SoylentNews is people
SoylentNews
WireGuard VPN is a step closer to mainstream adoption
As of this morning, Linux network stack maintainer David Miller has committed the WireGuard VPN project into the Linux "net-next" source tree. Miller maintains both net and net-next—the source trees governing the current implementation of the Linux kernel networking stack and the implementation of the next Linux kernel's networking stack, respectively.
This is a major step forward for the WireGuard VPN project. Net-next gets pulled into the new Linux kernel during its two-week merge window, where it becomes net. With WireGuard already a part of net-next, this means that—barring unexpected issues—there should be a Linux kernel 5.6 release candidate with built-in WireGuard in early 2020. Mainline kernel inclusion of WireGuard should lead to significantly higher uptake in projects and organizations requiring virtual private network capability.
[Ed. addition] Wireguard implements a fast, modern, secure VPN tunnel. According to Wikipedia:
WireGuard is a free and open-source software application and communication protocol that implements virtual private network (VPN) techniques to create secure point-to-point connections in routed or bridged configurations. It is run as a module inside the Linux kernel and aims for better performance than the IPsec and OpenVPN tunneling protocols. It was written by Jason A. Donenfeld and is published under the second version of the GNU General Public License (GPL).
(Score: 2) by jmichaelhudsondotnet on Thursday December 12 2019, @03:00PM (8 children)
Red Hat Employee
You cannot work for the public interest while working for a private one, or at least no one should ever really trust you entirely when you are working for money.
I might be convinced by him and people who work with him that he is one of the good guys, but we are being burned on a daily basis now.
I doubt, basicaly, the public interest judgement, of anyone who has been working for a corporation like red hat. And likes it.
I would think someone like him would value his independence more than the money after a point.
No one 1 step removed from a spy agency can be trusted with next gen open source vpn. Even if the nsa guys had pre-release versions of the code, it would be enough for them to develop 0 day attacks.
So this gives me less faith in wireguard, not more. Still no one can tell me who erik brooks is, same problem.
https://archive.is/0eykD [archive.is] This is what will work, not this: https://archive.is/zyyUA, [archive.is] and sadly this looks more like the latter. I hope mr miller sees this and considers the rest of us here, who might be served up to spy and police state agencies who may, you know, kill us.
(Score: 4, Interesting) by DannyB on Thursday December 12 2019, @03:10PM (5 children)
I think one can work in the public interest while employed by a for-profit interest. But everyone should be transparent and up front about it. Thus everyone else can be duly skeptical, vigilant and observant, which is a reasonable attitude.
A for-profit interest CAN have a self interest in cooperating with others on standards that help raise everyone's boat. This would be an example of that. A better VPN mechanism benefits everyone.
Yet it is reasonable to question motives, designs and implementations. But then I would expect that other for-profit interests are equally interested in not being misled into adopting something of sinister design, and thus they are among the duly skeptical.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 3, Funny) by Bot on Thursday December 12 2019, @09:52PM (3 children)
Any decent human being happening to be a red hat employee should line up to kick the coworker Lennart in the groin. That this guy is writing VPN software instead is HIGHLY suspicious.
Account abandoned.
(Score: 2) by DannyB on Thursday December 12 2019, @10:37PM (2 children)
I missed where Lennart is involved with WireGuard. But maybe I just mist it.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 3, Informative) by Bot on Thursday December 12 2019, @11:52PM (1 child)
lennart is surely busy developing a wireguardguardd component of his init system leviathan.
Account abandoned.
(Score: 0) by Anonymous Coward on Friday December 13 2019, @12:45AM
That's "systemwireguardguardd". All the details are in the "systemjnld".
(Score: 2) by jmichaelhudsondotnet on Friday December 13 2019, @06:06PM
we will see :)
proof is in the pudding where the rubber meets the road
just hope your not the pudding in the equation
(Score: 0) by Anonymous Coward on Thursday December 12 2019, @08:00PM
Do you have a job? Do they pay you in money? if so, by your logic, you cannot be trusted.
As such, if I were you I'd ignore me completely.
(Score: 1, Informative) by Anonymous Coward on Thursday December 12 2019, @09:51PM
Uhh, Jason Donenfeld doesn't work for RedHat. He works for Edge Security, which he founded to sell WireGuard support, among other things. The whole reason WireGuard is being mainlined is because it fixes real-world problems and many people from different groups want it in. And they want it in because their best practices don't allow random third-party modules to be included in a kernel. Really, when you get down to it, the software and specification are available and you are free to verify them, as many paranoid people have. Being included in the kernel doesn't change that one bit.
I'd also suggest you look up formal verification. If the whole suite has a valid specification verified, there literally cannot be 0-day attacks in the code.