform and answers to a few yes or no questions. The entire process takes less than ten minutes, most of which is spent watching Algo’s various scripts set up and configure the server.

After using Algo, I had a VPN server set up on Digital Ocean that was ready to use immediately. Algo even creates configuration profiles for macOS and iOS so these devices can be automatically configured1.

Each VPN server created with Algo is fully disposable. If you’re concerned there may be some issues with the VPN server you’ve created, or only needed one temporarily, just delete it when you’re done—you can create a new one at any time. This is especially useful as an alternative to ongoing server maintenance since you can simply create and delete VPN servers as needed.

If you use a VPN service or are considering using one, I highly recommend you check out Algo.

  1. Configuration profiles for iOS can only be installed if they were received via email (in Mail) or have a direct link that’s opened using Safari. I used Algo on a Linux server via Coda on my iPad and downloaded the profile, but couldn’t do anything with it until I emailed it to myself and opened the attachment in Mail. 

Services Are Already Starting to Support JSON Feed

That didn’t take long. Popular feed reading services Feedbin, Inoreader, and NewsBlur have each announced immediate support for JSON Feed.

I’ve tested this with NewsBlur by replacing a few RSS feeds with JSON and it works perfectly. If you use one these services, consider using JSON feeds wherever possible. The more they’re used, the more widely adopted they’ll be.


Earlier this week, Manton Reece and Brent Simmons announced their development of JSON Feed, a spec for JSON-formatted feeds that would be an alternative to the XML variants of RSS and Atom:

We — Manton Reece and Brent Simmons — have noticed that JSON has become the developers’ choice for APIs, and that developers will often go out of their way to avoid XML. JSON is simpler to read and write, and it’s less prone to bugs.

So we developed JSON Feed, a format similar to RSS and Atom but in JSON. It reflects the lessons learned from our years of work reading and publishing feeds.

In many ways, JSON Feed looks like it could be the Markdown of syndication formats–it’s so much more lightweight and easier to work with than XML. Brent and Manton have put a lot of thought into the spec and the result is one that better fits the needs of different styles of blogging, from Daring Fireball-esque link posts to microblog updates that don’t use titles. It even takes into consideration attachments for use with podcasts (both audio and video), and is scalable with extensions that further enhances it.

It took only a few minutes to create the following template and add a JSON feed to this Jekyll-powered site.

It won’t be long before apps start to appear that support JSON feeds. In fact, Maxime Vaillancourt has already created a web-based JSON feed reader. It serves as great way to test that your JSON feed is working and validates according to the spec. Maxime was also gracious enough to help debug my feed as it wasn’t validating properly (he noticed it was being output as text/plain instead of application/json).

I have high hopes that JSON feed will be successful and encourage anyone who runs their own blog to support it. If you manage your own site, it takes so little time to create a working feed. WordPress users can even use a plugin that Brent and Manton have created to generate the feed automatically.

On Apple’s Services

Ryan Christoffel at MacStories writes about his experiences using Apple’s services, and how he feels their historically bad reputation is perhaps no longer true:

Services are a key component of modern Apple. The way the company defines itself, along with the numerous services shoutouts in quarterly earnings calls, prove that.

Despite Apple’s increased focus on services, the common narrative that the company “can’t do services” still hangs around – in online tech circles at least.

But is that narrative still true, or has it grown outdated?

That reputation was hard-earned through years of reliability and usability issues. It’s not surprising that many in the Apple community would rather use a third-party service than one offered by Apple.

Until recently, I’d been using many of Apple’s services and had been for years. As I switched from macOS to iOS, I re-evaluated all of the services I’d been using and decided it was a good opportunity to try and move further into Apple’s ecosystem.

My experience has been the same as Ryan’s: Apple’s services really are very good and that poor reputation isn’t reflective of what the company achieves today. I’ve since gone all-in and even moved away from some popular third-party alternatives completely.

  • iCloud Mail: I’ve been iCloud Mail for personal email since 2004 (back in the .Mac days) and it’s been completely dependable. It’s always worked for me, has excellent spam filtering, and isn’t trying to do anything complicated. It’s a simple, reliable email service.
  • Notes: I switched to Notes from Evernote after the major revamp in iOS 9. I’ve used a few other note-taking apps since then (such as Bear) but I just keep coming back to Notes. It’s simplicity is one of it’s greatest features and it’s always worked perfectly well for me.
  • Reading List: I ditched Instapaper and Pocket last year because of near-constant problems with both services failing to get the full text of many articles I sent to it, as well as some annoyances with their iOS apps. Reading List does exactly what I need from a read-later service: save an entire web page for offline viewing. If I want a better reading experience, I can enable Safari Reader to strip away the site’s cruft.
  • iCloud Contacts and Calendars: Not really much to say about contacts and calendars. They work reliably for me and I’ve had no issues with these services at all.
  • iCloud Drive: I almost never use Dropbox nowadays. Everything I need is stored in iCloud Drive and all the apps I use to create or edit files (e.g., 1Writer, MindNode, Pixelmator, etc.) support it. I still keep Dropbox around for access to one shared folder, but I find iCloud Drive to be perfectly sufficient for my needs.
  • Photos: I have tens of thousands of photos (including RAW) in my photo library and I’ve never had problems. Photos taken on my iPhone (or transferred from my DxO One) sync to my iPads straight away. The only issue I ever had was the initial upload from my Mac slowing my internet connection down because it was somehow using all the available upload throughput.
  • Apple Maps: Like Ryan, this is my preferred mapping app. There’s no question that it still suffers from incorrect or outdated information, but I find this to be a rare occurrence in my experience. Transit information for New York City is excellent and I regularly make use of the integration with Apple Watch. I previously used CityMapper for transit directions, but nowadays the only reason I open it is just to view the subway map when I’m between stations. Integration with apps like Yelp, Lyft, and OpenTable makes the Maps experience particularly useful.
  • Apple Pay: It’s damn-near magic. I use Apple Pay regularly in apps, on the web, and in stores–it’s always a flawless experience. It’s availability in the real world is still haphazard, but that’s not so much the fault of Apple as it is the banking and card industry as a whole.
  • iTunes and TV: Although we have cable TV, almost all our viewing is done through an Apple TV. Most of this is through the TV app, powered by the various networks and their own respective apps. It’s also nicely integrated with the content we’ve purchased in iTunes. One feature I particularly like is the “Open In” option, which has saved us paying for a movie or TV show on more than one occasion because it was available through a particular service, such as HBO. Unfortunately, Verizon isn’t yet supported as a cable provider for single sign-on, so I have to complete a manual activation of apps whenever I install them.
  • Apple Music: I subscribed as soon as it was available and canceled my Spotify subscription in the process. The Music app is still a usability nightmare at times, but it works for what I need it for. As a service, I can find, sync, and download music, and my iTunes library is available on all my devices. My music taste is both broad and specific (if that’s even possible), so I don’t often use the curated playlists or featured artists.
  • Apple News: This is my most recent change. Before iOS 10, I found Apple News to be generally pretty awful. Now, it’s my preferred way of catching up on the news. I have a Washington Post subscription that seamlessly works in Apple News, and it’s just a pleasant reading experience in general.
  • iMessage: This is the only messaging service I use regularly and and it does a good job of making sure messages are sent and received between friends and family. There are some annoyances, such as the frequent issue of having separate message threads with the same person, but this doesn’t affect the fundamental service of sending and receiving messages.
  • Siri: Oh Siri, the black sheep of the Apple services flock. I want to use Siri more, but I find it’s too limited in what it can do and often has trouble understanding what I’m saying. In comparison, our Amazon Echo understands me almost every time. Last week, my wife and I wanted to watch the movie “Interstellar”. I used the Siri remote to search for the movie, only for it to try to look up “Into Stella”. I tried several times without success, yet my wife was able to find the movie on the first try. Curse this refined British accent! And as for Siri on Apple Watch… hang on, I’ll tap you when I’m ready.

There are a few services that Ryan doesn’t go into detail about which also deserve a mention:

  • FaceTime: All my family back in the UK have iPads and iPhones, and we stay in touch using FaceTime. Apple did a tremendous job making it as frictionless as possible, and I honestly don’t think I’d see some members of my family nearly as much if it also had to involve logging into Skype. It’s hard to express just how wonderful this service is.
  • iCloud Tabs: I’m frequently switching between two iPads and an iPhone, and iCloud Tabs helps me keep track of pages I’m viewing. It doesn’t always sync immediately, but I never need to wait more than a 10-30 seconds to view tabs on other devices.
  • HomeKit: This is technically an Apple online service, since devices can be accessed over the internet. We only have a few HomeKit devices at home, all of which are Philips Hue lights. Using our Apple TV as a HomeKit hub, everything works perfectly fine and allows us to set up schedules, control each of the lights, and manage them by room. When we’ve been out, I’ve never had a problem getting the status or controlling our lights remotely.
  • Reminders: I’ve used more task management apps than I can count, but Reminders, like Notes, is one I just keep returning to, largely in part to it’s no-frills design and deep integration. List sharing also works perfectly, and there’s no better service out there to do this. I’ve tried using apps like 2Do, but I’ve realized I simply don’t need all the additional features it offers when it comes to personal task management.

I think it’s time to reset a lot of our preconceived assumptions about Apple’s services and give them a fair chance. While there’s still plenty of room for improvement in terms of the features they offer, Apple’s range of services today are just as reliable as the alternatives, and sufficient for most peoples’ needs. For some users, like myself, they’re even better-suited.