Jump to content
Not connected, Your IP: 35.175.107.77

Recommended Posts

Im always hesitant to run additional software, especially one that is always on but I might have to give Eddie a try. (on linux)

 

However how safe is it? Has it been audited?

 

It is something that will always be on on the system and i need to be 100% sure it doesn't do anything that it isnt supposed to.

 

I know it's open source but I'm not a programmer so...

Share this post


Link to post
i need to be 100% sure it doesn't do anything that it isnt supposed to.

It doesn't do anything it's not supposed to do. In some cases, it doesn't even do things it is supposed to do.

This is why there are constant bug reports and frequent updates.

 

You are mixing some infosec terms in a case that doesn't really apply here. Usually auditing means a review of

an entirely new infrastructure, protocol, or a low level program for the absense of vulnerabilities such as buffer/stack/integer overflow,

which could eventually lead to dangerous code execution and other unwanted behavior.

Eddie is just a wrapper for OpenVPN, written in .NET, so this entire class of memory corruption vulnerabilities does not apply in this case.

.NET is a memory safe intermediate language that does not suffer from those types of vulnerabilities, same as Java, Python, just to name a few.

The only thing you can worry about is a slightly higher resource usage, because of the .NET framework and Mono on other platforms,  but

this is so negligible on modern <10 year old PCs that the difference is barely noticeable. However if you plan to run it in a Linux VM with less

than ~1GB of RAM you might see some GUI performance issues.

 

If you trust Air as your ISP, which will eventually be true if you plan to route your packets with any of the available servers, you can trust Eddie.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

A client executable will never be as safe as managing your VPN connections manually using openvpn and ovpn files. This can only be done successfully in Linux. You can try using the openvpn executable in a Windows command window but you just run a netstat and you'll see your LAN IP address constantly connected to the Microsoft telemetry server...

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...