Announcement

Collapse
No announcement yet.

NordLynx: NordVPN Builds New Tech Around WireGuard

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • NordLynx: NordVPN Builds New Tech Around WireGuard

    Phoronix: NordLynx: NordVPN Builds New Tech Around WireGuard

    Well known Panama-based VPN provider NordVPN has announced their NordLynx technology today that is based on the WireGuard protocol...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    It would be the best to remove the /ru/ part from the URL

    Comment


    • #3
      Great. WireGuard is simple enough that every VPN provider now spins their own incompatible fork. So we end up with no proper NetworkManager integration or even no Linux support at all, even though the underlying protocol would PERFECTLY allow it.

      (Another developer who just went down that road is Blokada.)

      Comment


      • #4
        Originally posted by aksdb View Post
        Great. WireGuard is simple enough that every VPN provider now spins their own incompatible fork. So we end up with no proper NetworkManager integration or even no Linux support at all, even though the underlying protocol would PERFECTLY allow it.

        (Another developer who just went down that road is Blokada.)
        It's not really a fork in this case: they just layer their own user-friendly client on top of WireGuard. That's because WireGuard doesn't properly tackle the management aspect of running a VPN. wg-quick doesn't really cut it for many of these providers.

        Comment


        • #5
          Originally posted by aksdb View Post
          Great. WireGuard is simple enough that every VPN provider now spins their own incompatible fork.
          Not a fork.
          They added server-side stuff in their own infrastructure to deal with the fact that Wireguard is apparently making assumptions, like that you control all the hardware that is using it.

          Other Wireguard providers had to customize with hacks their own server instances https://www.azirevpn.com/blog/2017-1...y-enhancements to make sure that users are not traceable.

          The WireGuard protocol alone can’t ensure complete privacy. Here’s why. It can’t dynamically assign IP addresses to everyone connected to a server. Therefore, the server must contain a local static IP address table to know where internet packets are traveling from and to whom they should return. It means that the real IP address of a user must be linked to an internal IP address assigned by the VPN.

          Comment


          • #6
            Is NordNet contributing anything back to the WireGuard project or making anything open source?

            Comment


            • #7
              What about contributing back those improvements to the original WireGuard project?

              Would NordLynx be contributed back or released as Free Software?

              Comment


              • #8
                Interesting I use NordVPN but also recently started deplying my own Wireguard VPN servers. So NordLynx sounds interesting

                Comment


                • #9
                  Originally posted by starshipeleven View Post
                  Not a fork.
                  They added server-side stuff in their own infrastructure to deal with the fact that Wireguard is apparently making assumptions, like that you control all the hardware that is using it.

                  Other Wireguard providers had to customize with hacks their own server instances https://www.azirevpn.com/blog/2017-1...y-enhancements to make sure that users are not traceable.

                  The WireGuard protocol alone can’t ensure complete privacy. Here’s why. It can’t dynamically assign IP addresses to everyone connected to a server. Therefore, the server must contain a local static IP address table to know where internet packets are traveling from and to whom they should return. It means that the real IP address of a user must be linked to an internal IP address assigned by the VPN.
                  The different between Azirevpn and NordVPN in the context of Wireguard is that Azirevpn released their changes as open source to the public. So I don't think that completely counts as "their own implementation" as they just removed some specific privacy-unfriendly features for use in a public VPN service. They even hired the Wireguard dev to make those changes so this means it respects the same coding style and ideas of the original WG project, which makes it easy to reimplement those changes with newer versions

                  Comment


                  • #10
                    zx2c4 this is the second VPN provider that is complaining about the same thing, are there plans (or is it even possible) to address this in Wireguard?

                    Just asking, not demanding anything.
                    Last edited by starshipeleven; 01 August 2019, 06:48 AM.

                    Comment

                    Working...
                    X