/tech/ - Technology

The entire reason everyone prefers to write VPNs in lower level languages in the first place is because of performance and simplicity. The only thing that C/C++/Go has on Python in those aspects is that Python's cryptography is slow. But I have yet to see anyone implement a higher level language to script a VPN client with. That's why alll the VPNs on the market are privacy scams.

>>30456
Agreed. OP should read http://www.loper-os.org/?p=1913 and write a VPN in Ada instead.

its called tor

>>30458
No.
1.) The CIA controls all public nodes to the network.
2.) Security issues relating to it (like "Sybil" unmasking attacks).
3.) The exit relay problem.
4.) The network is rickety now due to network-wide DDOSes thay's breaking sites and fucking the network up, and it's not as "robust" as it claims.

>>30459
>inb4 I2P
I2P is also trash. It was literally written in JAVA! Python shits on Java! It even requires you to install the latest version of it to even access the network! What a croc of shit! That's why hackers (and I'm not even talking STATE ones, either) can deanonymize users through the I2P network simply by abusing Java, since Java is proprietary garbage and anyone promoting this network is a shill. Hyphanet is the only promising one, since it requires you to run the connection off custom peer nodes to even access the network, which an actually safe VPN protocol is technically possible, but like i mentioned in the OP, it's not currently being correctly adopted. It would need at least 261 bits of encryption to keep the feds away.

Besides, having a centralized base of server nodes to backbone a network off of where a central point of failure could occur is dumb anyways. Hyphanet gives power to the user rather than the ISP, since VPNs can still keep logs.

Also, back when "Hyphanet" was still Freenet/Frost, it used Java, but newer versions are written in Rust. Really, Java is an outdated programming language.

>>30460
>outdated
The only outdated languages are those that don't run correctly on modern hardware. Java can be a perfectly sane language when used correctly, sadly it incentivizes convoluted templating structures and a laissez faire attitude towards memory. If you're worried about vendor-lockin, use gcj or kaffe instead of hotspot and its derivatives.

>being written in c is a dealbreaker
holy meme

>>30455
>Written in C, so no.
only the in-kernel implementation. wireguard-go is written in a memory safe language and widely used.
if you hate C then i have really bad news about the language the rest of your networking stack is written in, btw.

>>30460
Do you know there are other clients for I2P who are not written in Java, no? Well, since i2pd is written in C I assume you will not use it, I wonder what operative system you are using since your thread level seems to be SO HIGH you can't use anything written in C.
Well, maybe you could use House as your OS since it is written in Haskell (divinely high level language, since you also seem to hate "lower level language"s)

>Written in C, so no.

This is what happens when people learn programming from internet memes instead of reading a book.

>written in a lower level language.
You want a VPN implemented through minecraft redstone? Lua?
I assumed your qualm with C was it wasn't rust / some other memory safe thing, now I have no idea your intent.

Anyone in this thread who thinks C to be inherently insecure should look at the security record of qmail, which is unmatched in the recent history of software engineering.

>>30455
Nobody tell him what the Python interpreter is written in.

Both Wireguard and OpenVPN are just protocols. What you're looking for is alternative implementations, OP.
There are user-space implementations of both protocols in languages like Rust, Go, or some other niche meme language you may worship. If you're persistent enough, there are probably some microkernel-based operating systems which can let you use these alternative implementations as low-level components of the OS - on par with original, C-based implementations.
I have to warn you though, that most original implementations of VPN protocols use C language for very good reasons:

1. Building a high-performance VPN daemon in user-space is an absolute pain in the ass on contemporary operating systems
2. Integrating higher-level languages into kernel code is pure fucking pain. The only operating system that does this correctly is NetBSD (as far as I'm aware) with their Lua modules.
3. If you're building a kernel module that's pretty much just a wrapper over a cryptographic protocol - memory safety isn't even your first concern. One of many reasons why you shouldn't roll out your own crypto, is that implementing cryptographic protocols in a way that's not susceptible to timing side channel attacks is absurdly difficult. In case of higher-level languages whose compilers/interpreters may introduce automatically generated optimizations for the resulting code - you can't really predict whether your program is going to contain timing side channels or not. Some langauges provide special constructs to explicitly allow secure cryptographic code to be written, but in most cases - it's safe to say we have far more experience with writing correct crypto code in C than in, let's say, Python.