|
|
|
|
|
|
by atmosx
3028 days ago
|
|
|
Same here. I was planning on using WG for personal infra and was actively routing for it in a corp environment, but his attitude has put me off. I'm sticking with OpenVPN for the time being. I use viscosity as my openvpn client on macs. I love Viscosity and was planning on asking them to support WG. Not anymore though... The author seems to be stuck in a past where closed source vs open source was a binary decision. We've gone past that point in history. It's one thing to say "I can't or won't vet a closed source client, so I can't officially support it" and another to actively advise against it. On the other had TunSafe could hire a well-known third party agency to go through the source and vet the agency for security holes. That would add back and credibility taken away by the way the author responded. Since the project is open-source, if I had the resources, I might go as far as pay the same agency to vet both close-source client and the open source server implementation... But we're not talking about Cisco/Juniper/Major-Vendor here, so I don't see that happening. @ptacek (or anyone else working on this space) how much would it cost to vet wireguard for security holes? Is there a standard way of charging (e.g. per lines of code) or depends on multiple variables?
ps. Asking ptacek because of his prev comments [1]. [1]: https://news.ycombinator.com/item?id=14598639 |
|
|
You may be interested in @ptacek's response on this matter a while back[1].
[1] https://news.ycombinator.com/item?id=16327350