> OpenVPN does not have out-of-the-box client support on any major desktop or mobile operating system. This introduces user experience issues and requires the user to update[1] and maintain[2] the software themselves. OpenVPN depends on the security of TLS[3], both the protocol[4] and its implementations[5], and we simply trust the server less due to past[6] security[7] incidents[8].
> Why aren't you using OpenVPN?
> OpenVPN does not have out-of-the-box client support on any major desktop or mobile operating system. This introduces user experience issues and requires the user to update[1] and maintain[2] the software themselves. OpenVPN depends on the security of TLS[3], both the protocol[4] and its implementations[5], and we simply trust the server less due to past[6] security[7] incidents[8].
[1] https://www.exploit-db.com/exploits/34037/
[2] https://www.exploit-db.com/exploits/20485/
[3] https://tools.ietf.org/html/rfc7457
[4] https://arstechnica.com/security/2016/08/new-attack-can-pluc...
[5] https://arstechnica.com/security/2014/04/confirmed-nasty-hea...
[6] https://sweet32.info/
[7] https://github.com/ValdikSS/openvpn-fix-dns-leak-plugin/blob...
[8] https://www.exploit-db.com/exploits/34879/