You may have heard earlier this year that Cloudflare was planning a mobile VPN called WARP. Today, 9/5/19, Cloudflare has officially opened its WARP “VPN” feature on its popular 188.8.131.52. DNS encrypting app to the public – and it’s important to note that WARP is NOT private. What most people don’t notice is that the app passes along your IP address to the destination. Cloudflare first announced their WARP VPN on April 1st of 2019 when they also started a public waitlist. WARP was built on technology which Cloudflare first got its hands on when they acquired Neumob in 2017. More specifically, WARP is a Wireguard VPN. That doesn’t mean that the Wireguard technology, which is powerful and promising, can’t still be intentionally misconfigured to pass along the user’s IP address – or other “random” user-specific identifier – to the destination.
184.108.40.206. WARP mobile VPN is not for privacy
[…] Cloudflare already provides foundational services as a content delivery network for 20 million internet properties around the world. So whether you realize it or not, a fair portion of your web browsing traffic likely flows over Cloudflare’s servers every day anyway.
Perhaps that means that also using the company’s VPN doesn’t expose you to significantly more potential privacy risk if the company were to go rogue. But offering a consumer VPN may only further entrench Cloudflare’s influence and power on the internet. […]
Privacy needs to be built into Virtual Private Networks
The number one most obvious symptom of using a VPN (Virtual Private Network) is to give a different IP address to your destination. That IP address can be a shared IP address, it can be a fixed IP address – whatever it is it should be different than the originating IP address if it is to be private. While there arguably are uses for a VPN that doesn’t provide this key feature, they aren’t anywhere near as numerous. One might also argue that this is a must-have feature that is expected of any one click solution mobile VPN that offers VPN service with zero user configuration necessary.