Yesterday, completely serious and without any jokes, jokes, - VPN service based on DNS application 1.1.1.1 for mobile devices using proprietary Warp encryption technology. The main feature of the new Cloudflare product is simplicity - the target audience of the new service is conditional “moms” and “friends” who are not able to buy and configure a classic VPN on their own or do not agree to install power-hungry third-party applications from unknown teams.
Recall that exactly one year and one day ago - April 1, 2018 - the company its public DNS 1.1.1.1, whose audience has grown by 700% over the past period. Now 1.1.1.1 is fighting for public attention with Google's now classic DNS at 8.8.8.8. Later, on November 11, 2018, CloudFlare launched the 1.1.1.1 mobile application for iOS and Android, and now, “VPN on a button” is also being launched on its basis.
To be honest, Cloudflare is being a little disingenuous when they call their 1.1.1.1 app update a full VPN, because in its purest form it is not. Rather, it is about encrypting DNS traffic using Warp, which, like a VPN, hides what happens inside our conditional "tunneling" to the VPN server, that is, to Cloudflare's DNS 1.1.1.1.
The main marketing and applied justification for the importance of the existence of a new product is that providers and other structures involved in the transfer of user data actively collect and even trade this data. At the same time, HTTPS does not save us: it is enough to know about the very fact of accessing a page in order to compile a “portrait” of the user and then show him the appropriate advertisement.
What you need to know about the app update 1.1.1.1 and Warp in particular:
- End-to-end encryption to Cloudflare servers and no authentication certificates. That is, CF themselves refuse to watch your traffic.
- Works on VPN protocol .
- Encryption by default of all unencrypted traffic when working through applications or when viewing insecure HTTP pages, for example.
- Theoretical traffic optimization on the Cloudflare side when surfing and so on.
The team assures that the distinguishing feature of Warp is that it was developed, among other things, to improve mobile connectivity. CloudFlare reminds that the TCP protocol is poorly adapted to work in mobile networks, the loss of packets within which can conditionally be caused by any microwave. The situation is further aggravated everywhere by the fact that the distribution of the same Wi-Fi in residential areas or public places is carried out randomly, which entails some kind of monstrous noise level on all frequency channels (of course, channels at frequencies of 2,4 MHz are suffering the most now , but even at 5MHz the situation starts to deteriorate). In such conditions of constant packet loss, not the fault of the user, but due to external conditions, TCP connections are called not the best option. The entry also says that the work of Warp is built around the use of UDP packets, which, as we remember, do not require a return response from the target server and which, for this reason, are actively used in the same gamedev to reduce ping. Also, CloudFlare assures that their application will strictly control battery usage through moderate use of antennas, and not "fire" the device to the state of a hot pan in an attempt to force the device to catch the network in places where the connection is not very stable. Separately, it is worth recalling that Warp works on the already mentioned VPN protocol. . With full technical documentation for WareGuard, you can .
In addition, Warp was not developed specifically for the 1.1.1.1 mobile application, but is part of CloudFlare's technical solution for protecting servers from attacks called , which uses part of the solutions , which in turn is based on the project purchased in 2017 . That is, in fact, Cloudflare began the methodical work to enter the mobile market back in 2017 - a year before the launch of public DNS 1.1.1.1. Such an integrated approach instills some confidence in the sequence of actions of Cloudflare and the presence of a clear long-term strategy, which is good news.
Cloudflare assures that it is not going to trade the data of its users, but will monetize Warp by subscription. Out of the box, users will have access to two versions of the program: Basic and Pro. The basic version will be free, but with a reduced data transfer rate, which, apparently, will only be enough for lazy web surfing or correspondence. The pro version for some monthly fee promises a full channel to Cloudflare servers and maximum comfort.
Company representatives say in advance that different subscription prices will be set for different regions in order to level out differences in income in different parts of the world. It is quite possible that the CIS region together with Russia will receive a more or less acceptable offer at the level of $3-10 per month instead of the quite standard 15-30 euros for the EU or the USA.
The company honestly says that they are far from being Google, but they are trying, so access to the new features of the 1.1.1.1 application will be given out in portions, on a first-come, first-served basis. In order to sign up for this very queue, you need to download or and declare your desire to use Cloudflare VPN.
If you look at the reviews in the market, they are mostly positive, although the application has problems with non-disabled notifications, which seriously annoys some users. However, many note that Cloudflare's solution is an excellent option for the secure use of public Wi-Fi hotspots: the latter are usually not very fast anyway, so the free version 1.1.1.1 should be enough for the eyes.
Another important nuance of the last Cloudflare presentation is that the company soon promises to bring its “DNS-VPN” to the desktop as well, thus covering this quite large segment.
If Cloudflare's development turns out to be really as good as it is described in the company's official blog, then a shareware (remember about speed limits) and understandable application for people who are not too in the subject of how a VPN works will finally appear on the market What is information security in general? Now everything is in the hands of Cloudflare marketers - if they can go to the mass market and implement the idea that enabling VPN mode in the 1.1.1.1 application is a mandatory element of Internet hygiene, then for millions of users the worldwide web can become much friendlier and more hospitable place than before. Also, this product will be important for countries where government agencies block access to certain resources.
And this is not only about Russia, but, for example, about Iran or even France. Court of the Fifth Republic, by the way, , they say, there is nothing for scientists to read the work of colleagues for free. But this is a completely different story, but the situation with free access to resources is getting worse and worse around the world.
Be that as it may, a service like 1.1.1.1 is quite suitable for young people and older generations who are not ready or able to figure out how to buy, set up and use a VPN even on desktops, not to mention mobile devices.
Source: habr.com