8/8/2023 0 Comments Airvpn android![]() I don't even want to defend AirVPN developers because their software "Eddie" for Linux is ugly, IMHO, and I say it as an AirVPN customer too. I don't agree, but I don't want to act as an outstanding coder. So at the moment OpenVPN is the best we've got as an alternative to IPSec (which is quite frankly a pain to deal with, especially in NAT environments and so unsuitable for road warriors). ![]() Maybe in 12–24 months things might have changed at WireGuard to an extend that makes it more worthy for consideration. Until such time as its had a full suite of codebase reviews, including multiple independent security audits, I refuse to touch it for production. The WireGuard homepage makes it quite clear in no uncertain terms that WireGuard is still a work in progress. That said, to give them their due, when a CVE worthy issue arises, they are quick to react and issue a patch (or at least no slower than your average).Īs for WireGuard, yes, I'm looking forward to it. ![]() The lack of support for modern algos is also frustrating, although not exactly a deal breaker. We're now in 2020, IPv4 depletion is no longer a distant thought, and yet OpenVPN still don't have full support for IPv6. Their continued lack of interest in IPv6 is a prime specimen. > Surely it's good though that someone has started adding ChaCha20 and Poly1305 to OpenVPN?įor sure, but maybe they should put more effort into getting Wireguard support for their servers instead?Īs a paid customer of OpenVPN I have to admit I find their attitude over certain matters incredibly frustrating. If you're going to pursue something as major as forking OpenVPN, it's really on you to provide some evidence that people should trust your work. There's no evidence that it's fixing any "critical bugs" that the OpenVPN project is ignoring, and if the changes are worthwhile they should just be upstreamed. All of the changes are by a single user without any clear indication that they've been reviewed by someone qualified to do cryptography.Īnd above all there's no obvious reason this fork needs to exist. I'm not a cryptographer and can't vouch one way or another for the safety of their fork, but a lot of the changes are just stuff like moving whitespace around, and the stuff that isn't pointless sometimes involves changes to important cryptography functions without clear explanations or justifications given in the commit messages. There's not a lot here, but what is there leaves you kind of confused about what the point is.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |