Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Network Networking Privacy Security IT

Cloudflare Relaunches Its Security-Focused Mobile VPN Warp (cloudflare.com) 19

tearmeapart writes (edited to add more details): Cloudflare is opening up its security and speed-focused mobile VPN service called WARP and WARP Plus to the general public. WARP is a mobile app for Android and Apple to establish a VPN to CloudFlare's huge global network. Cloudflare is promising:
1. No user-identifiable log data to disk;
2. No selling browsing data;
3. No need to provide any personal information
4. Regularly get audited.
This is the second time Cloudflare is launching Warp. The VPN builds on Cloudflare's existing mobile app 1.1.1.1, which encrypts domain name system connections. But Warp goes beyond this protection to encrypt the whole journey from your device to a web server and back -- even if the website itself still isn't offering HTTPS web encryption. And all of this happens quickly, without draining your battery, and without complicated setup. In an interview with Wired, Cloudflare CEO Matthew Prince said: Yeah, what we thought was going to be easy back in April turned out to be a lot harder than we expected. We had been testing this primarily in San Francisco and Austin and London, which is where the teams that were working on this are based. But as soon as users started to get anywhere that didn't have a fairly reliable internet connection, just all hell broke loose. The report adds: In describing the hurdles Cloudflare faced getting Warp off the ground, John Graham-Cumming, the company's chief technology officer, and Dane Knecht, its head of product strategy, note that many of the challenges came from dealing with interoperability issues between mobile device models, operating system versions, and different mobile network and Wi-Fi configurations around the world. For example, Warp is built on a newer secure communication protocol for VPNs known as WireGuard, which isn't ubiquitous yet and therefore isn't always natively supported by devices. The team also faced challenges dealing with web protocols and standards that are implemented inconsistently across different wireless carriers and internet service providers around the world. Cloudflare's 1.1.1.1 focuses on encrypting DNS connections specifically, but Warp aims to encompass everything in one protected tunnel. Keeping everything together as data traverses the labyrinth of servers that make up the internet, including Cloudflare's own massive network, was tough. Warp is free to use without any bandwidth caps or limitations. But Warp Plus, which is being offered through a monthly subscription fee, offers a "faster version of Warp that you can optionally pay for. The fee for Warp Plus varies by region and is designed to approximate what a McDonald's Big Mac would cost in the region. On iOS, the Warp Plus pricing as of the publication of this post is still being adjusted on a regional basis, but that should settle out in the next couple days. Warp Plus uses Cloudflare's virtual private backbone, known as Argo, to achieve higher speeds and ensure your connection is encrypted across the long haul of the Internet. We charge for it because it costs us more to provide," the company said in the blog post.
This discussion has been archived. No new comments can be posted.

Cloudflare Relaunches Its Security-Focused Mobile VPN Warp

Comments Filter:
  • Mullvad already does all that, don't they?
  • Is it going to be marketed like OS/2 Warp.
    Commercials with psychedelic colors, or a bunch of people starting at a screen in awe of the product without ever showing it.

     

  • This not a VPN (Score:4, Informative)

    by gitano_dbs ( 1490853 ) on Wednesday September 25, 2019 @02:42PM (#59235840) Homepage

    This not a VPN

    From their Blog https://blog.cloudflare.com/an... [cloudflare.com] ""From a technical perspective, WARP is a VPN. But it is designed for a very different audience than a traditional VPN. WARP is not designed to allow you to access geo-restricted content when you’re traveling. It will not hide your IP address from the websites you visit. If you’re looking for that kind of high-security protection then a traditional VPN or a service like Tor are likely better choices for you.""

    • Yeah, I was wondering what the purpose of using HTTPS from the non-HTTPS endpoint to the VPN server was. Now I know.

    • If it is not a regular VPN, what does it do? The Cloudflare blog was not very informative.
      • by Anonymous Coward

        If it is not a regular VPN, what does it do? The Cloudflare blog was not very informative.

        Instead of routing through 15+ different backbone networks, between the destination edge point and either your device or your ISP depending, your traffic routes over just one or two backbones, primarily cloudflares.

        The free "warp" still requires your ISP to route over their own backbone and out if it closest to the next hop backbone point, which would be cloudflare.

        The "warp plus" utilizes their argo network, which is a virtual backbone end point, which for mobile devices will very likely begin at the cellu

      • This is yet another "lets grab all the data we can" by CloudFlare. This is to go with the CloudFlare DNS-over-HTTPS so they will have complete visibility and total data collection that they can sell to whatever third party they want at whatever price they will pay.

        That is why it is "FREE" -- and worth exactly every penny of that price ... (like everything else that is "FREE")

    • Its all confusing at this point and I don't why anyone needs warp if firefox will have cloudflare dns baked in soon.
  • Just a quick test shows this significantly reducing my speed and increases latency. Using Fast.com, on my un-VPN wifi, I got 72. Enabled, fast.com takes much longer to load. The speeds averaged 850k to 2mbs.

    Downloading "Between Two Ferns" from Netflix took about 30 seconds on my phone. The file size is reported at 321 megs.

    Pretty good! Not awesome. Obviously it leaves some room to make Warp Plus attractive. Still, this is pretty great if you're on insecure public wifi

  • ipredator.se, the VPN counterpart to The Pirate Bay, is more likely to do a good job.

  • What are they audited against? A litmus test for me would be: if they use some equivalent Debian's buggy OpenSSL (i.e. crypto that uses strong-looking but actually-weak keys), would this be contrary to their declared privacy policy? Which exactly part of the audit would they fail due to such "bug"? Otherwise, I have to assume that they will do it deliberately to assist law enforcement agencies in traffic decryption.
  • by scdeimos ( 632778 ) on Wednesday September 25, 2019 @04:38PM (#59236470)

    But Warp goes beyond this protection to encrypt the whole journey from your device to a web server and back -- even if the website itself still isn't offering HTTPS web encryption.

    Not possible. At best it can encrypt the journey from your mobile device to wherever the VPN terminates. It can't encrypt traffic on the hops between the VPN endpoint and the HTTP-only web server.

    • Unless, like a significant and growing fraction of the internet, the website is being served by Cloudflare's CDN. Then they can leave your data encrypted the entire way. In fact, even if they aren't serving the site itself, if they peer with the sites ISP, which they probably do, then Warp+ will get you to the edge of the destination ISP before decrypting.
  • My understanding of the marketing speak:

    1. User-identifiable data will be logged directly to tape for permanent storage, no disk involved!
    2. All non-browsing data (such as what DNS query you sent) will be sold to the highest bidder, and browsing data will be used internal-only to profile you, then your profile would be sold
    3. They can already identify you from your phone and already have all your personal information from other sources
    4. Regularly get audited... by auditors paid by Cloudflare and the audit

    • by AHuxley ( 892839 )
      No "selling browsing data" is a hint.
      Whats "browsing" and what is not "browsing" and what is for sale :)
  • ...due to being subject to the whims of the US president.

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...