alt Hacker NewsGotaTun -- Mullvad's WireGuard Implementation in Rust
Comments
Nice, I love WireGuard. I ended up building WrapGuard [1] to run applications without root access to the host and choose Go to write it in. I don't really know Rust, but does it make more sense for firmware/networking type software? Is there even a difference?
Fingers crossed that GotaTun will also make its way into the Tailscale Android app (since that's what I use to connect to Mullvad).
I wish they would improve wireguard-the-protocol as well: wireguard doesn't stand a chance against gov/isp blocks.
If anyone working on the implementation is here, was it not possible to upstream your changes to BoringTun? The blog mentions some changes but doesn't go into detail on that aspect.
I thought Wireguard runs inside the kernel on Android since it ships as part of Linux now.
Its funny, this is another of the billions of reasons why Mullvad should be the VPN of choice. But so many fucking people can't ever get over that their favorite social media influencer/Youtuber is offering a code for 200% off of NordShark VPN, now with extra AI.
Now that's how you name things!
Can you use DAITA with just gotatun (on linux) or do you require the Mullvad daemon?
I would love to see more root cause analysis data on the crashes they were seeing with wireguard-go. I wonder if it was bugs in the library itself, or the FFI.
For the similar reason I do not using any go based proxy code in my MintFlow app, and use rust to implement some proxy protocols.
But my app’s wireguard is natively implemented by fdio vpp plugin, so it’s based on C.
Is there any way to switch to this implementation for generic WireGuard users?
I tried downloading their Android app, but it's not generally usable for people who host our own WireGuard, which is fair enough.
One meta thing I've always wondered ... Are multiple implementations of the same protocol good or bad for security?
Probably naively, I'm thinking:
- diversity: good
- doubling the attack surface: real bad
[dead]
[dead]
[flagged]
[flagged]
[flagged]
I definitely noticed the performance boost on my Pixel 8, for some reason it seems to really not like wireguard-go, it struggled to pull even 100mbps, maybe something unoptimized on Google's custom hardware. With the new GotaTun version I can pull 500mbps+, though unfortunately it also seems to have introduced a bug that randomly prevents the phone from entering a deep sleep state, so occasionally my battery will randomly start draining at 10x normal speed if I have it enabled until I reboot.