Hacker News new | ask | show | jobs
by closeparen 1780 days ago
Why is exposing a web service considered so much worse than exposing a VPN service? WireGuard is respected for low complexity and high quality, sure, but what prevents a web server from having the same characteristics? And there are plenty of VPN services whose huge public surfaces turned out to be vulnerable, why is running one of these any less crazy than running nginx?
1 comments
code_duck 1780 days ago
One problem is the software on the router is likely to be outdated and vulnerable, and upgrades are not under your control.
link
closeparen 1780 days ago
Isn't that equally as true of a VPN service as of a web service?
link
code_duck 1780 days ago
The issue at hand is which hardware device is exposed to the external network, not which software.
link