Originally posted by linner
View Post
Announcement
Collapse
No announcement yet.
WireGuard Sees Native, High-Performance Port To The Windows Kernel
Collapse
X
-
-
Originally posted by aspen View PostIt's just that context switching between kernelspace and userspace is expensive, and therefore it's more performant to offload some of it to kernelspace.
[1] - The Graphics Device Interface is responsible for tasks such as drawing lines and curves, rendering fonts and handling palettes. The Windows NT 3.x series of releases had placed the GDI component in the user-mode Client/Server Runtime Subsystem, but this was moved into kernel mode with Windows NT 4.0 to improve graphics performance.
Comment
-
Originally posted by linner View PostThere us just something about a product like WireGuard being built in to the kernel that makes me uneasy. At least OpenVPN can run as "nobody".
An exploit in WG could mean remote root access, no? :/
that being said, connecting to a malicious wireguard VPN that (assuming there is a potential exploit, which is good safety practice) it is entirely possible that they could form malicious packets that could corrupt it. but honestly don't see it being a great issue.
Comment
Comment