Bulletproof mode is a feature designed to provide a high level of anonymity for users. It is available in three different forms:
It's also available to use via VPN, Per-App VPN & Browsing Containers.
When using Bulletproof mode, each request is routed through a different exit IP, making it extremely difficult to correlate traffic. For example, a website typically relies on multiple third-party servers, such as CDNs, to serve content. With Bulletproof mode enabled, each resource (images, scripts, etc.) is loaded from a different IP address, further obscuring the user's online activities.
Bulletproof mode employs a double-hop architecture to further enhance user privacy. When connected, users exclusively communicate with a Hoody Relay, ensuring that their ISP is unaware of the multiple IP addresses being utilized. In the eventuality of a rogue ISP, which a user should always assume to be the case, the ISP logs will only record a single IP address – that of the Hoody Relay and have absolutely no idea where the request is going next.
The server seamlessly manages the process of switching between exit IPs, eliminating the need for any user intervention. This server-side implementation ensures that no technical glitch happens on the client.
To safeguard the connection between the first-hop (Hoody Relay) and the second-hop (Exit IPs), Bulletproof mode utilizes Wireguard. This encryption is not adjustable by the user, guaranteeing a consistently secure connection.
To optimize performance and reduce latency, users can customize Bulletproof mode to use exit IPs from specific regions:
By selecting a region closer to their location, users can enjoy better speeds while still benefiting from the enhanced anonymity provided by Bulletproof mode.
Bulletproof mode can be utilized in several ways, depending on the user's needs:
To witness the power of Bulletproof mode in action, users can open multiple tabs on websites that display their IP address. They will likely observe that each tab shows a different IP, confirming that their traffic is being routed through various exit points.
When a TCP socket is opened in Bulletproof mode, it associates with a specific exit IP for a duration of 60 seconds. This association is automatically extended when additional requests are made using the same socket. This mechanism ensures that websites can complete the TLS handshake without encountering issues or detecting abnormal network behavior.