-1
OpenVPN vs. WireGuard
lock
OpenVPN vs. WireGuard - ProtonVPN Blog
protonvpn.com
external-link
OpenVPN and WireGuard are arguably the two most useful VPN protocols for modern VPN users. We look at the pros and cons of each.

CHEF-KOCH
mod
creator
banned
link
fedilink
-26M

I warned people, this is what going to happen if you troll.

CHEF-KOCH
mod
creator
banned
link
fedilink
-9
edit-2
6M

WireGuard just got roasted. Told you so. Everyone hyped Wireguard and I always said it is overhyped. Lots of blah with nothing behind. Their apps do not have a kill-switch or indicator when you drop the connection, which is dangerous as hell.

Edit

I also like to add that a rewrite in Rust could help the OpenVPN Team to deal with higher CPU usage as well as battery drainage, this is theoretically, my assumption needs a test to prove my theory. But I would estimate that you reduce the usage by avg. 20 percent which would help a lot especially IoT devices like routers to deal with higher CPU and energy hunger.

In theory OpenVPN is a bit fixable in this regard, but apparently no one mention this for no reason. I would not abandon it just yet.

krolden
banned
link
fedilink
5
edit-2
6M

removed by mod

CHEF-KOCH
mod
creator
banned
link
fedilink
-5
edit-2
6M

Proton does not use Wireguard as default. You can choose it from the menu if you want too. It depends on if your device and kernel supports it + your preference which you select from within the app.

krolden
banned
link
fedilink
4
edit-2
6M

removed by mod

CHEF-KOCH
mod
creator
banned
link
fedilink
-4
edit-2
6M
  • Yes please read the full thing, it depends on your kernel, if your kernel does not support it will use OpenVPN.
  • ProtonVPN also changed their client in order to enforce their defaults, the official app has no such options nor any fallbacks.
  • Proton does it because of speed reasons, not security, as they write in their comparison, it also depends on if you are free users or not + if you use the official app, the proton app or not. For the official app you need to download the configuration files, which are your choice.

ProtonVPN now uses WireGuard by default because it is secure while also being faster and more efficient than OpenVPN.

krolden
banned
link
fedilink
6
edit-2
6M

removed by mod

CHEF-KOCH
mod
creator
banned
link
fedilink
-6
edit-2
6M

It is a roast because you need to heavily modify the source code and your app to address flaws which the official app and the protocol fails to provide by default. To name one example in particular - on Windows the Gui does not show if you are still connected or not and there is no kill-switch. The Proton Team addressed this flaw in their client.

ProtonVPN simply fixed the mentioned things and enforces specific stuff for their users, however you can still decide what to choose at the end.

However, the chart proton team provides is flawed anyway, I just saw it. OpenVPN list 8 bullet points while WireGuard has 9 AND the Team lists Secure and Security is theoretical in their chart which contradicts itself a bit or is at least misleading, there is no audit of WireGuard, there was only a code review by the Linux Team which is not the same as an independent audit.

krolden
banned
link
fedilink
5
edit-2
6M

removed by mod

CHEF-KOCH
mod
creator
banned
link
fedilink
-6
edit-2
6M

This is not the point. The point is that WireGuard has lots of issues and a history of rejecting other third-party clients.

  • Your WireGuard thing is pointless in some countries, because they simply block the ports, you mention a workaround for this, but the entire speed argument goes to zero if you need to rely on such workarounds.
  • The Tunsafe developer got attacked because he introduced his own GUI.
  • Windows is not the only OS. Some people use XP, or X. This is a problem because you need to make your OS compatible, this is more effort for the developers.

It is simple over-hyped, for no reason. I mean, there are other security problems with it.

The promised, easier to use slogan can also not be fulfilled, at the end you have similar config effort to make. I just do not see it, it simply needs a lot of more work and is far away to get my recommendation.

@pinknoise
banned
link
fedilink
3
edit-2
6M

removed by mod

CHEF-KOCH
mod
creator
banned
link
fedilink
-3
edit-2
6M
  • No one claimed here that VPNs are used to be anonymous. It is to obfuscate your IP, or shall I say your real location. Encryption is something we could argue about, since there are ways, easy ways to do that without VPN. Nothing more and nothing less, the rest is marketing. Proton mentioned that it is no solution for censorship in their chart, which we already discussed here and there is nothing further to add.
  • Quoting and cherry-picking something without context is not helpful. I was referring to the fact that you need to make your kernel - or OS - compatible.
  • WireGuard has no independent audit, I think this is concern enough. The Linux code review was basically showing many problems with WireGuard, you find all over the internet reports from IP leaks, DNS leaks. I mean I personally do not care because I know how to deal with it but it was promised to be easier to use for users and developers, this was and is absolute not the case, in fact Proton and the Linux community fixed lots of things in their own clients and submitted lots of feedback.
  • WireGuard is the newcomer and OpenVPN exist much longer and got independent audits. This argument is enough alone to keep using it.
  • Breaking e.g. block ciphers is easier than you think and yes, cracking something can happen overnight, you claim something without any evidence at all.
  • I do not even started to question the professionalism behind WireGuard, I know there is less, because to just name one example the Team does not even release a changelog for their clients. You have to go to the source, check everything yourself, this is far away from been professional.
  • If you want a link only with some of the security concerns that are still unfixed, here.

This thread here will also not a bashing or fanboyism or what is a VPN discussion, or I will lock the conversation.

Bring hard evidence, evidence that is verifiable, rest is blah blah on both ends. I will not waste my lifetime with fanboys, I did this yesterday.

@pinknoise
banned
link
fedilink
2
edit-2
6M

removed by mod

krolden
banned
link
fedilink
2
edit-2
6M

removed by mod

  • 0 users online
  • 1 user / day
  • 1 user / week
  • 1 user / month
  • 106 users / 6 months
  • 133 subscribers
  • 1.68K Posts
  • 584 Comments
  • Modlog