What does HackerNews think of nordvpn-linux?

NordVPN Linux client

Language: Go

Swing VPN app is a DDoS botnet | Jun 2023
Expand Context ↕
Why don't you try installing Nord in a VM and monitoring traffic yourself, instead of taking low-quality blogspam Medium articles at face value?

If they're truly hijacking end user clients, why don't you point to the section of their open source client that's responsible for that?

https://github.com/NordSecurity/nordvpn-linux

Easy enough to prove.
Swing VPN app is a DDoS botnet | Jun 2023
It's not "well-known"- because your links don't say what you're claiming they do, and this is a conspiracy theory that's been shut down on here a thousand times before.

https://news.ycombinator.com/item?id=22532682

NordVPN used residential proxies at one point to enable access to Disney+ and other streaming services; that's a world apart from hijacking end-user connections.

They've got an open source client. Where's the code that's turning end users into endpoints?

https://github.com/NordSecurity/nordvpn-linux

NordVPN library and client code open-sourced | Mar 2023
Expand Context ↕
I was misled by the title of this submission. The Linux NordVPN client is now open source (https://github.com/NordSecurity/nordvpn-linux), but the Android, iOS, macOS, and Windows NordVPN clients are still closed source.
NordVPN library and client code open-sourced | Mar 2023
Expand Context ↕
Hi Vykintas, thank you for answering. I'm the GP.

First of all, I want to reiterate that I purposefully used the word "allegedly" because I have no proof. I only have a smoking gun https://archive.is/bQo0O .

Second of all, I want to explain that it is very difficult to verify any of your points.

> you can easily [...] look through the code. As you can see majority of it is open source.

Yes. This is correct, but at the time of writing this comment, the source has been made available only 9 hour ago. https://github.com/NordSecurity/nordvpn-linux

The whole thing is one giant "Initial commit" of what looks like millions of lines of code. Auditing this code will take months for single motivated person. There is little to no comments. "Just read the code" is difficult in this context. Also routing traffic through the client can be done just with 2 lines of code enabling kernel ip forwarding, and another line of code adding a nft/iptable rule to nat traffic from NordVPN to the outside world. This is looking for a needle in a haystack if this is obfuscated.

Also your Windows and MacOS clients (which are the most used by non-power-users) are not opensource, at the time of writing. So these ones could still be doing what has been alledged. This would be fine, since it's most likely most of your users.

> you can easily check it using Wireshark

This is also not that easy. If, as alleged, Oxylabs resells millions of NordVPN IPs to thousands of Oxylabs customers, you only have 1/1000 chance to be the botnet of the day. So you would need to be running Wireshark the one day out of 2½ year to see the traffic going through with Wireshark.