So much for trying to cut off access to most of the internet under the guise of requiring ID
UK: We own you now bitch. Iranians: Hold my beer Habibi.
What the actual fuck…
That gold Trust award icon sure makes me feel better
What. Are you implying that this project should be flagged as malicious? What malicious indicators did you see to think this is true?
The fact that this image is in the repo in the first place.
Oh, yeah lol that’s suddenly pinging my sketchy-radar now
It’s a GitHub link, what did you expect?
Someone want to explain to a muggle in plain english what this does and how it’s different from simply using a VPN?
Looks like it uses cloudflare warp, which is a free service that cloudflare provides that’s like a somewhat less secure VPN? It used to expose your IP and just encrypt the content so your ISP couldn’t snoop on you, but websites could still see your IP. Apparently, cloudflare fixed the exposed-IP thing in 2022 though. Its also supposed to stabilize and improve the speed of your Internet connection.
It’s basically a VPN with better speeds and slightly worse security, from what I’m seeing. A good everyday service, but you probably don’t want to use it if you’re leaking national security info.
Aw, man. How am I going share these nuclear launch codes now?
Here
Warrhunder forums.
Oh right, yeah. Good idea.
Awesome, the middle east has tons of censorship so this will help tons of people. There are many blocked websites in my country and my friends’ nations.
And while many block VPNs directly i highly doubt they’ll block cloudflare or github, so this should be very hard to prevent.
And while many block VPNs directly
Wow, and I thought Egypt was bad. Thank God for tech-illiterate authoritarians.
Heh they block VPNs, Tor and that type of stuff in Saudi. They block wireguard in Jordan, at least according to my friend there lol
I work IT… how exactly are they blocking wireguard?
Edit: Okay, I did the search, and as I guessed, they do not. Users seem to report UDP blocking and throttling in general, not wireguard (I’m not sure that would be possible). It’s not even particularly confirmed though.
They do block Wireguard. They use DPI (Deep Packet Inspection) at the national level (it’s as expensive as it sounds). They filter and monitor all traffic. Once you have something as invasive as DPI in place, Wireguard becomes rather easy to detect, because it doesn’t hide the fact that you’re establishing a tunnel (its purpose is just to obscure the data being tunneled).
According to the specification, a specific sequence of bytes (Handshake Initiation packet) is sent by the “client” to negotiate a connection, and a Handshake Response is sent back by the “server”. The handshake packets used to negotiate a connection are basically a recognizable signature of the Wireguard protocol, so if you are able to analyze all outgoing and incoming packets (which DPI enables you to do), you can monitor for these signature packets and block the connection attempt.
There are variants of the Wireguard protocol that can circumvent this method of censorship (Amnezia Wireguard is one example), but they only work as long as they stay under the radar and don’t see mass adoption. Their own “signatures” would also just get blocked in that case.
Ultimately, bypassing this level of censorship just isn’t something Wireguard was created for. Wireguard assumes you are only concerned with obscuring your traffic, not hiding the fact that you’re using a VPN. There are better tools for this job, like this: https://www.v2fly.org/en_US/
Edit: Better link with the language set to English
Thanks for the excellent and thorough explanation!
I have no idea, that is what he told me :shrug:
That’s… uh… my condolences.
I’ve had to bypass DPI several times in the past. V2Ray has never failed me, but I had to set it up myself on my own VPS. It wasn’t being offered commercially by any VPN providers back when I needed it. More info here: https://www.v2fly.org/en_US/
Edit: Forgot to mention, for those interested in setting this up an easier option is to let Amnezia VPN set it up for you. It’s FOSS, can be found here https://github.com/amnezia-vpn/amnezia-client
You’ll need to have your own VPS or home server though, and if you want to use V2Ray at home and do some advanced routing to enable local LAN access for example, then it’s better to set things up from scratch than to use Amnezia.
So it’s simply CF WARP but now in Asian languages? I don’t understand why I can’t just download CF One app and get the same results? Someone please elaborate
I tried to figure this out. It seems it includes additional features for bypassing censorship, to be specific Gool (warp to warp) and Psiphon. From https://github.com/bepass-org/warp-plus :
Psiphon Chaining: Integrates with Psiphon for censorship circumvention, allowing seamless access to the internet in restrictive environments.
Warp in Warp Chaining: Chaning two instances of warp together to bypass location restrictions.
i downloaded the CF One app after this comment and it seems you need an organisation account
Apologies, I meant this cloudflare one app which is free
Which is essentially the same as CF WARP app
big ups, thanks for clarifying 🙏
That’s a bad ass domain name.
FOSS alternatives are nice.
You asked me a question before, what was it?
Desktop version
CF Warp already works with desktop. https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/download-warp/#windows
A search says Oblivion adds on to WARP, giving you additional protocols, IP switching (instead of Cloudflare assigned), some addition tools, but biggest seems to be opensource, because official WARP is closed.
So, how safe is this to use?
Fuck yes!
