VPNs will change forever with the arrival of WireGuard into Linux
After years of development WireGuard, a revolutionary approach to Virtual Private Networks (VPN) was finally fast-tracked to the Linux kernel. Now, at long last, WireGuard is in Linus Torvald's code tree. That means WireGuard should appear in the Linux kernel 5.6 release. This may be as early as April 2020.
This has the potential to change everything about VPNs -- not just in Linux, but in the entire VPN world. That's because essentially all VPN services run off Linux servers. Some VPN services, such as StrongVPN and Mullvad VPN, have already seen the writing on the wall and are moving their software stacks to WireGuard.
This is being made easier because WireGuard's code, which is licensed under the open-source Gnu General Public License (GPL) version 2.0, is already available on Android, Windows, macOS, BSD Unix, and iOS.
In more detail, WireGuard claims that "Compared to behemoths like *Swan/IPsec or OpenVPN/OpenSSL, in which auditing the gigantic codebases is an overwhelming task even for large teams of security experts, WireGuard is meant to be comprehensively reviewable by single individuals."
There's certainly something to this. The WireGuard codebase has about 4,000 lines of code, while the popular OpenVPN has over 100,000 lines. Which would you rather debug?
As WireGuard nears mainstream acceptance in the Linux kernel, its creator, Jason Donenfeld, is still working out its rough edges. The WireGuard site now states that "some parts of WireGuard are working toward a stable 1.0 release, while others are already there."
In a Linux Kernel Mailing List (LKML) message, Donenfeld added he was running multiple automated WireGuard code tests for various code trees on pretty much all Linux hardware architectures. And, along the way, "Even though the CI [Continuous integration] at the moment is focused on the Wireguard test suite, it has a habit of finding lots of bugs and regressions in other weird places. For example, Linux-next is failing at the moment on a few archs [architectures]."
This will not immediately put an end to other VPN technologies. But, if WireGuard lives up to its promise, you'll be able to see its end from here. Tomorrow's VPN, on Linux and everywhere else, will be based on WireGuard.