Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
RILEYISMYNAME

Faster Mobile Internet for FREE - No… Seriously

Recommended Posts

13 minutes ago, NinJake said:

Hey, what's your name?

 

DOES ANYONE KNOW OP'S NAME?!

 

(Might have to watch this one...)

I think it's Fred :P


Current Network Layout:

Current Build Log/PC:

Prior Build Log/PC:

Link to post
Share on other sites
5 minutes ago, RILEYISMYNAME said:

@NinJake IT'S RILEY, HAHA

WOW WHO WOULD HAVE THOUGHT!

 

Everyone, OP's name is Riley!! He also looks like that one guy from LMG!

Link to post
Share on other sites
5 hours ago, Lurick said:

I think it's Fred :P

Nah, it's joe


Current PC (Second Build) : CPU: Ryzen 5 1600 RAM: 16gb Corsair Vengeance RGB Pro DDR4-2666   GPU: PowerColor Radeon RX570 8gb MOBO: ASRock B450m Pro4 SSD: Inland 120gb HDD: 1tb Seagate Barracuda PSU: Cooler Master Masterwatt 500w Lite Case: NZXT H500 OS: Manjaro KDE Plasma (Much better than Windows 10 imo)

 

Accessories: Mouse: Alienware AW958 Elite (Wouldn't recommend it, I got it as a gift and I get exceptional DPI issues on Windows) Keyboard: Corsair k63 Wireless

Link to post
Share on other sites

The video didn't prove anything on speed/responsiveness and has delivered more explanations rather than proof. I'm not gonna argue against the security benefits, but you should've just replaced "FASTER" with "MORE SECURE" in the title. 

Link to post
Share on other sites

So I googled this after watching the video, and unfortunately I’m still a little confused. 
 

There’s WARP, and WARP+. Put simply, I guess what I want to know is: What’s the difference? Is WARP plus exactly the same, just faster? No other benefit?

 

Is WARP (not WARP+), totally free (looks like it) and encrypts traffic from my device, like a regular VPN? Cause that’s what I really want from it. Not having IPs masked actually serves me very well so not an issue for me, just want to at least encrypt data on public, guest, or hotel WiFis.

Link to post
Share on other sites
39 minutes ago, kblocks said:

So I googled this after watching the video, and unfortunately I’m still a little confused. 
 

There’s WARP, and WARP+. Put simply, I guess what I want to know is: What’s the difference? Is WARP plus exactly the same, just faster? No other benefit?

 

Is WARP (not WARP+), totally free (looks like it) and encrypts traffic from my device, like a regular VPN? Cause that’s what I really want from it. Not having IPs masked actually serves me very well so not an issue for me, just want to at least encrypt data on public, guest, or hotel WiFis.

Warp ONLY changes DNS to 1.1.1.1

Warp+ does (whatever was stated)


Maximums - Asus Z97-K /w i5 4690 Bclk @106.9Mhz * x39 = 4.17Ghz, 8GB of 2600Mhz DDR3,.. Gigabyte GTX970 G1-Gaming @ 1550Mhz

 

Link to post
Share on other sites

Another thing that wasn't mentioned in the video: pricing is not the same all over the world. For example, it is Rs.140/month here in Pakistan, which is under 1 USD. I'm glad that is a thing, since the feature is geared more towards people in developing countries anyway.

Link to post
Share on other sites
3 hours ago, kakik09 said:

The video didn't prove anything on speed/responsiveness and has delivered more explanations rather than proof. I'm not gonna argue against the security benefits, but you should've just replaced "FASTER" with "MORE SECURE" in the title. 

The way WARP works is by encapsulating TCP inside of UDP which eliminates TCPs biggest weakness, ACK delay. This means packets will sends data without having to wait for an ACK making the response times much less while still providing resiliency. This means something when you have 20-30+ request made on a site. This difference in delay varies based on distance to where you are accessing content and can sway greatly even from site to site.

 

 So yes it isnt "faster" but instead more responsive and was shown vaguely in the video with his Pixel 3s. Responsiveness has more to do with the experience of a fast connection than does raw throughput. 

 

Technically though this extra encapsulation means that in a raw throughput the added overhead would make it slower. 

 

Cloudflares whitepaper on WARP

https://blog.cloudflare.com/warp-technical-challenges/

Link to post
Share on other sites

I usually love LTT videos but while watching this I had a few concerns:

  • If this is an ad I think it should be stated clearly in the video, which I don't think it was?
  • Your connection is already encrypted! (as long as you use HTTPS, which most websites do after let's encrypt). As someone said in a YouTube comment the only thing your ISP can see is the first part of the URL (e.g. "www.lttstore.com")
  • UDP does not automatically mean that the connection will be faster as what TDP does is nessecary for a stable connection. You simply have to move the error correcting code to another "layer"
  • Wireguard: you should always be sceptic about new programs that have to encrypt your data. It has been shown time and time again that obscurity is not a security measure and therefore you need to rely on tested methods e.g. OpenVPN. I'm not saying that wireguard can't do what it does, but simply that it is a new protocol and therefore more likely to have flaws. See these links for some opinions that aren't mine: https://restoreprivacy.com/wireguard/ or  https://news.ycombinator.com/item?id=16326438
  • Cloudflare does not support EDNS - if this is good or bad I don't know. What I know is that some websites are not resolvable with 1.1.1.1 like archive.is
  • Finally some concerns have been raised as to how much control we give Cloudflare. If you decide to use this now Cloudflare has this information instead of your ISP. If you trust them more, great. If not... well.

 

 

Link to post
Share on other sites

A VPN protects against other items though. Like MITM attacks, dns attacks, etc. So the source or your connection isn't a concern. If you are able to establish your VPN connection you can be sure the data between you and that VPN is most likely secure. Now once it comes out the other end that is a different story.  Now you also have DoH (DNS over Https) and DoT (DNS over TLS) as well as a few other similar techniques for encrypting dns information.

 

Personally I have a fast enough connection at home with various items I like access to that I VPN to my home connection and then have it routed out with encrypted DNS or depending on the machine and it's use I might route it through another VPN. I mean VPN's are a perfect solution, but they are another layer of security.

 

I won't even get into cookies and the like which people seem to forget about that allow them to be tracked over their vpn.

Link to post
Share on other sites
7 hours ago, BeneCollyridam said:

If this is an ad I think it should be stated clearly in the video, which I don't think it was?

maybe consider that cloudflare did not sponsor the video ._.

Link to post
Share on other sites

@BeneCollyridam, merged to official video thread. Usually the best place to post video related criticism/questions.


^^^^ That's my post ^^^^
<-- This is me --- That's your scrollbar -->
vvvv Who's there? vvvv

Link to post
Share on other sites

There is already free technology inside opera that does something similar. 

No way id be paying for a service when there is may feee alternatives 

Link to post
Share on other sites
8 hours ago, BeneCollyridam said:
  • Your connection is already encrypted! (as long as you use HTTPS, which most websites do after let's encrypt). As someone said in a YouTube comment the only thing your ISP can see is the first part of the URL (e.g. "www.lttstore.com")

 

 

 

HTTPS do not protect you against MITM attacks.  Questiuon is how good Cloudflares protection against MITM are.

Link to post
Share on other sites
1 hour ago, Kroon said:

 

HTTPS do not protect you against MITM attacks.  Questiuon is how good Cloudflares protection against MITM are.

If I remember correctly HTTPS does protect against MITM.

It would require:

  • Either a CA Authority to be compromised for a MITM to be possible.
  • Or the administrator (or someone who has compromised your computer) to leak your keys

Edit: I think this explains it better - https://security.stackexchange.com/a/8309

Link to post
Share on other sites
9 minutes ago, BeneCollyridam said:

If I remember correctly HTTPS does protect against MITM.

It would require:

  • Either a CA Authority to be compromised for a MITM to be possible.
  • Or the administrator (or someone who has compromised your computer) to leak your keys

Edit: I think this explains it better - https://security.stackexchange.com/a/8309

 

HTTPS do NOT protect against MITM, it's actually quite easy to go around.  Have been doing practical jokes with coworkers by spoofing sites.

 

All you have to do is register a site that have a similar name using Unicode character that looks the same.  like lttstoгe.com in the browser address field that will look like lttstore.com.  Then you get a legitimate SSL/TLS certification for lttstoгe.com.  Now all you have to do is to redirect lttstore.com to your computer and simply redirect there.  The connection between your computer and target will report as save by the browser and even if you are connected to the wrong host what you see in the adress field is "correct", however if the target click in the padlock and check the certification it will be obvious that something is wrong. 

Link to post
Share on other sites
17 minutes ago, Kroon said:

 

HTTPS do NOT protect against MITM, it's actually quite easy to go around.  Have been doing practical jokes with coworkers by spoofing sites.

 

All you have to do is register a site that have a similar name using Unicode character that looks the same.  like lttstoгe.com in the browser address field that will look like lttstore.com.  Then you get a legitimate SSL/TLS certification for lttstoгe.com.  Now all you have to do is to redirect lttstore.com to your computer and simply redirect there.  The connection between your computer and target will report as save by the browser and even if you are connected to the wrong host what you see in the adress field is "correct", however if the target click in the padlock and check the certification it will be obvious that something is wrong. 

Well, that is true.

 

But to say that it does not protect against MITM at all is false. You cannot do simple MITM attacks anymore like you used to with HTTP.

Link to post
Share on other sites
1 minute ago, BeneCollyridam said:

Well, that is true.

 

But to say that it does not protect against MITM at all is false. You cannot do simple MITM attacks anymore like you used to with HTTP.

 

Problem is that as long DNS are insecure you can always redirect the traffic and make an MITM attack no matter what crypto you are using.  Also worth knowing that law enforcement and even your employer can legally edit the DNS and thereby catch your traffic unencrypted.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×