Post 9mevrtElHOJmZpepH6 by d_@social.zdsfa.com
(DIR) More posts by d_@social.zdsfa.com
(DIR) Post #9mcmpQpzWJ5RKZUvGy by sir@cmpwn.com
2019-09-05T21:18:28Z
1 likes, 0 repeats
https://drewdevault.com/2019/04/19/Your-VPN-is-a-serious-choice.html
(DIR) Post #9mcs0KTiRw55F0eVBw by d_@social.zdsfa.com
2019-09-05T22:17:30Z
0 likes, 0 repeats
@sir One thing to note about WireGuard is that it's by default less private than OpenVPN right now, so one must be careful about that.
(DIR) Post #9mdZCNO1l5zzlTyxoe by zem@conesphere.social
2019-09-06T06:20:29Z
0 likes, 0 repeats
@sir small add on, there is a go implementation of #wireguard around and therefore it is working well on android, openbsd, freebsd and AFAIR even Mac and Windows (windows client is still beta)
(DIR) Post #9mdvmMIBVClvmtoPvk by guneyd@mastodon.social
2019-09-06T10:33:29Z
0 likes, 0 repeats
@sir I'd also recommend https://thatoneprivacysite.net/ for an objective overview of VPN (and e-mail) providers ;).
(DIR) Post #9men2lVBTnb0BWRxJo by martijnbraam@fosstodon.org
2019-09-06T20:31:18Z
0 likes, 0 repeats
@d_ @sir how is it less private?
(DIR) Post #9mevrtElHOJmZpepH6 by d_@social.zdsfa.com
2019-09-06T22:10:13Z
0 likes, 0 repeats
@martijnbraam @sir > The WireGuard protocol alone can’t ensure complete privacy. Here’s why. It can’t dynamically assign IP addresses to everyone connected to a server. Therefore, the server must contain a local static IP address table to know where internet packets are traveling from and to whom they should return. It means that the user's identity must be stored on the server and linked to an internal IP address assigned by the VPN.https://nordvpn.com/blog/nordlynx-protocol-wireguard/
(DIR) Post #9mfmC5FaJPBWAkHWOO by sir@cmpwn.com
2019-09-07T07:55:34Z
0 likes, 0 repeats
@d_ @martijnbraam rich coming from NordVPN which uses authentication to tie you to your breaking billing info
(DIR) Post #9mfoXdbvxIxsjG8n4a by martijnbraam@fosstodon.org
2019-09-07T08:22:43Z
0 likes, 0 repeats
@d_ @sir I don't see how the ip being static or dynamic changes anything, the host still needs to know what traffic to route to you. also the ip addresses inside the tunnel don't need to correlate with anything actually.wireguard removed all provisioning crap from the protocol, which is a good thing. if provisioning worked on openvpn I wouldn't need a 30 line config file on the client side...
(DIR) Post #9mg7ThbR4OIb53kEMK by minus@cmpwn.com
2019-09-07T11:54:12Z
0 likes, 0 repeats
@sir @d_ @martijnbraam They fail to convey the actual problem. Is the problem that they have to store the user's public key and according private IP on all their nodes? When using OpenVPN you transmit user/password, which doesn't seem any better.
(DIR) Post #9ml7PAjq9YzWK2Uuzg by d_@social.zdsfa.com
2019-09-09T21:47:45Z
0 likes, 0 repeats
@martijnbraam @sir I guess I'm a bit on the paranoid side, I don't fully understand OpenVPN vs. Wireguard so I've been conservative about jumping on to it.
(DIR) Post #9mmPNMqdl04zk6DVfU by martijnbraam@fosstodon.org
2019-09-10T12:43:47Z
0 likes, 0 repeats
@d_ @sir if you're self-hosting wireguard then it doesn't matter a bit. and in most cases wireguard is easier to set-up