WireGuard Is Two Things
mlhpdx
17 points
3 comments
March 12, 2026
Related Discussions
Found 5 related stories in 50.6ms across 3,663 title embeddings via pgvector HNSW
- WolfGuard: WireGuard with FIPS 140-3 cryptography 789c789c789c · 84 pts · March 24, 2026 · 61% similar
- PIGuard: Prompt Injection Guardrail via Mitigating Overdefense for Free mettamage · 11 pts · April 03, 2026 · 43% similar
- Fedware: Government apps that spy harder than the apps they ban speckx · 510 pts · March 30, 2026 · 42% similar
- Good Bad ISPs rzk · 114 pts · March 06, 2026 · 41% similar
- Wander – A tiny, decentralised tool (just 2 files) to explore the small web oystersareyum · 60 pts · March 18, 2026 · 41% similar
Discussion Highlights (2 comments)
tptacek
This is almost true, but not quite. WireGuard is a protocol, but it's also the Linux kernel implementation of that protocol; there are design decisions in the protocol that specifically support software security goals of the kernel implementation. For instance, it's designed to be possible to implement WireGuard without demand dynamic allocation.
viceconsole
The post mentions the deficiencies of TCP for mobile devices over unreliable links, but I've had nothing but trouble with Wireguard when connecting from phones via mobile data. I suspect it's due to my mobile operator doing traffic shaping / QoS that deprioritizes UDP VPN. In contrast, connecting to OpenVPN over TCP was a huge improvement. Not at all what I expected.