From 11dd2376826b5891ecda97fd576607f8bdc71cc3 Mon Sep 17 00:00:00 2001 From: Jack Ivanov Date: Fri, 19 Jul 2019 06:54:30 +0200 Subject: [PATCH] Add note about WireGuard --- docs/faq.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/faq.md b/docs/faq.md index 5e59b63..6862cfc 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -16,6 +16,10 @@ No. This project is under active development. We're happy to [accept and fix issues](https://github.com/trailofbits/algo/issues) as they are identified. Use Algo at your own risk. If you find a security issue of any severity, please [contact us on Slack](https://empireslacking.herokuapp.com). +## What's the current status of WireGuard? + +[WireGuard is not yet complete](https://www.wireguard.com/#work-in-progress). You should not rely on this code. It has not undergone proper degrees of security auditing and the protocol is still subject to change. WireGuard is working toward a stable 1.0 release, but that time has not yet come. There are experimental snapshots tagged with "0.0.YYYYMMDD", but these should not be considered real releases and they may contain security vulnerabilities (which would not be eligible for CVEs, since this is pre-release snapshot software). + ## Why aren't you using Tor? The goal of this project is not to provide anonymity, but to ensure confidentiality of network traffic. Tor introduces new risks that are unsuitable for Algo's intended users. Namely, with Algo, users are in control over the gateway routing their traffic. With Tor, users are at the mercy of [actively](https://www.securityweek2016.tu-darmstadt.de/fileadmin/user_upload/Group_securityweek2016/pets2016/10_honions-sanatinia.pdf) [malicious](https://web.archive.org/web/20150705184539/https://chloe.re/2015/06/20/a-month-with-badonions/) [exit](https://community.fireeye.com/people/archit.mehta/blog/2014/11/18/onionduke-apt-malware-distributed-via-malicious-tor-exit-node) [nodes](https://www.wired.com/2010/06/wikileaks-documents/).