Jason A. Donenfeld
Jason at zx2c4.com
Wed May 8 14:19:47 CEST 2019
- Previous message: wireguard forces its host DNS on clients (?)
- Next message: [ANNOUNCE] download Windows pre-alpha for testing
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Hey everyone, I've been mostly absent these last weeks, due to being completely absorbed in Windows programming. I think we're finally getting to the state where we might really benefit from testing of the "pre-alpha". I write "pre-alpha", because the software isn't finished yet, and there are a lot of goals, many of which security-related, that we haven't yet accomplished. We also have not even begun to optimize its performance. But it's fairly functional, and therefore I'd appreciate feedback on the new bugs you find. We have, so far, accomplished some nice things, including: - The same basic UI design that users know and expect from macOS, including a syntax-highlighting configuration editor. - DPAPI-encrypted configuration files. - Multiprocess service architecture and process isolation. - Automatic "kill-switch" to block untunneled traffic. - Signed drivers for Windows Server 2016 and 2019. - Update mechanism. - MSI installer and uninstaller that does the right thing with regards to services and cleanup. - Oh, also, it actually does WireGuard tunneling. We're still working on lots of things, and you can follow along with our updated-every-minute TODO list at [1]. As you can see, there are quite a few known-bugs, with the Wintun TODOs being especially critical. Did I mention this was a pre-alpha? The security of the architecture is also evolving, and you can read our evolving attack surface document at [2]. And of course, if you'd like to help develop this, build instructions are available at [3] and [4]. As you find bugs, please report them to us in #wireguard on Freenode, or by emailing us at team at wireguard.com, and please check [1] before doing so. You can download the pre-alpha of WireGuard for Windows here: https://www.wireguard.com/install/?downloadwindowsprealpha=1 Do note that at the time of writing (check the timestamp of this email), we don't consider the build there satisfactory from a security perspective. Regards, Jason [1] https://docs.google.com/document/d/1-jlULsy1uDun-b4ow3RvnNQJU5K_pAv87sqDAfK66Kk [2] https://git.zx2c4.com/wireguard-windows/about/attacksurface.md [3] https://git.zx2c4.com/wireguard-windows/about/ [4] https://git.zx2c4.com/wintun/about/
- Previous message: wireguard forces its host DNS on clients (?)
- Next message: [ANNOUNCE] download Windows pre-alpha for testing
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]