Hacker News new | past | comments | ask | show | jobs | submit login
Beta for WARP for macOS and Windows (cloudflare.com)
42 points by illustrioussuit 3 months ago | hide | past | favorite | 14 comments



One of the fun things about working at a place is you get to try stuff out early; as a Windows user, I was one of the first folks outside of the team to try out Warp for Windows.

I would say "I'm happy to answer questions" but I'm not sure what I could answer; for a while now, I frankly forget that I have it even installed. It pretty much Just Works.


Here's a question. I've read the article twice and I can't figure out what the product is. What is it? Is it a VPN service?


So, 1.1.1.1 is Cloudflare's public DNS resolver. It's the fastest resolver on Earth: https://www.dnsperf.com/#!dns-resolvers It's fast because Cloudflare has 200 data centers all over the globe, and you connect to the nearest one.

Warp is a set of apps that will set your phone (and with this, today, your computer) to use 1.1.1.1 for resolving your DNS. But additionally, it uses the Wireguard protocol to connect, which is a VPN protocol. This hides the contents of your connection from your ISP or network provider. It does mean you're connecting to Cloudflare, and so we've made a bunch of privacy commitments, and gotten external auditing to back those up: https://news.ycombinator.com/item?id=22747770

The above is all free. You can pay a small subscription fee to get access to Warp+, which uses Cloudflare's "Argo" product to route your requests faster.

Does that make more sense?


From the original blog post announcing Warp, I would have thought "yes, Warp is a VPN service" was the right answer:

https://blog.cloudflare.com/1111-warp-better-vpn/

My understanding of that blog post is:

* 1.1.1.1 is Cloudflare's DNS resolver.

* Warp is a free VPN service, using the Wireguard protocol, with the exit at your nearest Cloudflare data center.

* Warp+ is a $5/mo. paid tier of the VPN service, with the exit at the Cloudflare data center nearest your destination, which ought to be faster.

* All of these are enabled on mobile via the app called "1.1.1.1".

I don't think "Warp is a set of apps that will set your phone to use 1.1.1.1 for resolving your DNS" is right -- but I could be misunderstanding either the product or Steve's summary ...


Yes, I got the name of the app wrong; it's called "1.1.1.1". I have been using it only since the Warp stuff was added, so in my brain it's called "warp" even though that's not actually correct, sorry.

Warp is a vpn service, but I hesitate to just say "yes" in this case because of the caveats around end-users seeing your IP. Many folks use vpns to attempt to hide information from the site that they use, but this doesn't inherently do that, it hides the information from your internet provider. When this was announced on HN, there was a lot of arguing about that, so I tried to sidestep it by just saying plainly what it does.


So... DNS (via Cloudflare) over Wireguard?


Yes.


It's Wireguard to the nearest Cloudflare node. WARP+ is the same but will route your traffic over their private infrastructure for parts of the journey where they think it's faster/better than the normal internet path.


This is awesome. Are there any plans to integrate with device firmware like openwrt?


I don't know; I'm not on that team.


Can I run my own WARP server? If not, I'm not that interested.

If I'm trading one centralized service for another, there is no net gain.


It's just Wireguard that doesn't route to Cloudflare servers and that's pretty easy to setup with Docker or algo or whatever. But self-hosting a VPN for privacy is questionable as to how much it helps (since the VPN server is probably sitting on your home network unless you put it in AWS/Digital Ocean/Azure).

(if the address you are trying to go to is hosted by Cloudflare, they route it using your normal connection so that it'll be quicker than going an additional couple hops to the WARP server and then to the Cloudflare dc nearest to the WARP server. you could say that this kills the privacy argument, but using their VPN at all means they can see what sites you are going to, so you'd already be trusting that they don't log.)


I dunno; I don't know if I really like or trust cloudflare, but I'm sure I trust them more than my ISP.


Yup, that's exactly where I sit. A well implemented VPN is useful because I heavily distrust my ISP. I _could_ use some other big VPN provider, I guess, but I've always admired the tech stack of Cloudflare.. so I'm interested.

And fwiw, since I'm sure someone will think it - I don't want to manage my own VPN on some remote server. Not only would I put myself at risk because I don't have the experience to manage a secure server of such importance, but all I did was move my risk from my ISP to some other endpoint (VPS hosting/etc).

It feels like a game of risks no matter what you do.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: