Jennifer Raiford

EPN was designed around different assumptions than legacy VPN architecture, which is worth explaining ahead of the public release. Legacy VPNs route traffic through a fixed tunnel and substitute a provider IP for the user’s. That design addresses IP masking but leaves session persistence, static routing, and credential-based access unchanged. The architecture has not materially evolved, and those structural properties remain observable by network-level adversaries. EPN is built on a different design premise. Sessions do not persist beyond their intended scope. Routing is dynamic rather than fixed. Access control is tied to cryptographic identity rather than credentials alone. Devices operate within trust-bounded clusters, and application traffic is segmented at the network layer. These properties are architectural and not available as features on top of static tunnel infrastructure. Geo-restriction bypass is a valid use case for legacy VPNs and one they address adequately. It is not, however, a privacy property. Under a threat model concerned with session correlation, traffic profiling, or persistent surface exposure, IP substitution alone does not reduce meaningful attack surface. The comparison table below outlines nine capabilities relevant to network-layer privacy and shows which are present in EPN and which are absent from standard VPN implementations.​​​​​​​​​​​​​​​​ Enigma Private Network public release is around the corner. $ENX

As the world shifts toward volatility and uncertainty, governments and jurisdictions attempt to control it by applying pressure on both people’s privacy and their tools. Enigma Private Network is designed to comply with most jurisdictions while delivering unmatched privacy and security. Dive into our compliance documentation to discover how EPN addresses these challenges. https://t.co/rwSxVse59a

“We knew you had a story, if you are in this room, we knew there was a story.” That was a deep moment for me. Hearing Renata talk about when we 1st met at WestPoint @ (JSACS) Joint Service Academies Cybersecurity Summit. Yes. I had been invited into the room. Let your work speak for itself. Be intentional about your steps and step boldly.

When Governments Go to War, Digital Control Follows Russia's full-scale invasion of Ukraine in 2022 confirmed something that has repeated in every major conflict since: information control and military action now run on the same timeline. VPN demand in Russia surged by orders of magnitude within 72 hours as the Kremlin restricted Facebook and Twitter the same week it deployed forces. The simultaneity was not incidental. When states mobilize, controlling what their populations can see and communicate becomes a parallel objective. What has developed since is a broader pattern. Digital control is no longer purely defensive. Governments restrict their own populations during conflict, but they also attempt to shape the information environments of other nations, export their regulatory architectures to partner states, and treat connectivity as leverage in geopolitical contests. The tools and precedents circulate. Each conflict cycle expands the range of governments that have deployed them. In that context, privacy infrastructure is not a product category responding to consumer demand. It is the primary technical domain where individual agency and expanding state control remain in direct contest. Iran: Precision Shutdown as Operational Capability Iran is where the current ceiling of state-level internet suppression is being tested under real conflict conditions. Approximately 86 to 93% of Iranians use VPNs as a default mode of internet access, according to the Tehran E-Commerce Association. This is not an edge behavior. It is the documented baseline because unfiltered access to the global internet is not available. The government formally prohibited unauthorized VPN use in February 2024, requiring state approval for international connectivity. Usage increased. The filtering infrastructure operates at the protocol layer. Deep packet inspection systems inspect TLS SNI fields, DNS queries, and HTTP hostnames. Non-whitelisted protocols, including standard VPN configurations, are dropped silently at the network edge. The system does not block by IP address. It filters by traffic signature, which defeats standard VPN architectures regardless of server location. This is documented in research by OONI and analyzed in detail by Lange et al. (2025). The June 2025 shutdown, executed during the twelve-day conflict with Israel, introduced a further capability. Prior shutdowns withdrew BGP routes — a blunt mechanism visible to external network monitors. In June 2025, researchers at the Miaan Group, ASL19, and IODA documented a different approach: BGP routes remained announced globally, so Iran appeared connected from outside. Domestically, access to international resources had collapsed. Standard outage detection tools registered nothing unusual. Identification required active in-country probes measuring application-layer reachability. The operational implication is specific: a government can sever its population's access to international information during active conflict while remaining, from an external monitoring perspective, a connected and reachable network. Proton VPN's general manager David Peterson noted that usage spiked in the hours immediately before the blackout as Iranians attempted to reach international news about Israeli strikes, then dropped as the infrastructure rendered those tools below functional thresholds. Eleven million people ended up relying on Psiphon bridges. Others covertly activated Starlink dishes, the one link outside the filtering layer. By January 2026, the architecture had a name: "Filternet Plus." A domestic intranet routing all traffic through state-controlled endpoints while the network externally appears intact. This is relevant beyond Iran's borders. The FREEDOM Act, introduced in the US Congress in December 2025, acknowledges that Iranian citizens' access to international information during conflict is a US foreign policy variable. When a government can execute a precision shutdown invisible to standard monitoring, the capacity of external parties to support civil communication collapses with it. Other governments are studying this model. The design is replicable. Mexico: Institutional Compromise as the Attack Vector Mexico presents a structurally different failure mode. The privacy threat is not a government severing international connectivity. It is an environment where the institution designated to protect journalists and the organization targeting them may share the same information. Reporters Without Borders ranked Mexico third globally for journalist deaths in 2024, behind Palestine and Pakistan. The number of journalists killed in 2025 surpassed the full-year 2024 total before mid-year, according to OCCRP. Freedom House documents persistent "zones of silence": regions where covering organized crime carries a credible physical consequence, producing measurable self-censorship across local media. The digital threat model here is not protocol-level filtering. Cartels monitor platforms systematically to identify anonymous accounts and cross-reference behavioral patterns with physical location data. Investigative journalist Humberto Padgett's 2024 case is representative: enrolled in Mexico's government journalist protection program, his security assessment and personal contact details were transmitted through that program to the parties threatening him. The exposure was not a technical failure. It was an institutional one. Mexico then eliminated the two oversight bodies responsible for accountability in this domain. The Federal Telecommunications Institute and the National Institute for Transparency were both disbanded through constitutional reform in November 2024. Documents released in a 2025 NSO Group legal case confirmed that Mexican authorities used Pegasus spyware against over 450 individuals in a two-month window in 2019, directed domestically at journalists and civil society. The US designation of several Mexican cartels as foreign terrorist organizations in early 2025 made digital communication across the US-Mexico border an active surveillance surface for multiple parties simultaneously. Privacy tools designed for government-surveillance threat models provide incomplete coverage in an environment where the adversary may be non-state, may have institutional access, and is tracking behavioral patterns rather than intercepting packets. The UK and Europe: A Third Model Iran and Mexico represent recognizable types: authoritarian shutdown and non-state targeting. The United Kingdom and the European Union represent a third, less obvious one: democratic governments using domestic security rationale to expand state access to communication infrastructure in ways that compress the operational envelope of privacy tools. The UK's Online Safety Act, implemented in phases from January 2024 through mid-2025, requires platforms to proactively remove illegal and harmful content under threat of fines up to 10% of global turnover and personal criminal liability for senior managers. The act includes provisions for client-side scanning, inspection of message content before encryption applies, which Apple described publicly as a direct threat to end-to-end encryption. The European Court of Human Rights ruled in February 2024 that requiring degraded end-to-end encryption is incompatible with the European Convention on Human Rights. The UK proceeded. The behavioral response from UK users was immediate. When mandatory age verification came into effect on July 25, 2025, requiring identity documentation for access to a range of platforms, VPN apps became the most downloaded applications on the UK Apple App Store within days. A petition calling for repeal of the act reached over 400,000 signatures. The Electronic Frontier Foundation noted that the UK had demanded backdoor access to Apple's encrypted storage systems, a demand that applied to British users globally. The EU's Digital Services Act operates on a parallel architecture. Platforms with over 45 million EU monthly active users are required to remove broadly defined illegal and harmful content or face fines of up to 6% of global annual turnover. The EU Commission's May 2025 internal workshop, documents from which were obtained under subpoena by the US House Judiciary Committee, classified a hypothetical post stating "we need to take back our country" as illegal hate speech requiring removal. The Code of Practice on Disinformation, previously voluntary, was formally integrated into the DSA in July 2025, making compliance with EU-defined standards on political content a legal obligation. The EU issued its first DSA non-compliance fine in December 2025, €120 million against X. The US State Department responded by issuing visa restrictions against European officials involved in DSA enforcement. The European Commission's Technology Roadmap on Encryption, published in 2025, describes mechanisms for law enforcement access to encrypted data, which the EFF assessed as a direct threat to end-to-end encryption architecture. The mechanism here differs from Iran's in implementation but not in direction. The UK and EU are not executing wartime shutdowns. They are constructing regulatory frameworks that require platforms to weaken encryption, grant state access to communication content, and enforce government-defined speech standards under liability structures that create strong incentives for over-compliance. The threat model for users in this environment is not deep packet inspection at a national border. It is platform-layer enforcement, compelled by law, that achieves the same reduction in communication privacy through a different path. A Common Direction Across Different Systems Iran blocks at the protocol layer. Mexico corrupts the institutional layer. The UK and EU reshape the platform layer. The adversary in each case is different. The direction of movement is the same. Each conflict, each civil disruption, each security rationale generates policy responses that expand the state's operational surface in communication infrastructure. Those responses accumulate and travel. Iran's filtering model is studied by other authoritarian governments. Europe's DSA framework shapes platform behavior globally. Regulatory decisions made in response to local conditions propagate outward, affecting populations and threat surfaces far beyond the originating jurisdiction. Payload encryption, what most consumer privacy tools lead with, addresses one layer. Routing metadata, session persistence, endpoint observability, and traffic timing continuity are a separate layer. State-level adversaries are now specifically engineered to extract information from that second layer. So are the compliance architectures being constructed in democratic jurisdictions, which achieve access to communication content not through technical interception but through legal compulsion of the platforms handling it. What the Future Holds The conditions producing this dynamic are not stabilizing. Geopolitical contestation across multiple regions, accelerating militarization, and the domestic political instabilities driving restrictive legislation in democratic countries all point toward more regulatory and technical pressure, not less. Each cycle produces governments more practiced at digital control, surveillance architectures more capable of defeating current circumvention tools, and regulatory frameworks that travel across borders more efficiently than the civil liberties protections meant to constrain them. Privacy is not a permanent condition. It is a variable maintained or lost depending on whether the infrastructure supporting it keeps pace with the systems designed to defeat it. In a period defined by geopolitical instability, that variable is under pressure from more directions simultaneously than at any prior point in the history of the public internet. For individuals, privacy tools represent the only domain where that pressure can be practically addressed. The gap between what is currently deployable and what current threat models actually require is the defining technical condition of the next decade. It is not narrowing. $ENX

Development Update: March 13th 2026 Current work is focused on stabilization, performance verification, and platform parity ahead of the next testing round. Client Stability & Performance Final stability tests are being conducted on the macOS client. These tests focus on connection persistence, recovery behavior after network interruptions, and general runtime stability. Network throughput diagnostics are also ongoing. The objective is to confirm that routing and encryption overhead do not materially reduce achievable internet speeds under normal usage conditions. In parallel, we’re ensuring a user centric solution for ReCAPTCHA interactions on certain websites. The goal is to determine under which routing or IP conditions these challenges appear and adjust exit node behavior where appropriate. Platform Parity Work is nearing completion on aligning the Windows client with the current macOS build. This includes feature parity, consistent network behavior, and matching configuration logic across both operating systems. Network Deployment Additional exit nodes are currently being deployed across the United States and the European Union. This expansion supports regional routing diversity and allows further measurement of latency and throughput across multiple geographic paths. Next Testing Phase Application packaging for both desktop clients is underway. Once packaging and deployment checks are complete, invitations for the second round of beta testing will be issued. Further updates will follow as testing data becomes available.

We are proud to announce that Enigma has partnered with Syngenity, a global leader in TISAX consulting, an elite cybersecurity standard for the global automotive industry. Enigma will work with customers that wish to upgrade their networks to meet the rigorous TISAX cybersecurity requirements related to zero trust network access. Existing clients for Syngenity include: Google J.P. Morgan Mercedes-Benz BMW Volkswagen Texas Instruments Continental $ENX

RAVID is at the very core of the Enigma Protocol. Contrary to traditional network infrastructures, RAVID provides a fluid network infrastructure. It continuously randomizes routes, nodes and session characteristics by distributing traffic across adaptive tunnels that change over time based on network conditions and risk models. There is no permanent topology to observe and no single point that exposes the whole network when discovered by attackers. The RAVID framework allows for creating customized and future-proof privacy applications with zero metadata leakage. $ENX

I am excited to announce my upcoming trip to Tel-Aviv, where I have been personally invited to join the Global CISO panel as a speaker representing Enigma at the 2026 Cybertech Global Conference. The discussion will primarily revolve around Al governance, national cyber resilience, and the deployment/expansion of Enigma. https://t.co/IDt59jsdVT $ENX

Episode 4: Enigma Private Network (EPN) Technical Deep Dive. Presented by our Chief Architect and members of the Development Team Live Stream: Saturday, January 10th at 3:00 PM EST Join us for an in depth exploration of Enigma Private Network (EPN) Enigma’s revolutionary private connectivity solution powered by the RAVID foundational network layer. EPN redefines secure access by replacing traditional VPNs with identity based private connectivity, where access is governed by verified identity rather than IP addresses or network location. $ENX