/tech/ - Technology

101010

Posting mode: Reply

Check to confirm you're not a robot
Name
Email
Subject
Comment
Password
Drawing x size canvas
File(s)

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096

Manage Board | Moderate Thread

Return | Catalog | Bottom

Expand All Images


WireGuard ported to OpenBSD Anonymous 05/25/2018 (Fri) 07:26:39 [Preview] No. 12745
zx2c4 ported WireGuard to OpenBSD... that's great to have a formally verified VPN software in one of the most secure systems today:
https://marc.info/?l=openbsd-ports&m=152712417729497&w=2


Anonymous 05/25/2018 (Fri) 07:36:55 [Preview] No.12746 del
that's actually great news
t. great news pro

by the way, when will wireguard move from testing to stable in Gentoo?
I want muh post quantum algo kernelspace VPN too!


Anonymous 05/26/2018 (Sat) 09:41:29 [Preview] No.12747 del
(1.58 MB 320x240 1581.gif)
>>12745
WireGuard is not
>formally verified VPN software

>Y-y-yes it is!
No, it's not. It is experimental software that is based on a formally verified protocol. Protip: TLS is also a formally verified protocol.

In addition:
>WireGuard is not yet complete. You should not rely on this code. It has not undergone proper degrees of security auditing and the protocol is still subject to change. We're working toward a stable 1.0 release, but that time has not yet come. There are experimental snapshots tagged with "0.0.YYYYMMDD", but these should not be considered real releases and they may contain security vulnerabilities (which would not be eligible for CVEs, since this is pre-release snapshot software).

>>12746
>I want muh post quantum algo kernelspace VPN too!
WireGuard is not post-quantum secure by default, and in order to be configured to be, it depends on a pre-shared symmetric key that has to be exchanged out of band. At this point, that means hand-delivering the key.


Anonymous 05/26/2018 (Sat) 13:40:57 [Preview] No.12748 del
>>12745 (me)
>>12747
You're right. Yet, I think it's still better than IPsec and a good improvement over OpenIKED delivered on OpenBSD. It is in development, but I think in the next year it should be more stable and secure. Good keep looking into this, for people doing their own VPN.


Anonymous 06/11/2018 (Mon) 20:33:43 [Preview] No.12787 del
>>12748
>I think in the next year it should be more stable and secure
what other untold secrets of the cosmos does your crystal ball reveal, oh wise one! ?



Top | Return | Catalog | Post a reply