Jump to content
Not connected, Your IP:

Does WireGuard pose privacy issues?


It is known that while WireGuard may offer advantages in terms of performance, by design it is not ideal for privacy, because it doesn't allocate VPN IP Addresses (10.*) dynamically like OpenVPN does; instead WireGuard requires fixed ones in .conf files deployed on devices.
Some of our competitors, in order to circumvent the issue, adopted solutions which break compatibility with official WireGuard applications (which can be and are peer-reviewed more extensively), thus those solutions work only if customers use a proprietary application.
Interoperability between open-source applications and our service is still a main objective for us.
Our clients can renew their keys whenever they want, forcing a new, random IP address reassignment (remember: any .conf file generated with the Config Generator must be downloaded again after each renewal).
And, of course, users who can't accept the issue are free to stay with OpenVPN.

Another privacy concern is that WireGuard stores users' real IP addresses on the VPN server indefinitely.
During a VPN session, it's inevitable that our servers know the user's real IP address (to redirect traffic), this happens also with OpenVPN.
The different issue here is that WireGuard keeps this data even if the session is closed.
In AirVPN servers, if no handshake has occurred within 180 seconds, the peer is removed and reapplied. Doing so removes the real IP address from server memory.

Created: ..., last update: ...
  • Create New...