

GoVPN – simple secure free software virtual private network daemon - diakritikal
http://www.cypherpunks.ru/govpn/

======
borski
In case you're looking to build your own and rely on existing software, we
built an easy way to create a VPN and deploy it to digital ocean or rackspace,
in a single click.

Check it out here:
[https://www.tinfoilsecurity.com/vpn/new](https://www.tinfoilsecurity.com/vpn/new)

~~~
tjoff
Man that page looks fraudulent. Doesn't even mention what kind of "VPN" is
used other than it is supposedly "open". So, what client can I use? Which
devices or operating systems does it support? Not even the FAQ addresses any
of it.

And with all that one is expected to trust ones key to that site? (the way the
page is setup I guess the target audience can not even be expected to know
what a "key" is, or why they would even need to trust that site even if they
did use it)

At the very bottom, in the fine-print, there is a link to a blog post. Great.
Start with that! Move the whole page to the bottom of the blog post. "But that
will hurt adoptability". GREAT! No one in the in their right mind should be
"securing their internets with some cloud thing that some dude recommended" in
under 30 seconds anyway.

This is only encouraging people being gullible which is kind of ironic since
the aim seems to be to help people not trusting public wifi.

~~~
borski
So, in a different world, you'd be right. In this case, we originally built
this for Sochi so journalists could use a VPN. Journalists are not going to
have any idea how to build a box, ssh in, run a script, etc. We later changed
the copy to be related to DEF CON, to keep it current, but yeah.

------
austerity
People looking to set up their own VPN server are missing the point. Your run-
off-the-mill hoster is not any more trustworthy than a run-off-the-mill VPN
provider so you aren't gaining anything security-wise. In fact you are losing
(slightly) by having your traffic exiting the tunnel stick out where with a
shared IP extra effort (potentially non-trivial) would be required to tell
your traffic apart from that of other users. A subscription with a reputable
VPN provider costs less or as much as a VPS with a reputable VPS provider, so
you aren't gaining anything cost-wise either.

If you do it for the skillz, sure, but otherwise it's completely pointless.

Edit: Just to make it clear, that wasn't directed at the project here, but at
some of the comments in this and other VPN-related threads. Another VPN
protocol and implementation is always cool. (although Windows users need love
too)

~~~
mobiplayer
You've got some good points there, bu not everyone is a freedom fighter or
overly concerned about their privacy up to that level. Some people just don't
want to be snooped on by your casual script kiddie while on public wifi.

~~~
alyandon
That or having your web browsing data mined by your home ISP.

------
aroch
Not much point in serving .sig's and your PGP key if its over HTTP. Unless
you're already in someone's WOT, there's nothing to verify against. At least
if you use HTTPS we can somewhat trust that we're being displayed the key you
think we should be displayed.

~~~
draugadrotten
> Unless you're already in someone's WOT, there's nothing to verify against.

Somebody's been trying to fix that with
[https://keybase.io/](https://keybase.io/)

~~~
tokenizerrr
If anyone is interested, I have 3 keybase invites to hand out. Contact is in
my profile.

edit: None left, sorry!

~~~
fernandotakai
I have 7 invites. contact is also on my profile.

edit: they are all gone.

~~~
jnthn
I have 5 invites, contact in my profile.

Edit: invite count update

~~~
mrsteveman1
I've got 15 more if jnthn's run out :)

~~~
BostonEnginerd
I also have a pile of invites.

------
snitko
The blog cypherpunks.ru written in Russian contains a lot of spelling and
grammar errors, as well as typos, which to me indicates the quality of the
content in general.

~~~
pstuart
Documentation and code are two different things.

~~~
JustSomeNobody
Indeed they are but I'm not sure how the refutes what snitko said.

------
ris
I do not _care_ what language this is written in, and no user should care
either. Stop this.

------
JustSomeNobody
Why use this and not, say, OpenVPN?

~~~
danudey
Presumably simplicity? OpenVPN is fairly complex and does a great job, but its
power is clearly exposed to users, who may not need most of it.

~~~
JustSomeNobody
Good point. How can we be sure this is secure enough to use? OpenVPN is widely
used, so the thought is any issue with it would be more likely to be found.

------
hartator
Anyone knows the best current way to install a VPN on Ubuntu?

I've tried several times, it's way more difficult than I thought, and when
I've some success, performance is, at best, disappointing. And that's using
1GB/s dedicated server.

~~~
nthcolumn
sudo apt-get install network-manager-vpnc network-manager-pptp network-
manager-openvpn # for cisco vpn, microsoft or openvpn

Configure from the panel. I use ThreatSpike labs. Too easy.

------
tw04
I haven't personally used it, but I've heard nothing but good things about
SoftEther:

[https://www.softether.org/](https://www.softether.org/)

It supports SSL VPN to boot.

~~~
burke
It scares me a bit that it has 4.15 times the codebase size of OpenVPN, but
was only released 2 years ago.

I already think of OpenVPN as not being simple enough.

------
xorcist
For what uses should I prefer this over plain old OpenVPN?

~~~
danudey
Presumably 'I want a VPN, I don't need 90% of what OpenVPN offers, and I don't
want to spend a huge amount of time figuring out how to OpenVPN quickly and
easily.'

~~~
xorcist
OpenVPN is just an apt-get install away, and the defaults would suit you fine
in if you don't have any special needs. You do need to configure what IP nets
you want to tunnel (unless you use it in bridging mode), but that's it.

------
EugeneOZ
it's strange to use UDP as only protocol. For most web activity TCP is better
(and UDP is not suitable at all).

------
apeacox
SourceForge?! how about hosting a zip on geocities? :-)

~~~
ryandvm
As an occasional open source producer, I really can't stand when people piss
and moan about _somebody else 's_ charitable software contributions.

~~~
ciupicri
Though he didn't complain about the software itself, he complained about the
way it's hosted. Different concerns. And in today's world, SourceForge is
liked less than GitHub from what I've noticed.

~~~
chrissnell
Sourceforge has inserted adware into projects' downloads in the past. It's
also a ghost town and I wonder what sort of resources (if any) they have
working on the site to keep it secure. This is a big concern when the software
they're hosting is as security-sensitive as a VPN package.

~~~
nine_k
Adding adware to gzipped and signed source code would be a bit hard. That's
the onl;y thing the authors serve from sourceforge.net.

~~~
huxley
I think he's referring to this: [http://sourceforge.net/blog/today-we-offer-
devshare-beta-a-s...](http://sourceforge.net/blog/today-we-offer-devshare-
beta-a-sustainable-way-to-fund-open-source-software/)

Their Senior Director of Business Development, Roberto Galoppini, said this in
the comments to the link above:

"Developers opt in and are compensated, they are in control both of the
installer behavior and of what sort of secondary offerings will be presented
to their user base. Moreover they are not asked to integrate their application
with a third parties' piece of code, and maintaining a bundled and unbundled
version is trivial for them.

End-users are provided with a transparent installer behavior, all programs are
malware-free and honestly described. All uninstall procedures are extensively
tested, both for open source applications and third parties' offerings."

~~~
lowmagnet
> Senior Director of Business Development

Ah, "professional management"… the beginning of the end of any good company.

