WireGuard claims to be better than OpenVPN

Herran

Bardzo aktywny
Dołączył
8 Listopad 2017
Posty
343
Reakcje/Polubienia
698
“Revolutionary VPN Project” is what WireGuard claims to be and it also says that’s overall faster than well-known solutions like OpenVPN. To be fair the application, the service and the entire development is still under construction but I want anyway take a critical look at it right now – do answer the question if it’s already worth testing it or not.
wireguard.png


Read :
Zaloguj lub Zarejestruj się aby zobaczyć!
 

spamtrash

Bardzo aktywny
Zasłużony
Dołączył
11 Styczeń 2014
Posty
4496
Reakcje/Polubienia
5905
Miasto
To tu to tam....
Let's enlighten this 2017 news.
1. WireGuard is still in development, so its use in production environment is not really recommended, however:
2. There are a handful (VPN.AC, Mullvad, IVPN, AzireVPN, WireVPN, PIA) who supports it;
3. Even if you'd have the WG protocol, e.g on Android machine - you need a kernel/ROM supporting it. The procedure is pretty simple: take e.g stock kernel into your own hand and

Zaloguj lub Zarejestruj się aby zobaczyć!
to make it working. Alternatively you can take a whole stock ROM into the kitchen, do your bits and bobs, then add a trick

Zaloguj lub Zarejestruj się aby zobaczyć!
followed by repo sync as normal.
Actually, there are a ready to apply ROMs and kernels here and which do have the feature implemented already
Zaloguj lub Zarejestruj się aby zobaczyć!


What to think about: interesting potentially in the future. I doubt if in a predictable future Samsung, Huawei etc. would include the support in their official stock ROMs (and actually I'd be very doubtful if suddenly they would...). Lack of official support in OEM ROMs = very limited accessibility to "standard" users.

Therefore, although seem to be interesting, the requirement of support by kernel actually blocks the availability for majority of users: mobile Android devices. Of course, it may change in future... I hope it will ecause the idea behind is really attractive.
 

OXYGEN THIEF

Bardzo aktywny
Członek Załogi
Administrator
Dołączył
26 Maj 2010
Posty
37304
Reakcje/Polubienia
26275
Miasto
Trololololo
Today we are excited to announce our latest project: the NordLynx technology built around the WireGuard protocol.

The emergence of WireGuard, a new VPN tunneling protocol, seemed like a breath of fresh air in the industry.
Project NordLynx
The WireGuard protocol alone can’t ensure complete privacy. Here’s why. It can’t dynamically assign IP addresses to everyone connected to a server. Therefore, the server must contain a local static IP address table to know where internet packets are traveling from and to whom they should return. It means that the real IP address of a user must be linked to an internal IP address assigned by the VPN.

To put it less technically: by implementing the out-of-the-box WireGuard protocol in our service, we would have put your privacy at risk.

How we made it work
We developed something called a double NAT (Network Address Translation) system.
To put it simply, the double NAT system creates two local network interfaces for each user. The first interface assigns a local IP address to all users connected to a server. Unlike in the original WireGuard protocol, each user gets the same IP address.

The double NAT system allows us to establish a secure VPN connection without storing any identifiable data on a server. Dynamic local IP addresses remain assigned only while the session is active. Meanwhile, user authentication is done with the help of an external database.

Linux users, try NordLynx now
Our Linux users are the first ones to get hands-on experience with NordLynx.
Zaloguj lub Zarejestruj się aby zobaczyć!
already supports it.

By default, NordVPN for Linux runs on the OpenVPN protocol. Follow these steps to switch to NordLynx: [...]
Not using Linux but want to try NordLynx? We will soon provide tutorials on how to set it up on any third-party WireGuard client.
Zaloguj lub Zarejestruj się aby zobaczyć!
 

spamtrash

Bardzo aktywny
Zasłużony
Dołączył
11 Styczeń 2014
Posty
4496
Reakcje/Polubienia
5905
Miasto
To tu to tam....

Fajnie, ale dwie rzeczy wymagaja podkreslenia:
1. to co jest na blogu NordVPN: TYLKO linuks jest wspierany
2. to czego NIE MA na blogu Norda, a co moze byc KRYTYCZNE dla kazdego usera, ze tak zacytatne ze strony samego wiresharka: "WireGuard is not yet complete. You should not rely on this code. It has not undergone proper degrees of security auditing and the protocol is still subject to change. We're working toward a stable 1.0 release, but that time has not yet come. There are experimental snapshots tagged with "0.0.YYYYMMDD", but these should not be considered real releases and they may contain security vulnerabilities (which would not be eligible for CVEs, since this is pre-release snapshot software). If you are packaging WireGuard, you must keep up to date with the snapshots."
(podkreslenia i podkolorowania moje)
 

Herran

Bardzo aktywny
Dołączył
8 Listopad 2017
Posty
343
Reakcje/Polubienia
698
When innovation knocks, what will you do: let it in or shut the door? Being forever-curious and imaginative geeks, we at NordVPN are always open to innovation. Today we are excited to announce our latest project: the NordLynx technology built around the WireGuard® protocol.
The background
Offering a high-speed connection while maintaining top-notch security is one of the biggest challenges for a VPN provider. What if there was something that could bring a radical change?
The emergence of WireGuard, a new VPN tunneling protocol, seemed like a breath of fresh air in the industry.
NordLynx-B.jpg


courtesy :
Zaloguj lub Zarejestruj się aby zobaczyć!
 

spamtrash

Bardzo aktywny
Zasłużony
Dołączył
11 Styczeń 2014
Posty
4496
Reakcje/Polubienia
5905
Miasto
To tu to tam....

Herran

Bardzo aktywny
Dołączył
8 Listopad 2017
Posty
343
Reakcje/Polubienia
698
Exciting. Is copying of others your normal hobby, or just a temporary spamming?
I don't need to copy, and not I am a spammer.
Second, before posting this post, I searched in
the search box but there was no result of this post.
Next time I will take a screenshot when the search result shows me nothing while the post has posted before.

I searched for "Meet NordLynx – the new solution for a fast and secure VPN connection"
while the topic has posted with the title of "Poznaj NordLynx - nowe rozwiązanie dla szybkiego i bezpiecznego połączenia VPN"
May be this was the reason that search result show me not posted yet. @spamtrash is this the reason for my double posting?

I searched again but not showing the other result except for my post.



I search for the whole title before posting e.g. you searched for "Search results for: NordLynx" and the above result came and i searched for "Meet NordLynx – the new solution for a fast and secure VPN connection" the result was different for me.
 

spamtrash

Bardzo aktywny
Zasłużony
Dołączył
11 Styczeń 2014
Posty
4496
Reakcje/Polubienia
5905
Miasto
To tu to tam....
I search for the whole title before posting e.g. you searched for "Search results for: NordLynx" and the above result came and i searched for "Meet NordLynx – the new solution for a fast and secure VPN connection" the result was different for me.

Self explanatory, and @Zeno provided you with the reply, so just to be precise: before posting, set search criteria as widely as possible, e.g. NordLynx instead of the whole sentence. hope you got the lesson, and you will NOT stop posting, just be more careful.
 

al

Marszałek Forum
Członek Załogi
Administrator
Dołączył
22 Lipiec 2012
Posty
10299
Reakcje/Polubienia
10917
Miasto
Somewhere over the rainbow.
@Herran ....by the way.... I have one request. Please, try to avoid making multiple posts in a row. You can edit your previous post to add new information or you can use the multi-quote feature to reply to multiple posts at once. :szef
 

spamtrash

Bardzo aktywny
Zasłużony
Dołączył
11 Styczeń 2014
Posty
4496
Reakcje/Polubienia
5905
Miasto
To tu to tam....
Maly update:
mam telefon z kernelem obslugujacym wireguard. Mam VPN ktory obsluguje WireGuard. I? I NIE korzystam. Tak, jest szybki. ale jesli chodi o VPN to szybkosc jest... no coz, nie jest przynajmniej dla mnie na pierwszym miejscu.
Co wazne a co mi umknelo w opisie poprzednim razem (a przypomnialo mi sie wlasciwie przy okazji norda) to fakt ze przez swoje zalozenia, WireGuard wlasciwie wyklucza "no logs policy".
co zostalo dosc dokladnie opisane zreszta w
Zaloguj lub Zarejestruj się aby zobaczyć!
wiec nie ma sensu powtarzac...
 

Herran

Bardzo aktywny
Dołączył
8 Listopad 2017
Posty
343
Reakcje/Polubienia
698
For years, developers have been working on this new take on the virtual private network, and now it's finally ready to go.
How much are people looking forward to
Zaloguj lub Zarejestruj się aby zobaczyć!
, the new in-kernel Linux virtual private network (VPN)? Well, Linus Torvalds said, "Can I just once again state my love for it and hope it gets merged soon? Maybe the code isn't perfect, but I've skimmed it, and compared to the horrors that are
Zaloguj lub Zarejestruj się aby zobaczyć!
and
Zaloguj lub Zarejestruj się aby zobaczyć!
, it's a work of art."
If that sounds like damning with faint praise, you don't know Torvalds. For him, this is high praise.
Zaloguj lub Zarejestruj się aby zobaczyć!
. While there are still tests to be made and hoops to be jumped through, it should be released in the next major Linux kernel release, 5.6, in the first or second quarter of 2020.
Read full :
Zaloguj lub Zarejestruj się aby zobaczyć!
 
Do góry