It definitely encrypts the traffic, the problem is that it encrypts the traffic in a recognizable way that DPI can recognize. It’s easy for someone snooping on your traffic to tell that you’re using Wireguard, but because it’s encrypted they can’t tell the content of the message.
Interesting, because Tailacale doesn’t use any special ports. How would that be detected? And could you maybe use Headscale on a dynamic port to circumvent that?
Felix_lm22@sopuli.xyz 9 months ago
Unfortunately, Deep Packet Inspection does this as Tailscale/Wireguard does not encrypt traffic
loutr@sh.itjust.works 9 months ago
Wireguard, like all VPNs, definitely does E2E encryption. What would be the point of an unencrypted VPN?
melmi@lemmy.blahaj.zone 9 months ago
It definitely encrypts the traffic, the problem is that it encrypts the traffic in a recognizable way that DPI can recognize. It’s easy for someone snooping on your traffic to tell that you’re using Wireguard, but because it’s encrypted they can’t tell the content of the message.
SeeJayEmm@lemmy.procrastinati.org 9 months ago
www.wireguard.com/protocol/
Looks like wireguard encrypts traffic to me.
mfat@lemdro.id 9 months ago
It’s easily detected by firewalls in China and Iran.
dataprolet@lemmy.dbzer0.com 9 months ago
Interesting, because Tailacale doesn’t use any special ports. How would that be detected? And could you maybe use Headscale on a dynamic port to circumvent that?
pyrosis@lemmy.world 9 months ago
It’s definitely encrypted they can just tell by signature that it is wireguard or whatever and block it.
They could do this with ssh if they felt like it.