VPN Fund

Let's Connect VPN provisioning — Preprovisioning VPN profiles for managed devices

Let’s Connect VPN (aka eduVPN) is a community-driven open source software initiative to help lead the way to reliable, performant and trustworthy VPN technologies. The project provides a full open-source VPN framework currently designed on top of OpenVPN and WireGuard. If organisations or communities are interested in deploying eduVPN in a large scale environment, it should be trivial to have the software pre-installed including credential rollout. This project will examine how to better, more easily, support large scale Let's Connect and EduVPN rollouts.

>> Read more about Let's Connect VPN provisioning

VPN Vulnerability Testing Suite — Test VPN implementations for network based attacks

Recent publications have brought attention to vulnerabilities in most VPN implementations when faced with a network-based attacker levering attacks such as TunnelVision and TunnelCrack, among others. In light of these publications, this project develops a testing suite that covers every known edge case, allowing for a one-stop straightforward yet complete evaluation of whether a particular VPN client implementation is susceptible to said vulnerabilities.

The testing framework will be delivered as an open-source software component, free to be used and altered. The framework will also be extended with various attack variants that are not directly covered under the original TunnelCrack and TunnelVision research, such as behavior when operating on hostile IPv6 networks, and the recovery behavior after being subject to service interruption by an attacker. By integrating these tests into e.g. continuous integration and delivery infrastructure, developers of VPN applications can sustainably harden their software against these attacks.

>> Read more about VPN Vulnerability Testing Suite

eduP2P Test Suite — System, integration and performance tests for eduP2P

eduP2P is a peer-to-peer (P2P) VPN solution based on WireGuard. This project will develop a comprehensive test suite for eduP2P, consisting of three types of tests: system tests (that verify whether it is possible to establish P2P connections using eduP2P when the addresses of peers have undergone Network Address Translation), integration tests (that verify the functionality of smaller components of eduP2P in isolation by testing the source code), and performance tests (that measure metrics such as the throughput, delay and packet loss of an eduP2P connection).

The test suite makes the continued development of eduP2P easier by making it possible to discover and fix functionality and performance issues present in eduP2P.

>> Read more about eduP2P Test Suite

eduVPN Accessibility & UX Improvements — Inclusive and user-friendly design for eduVPN

The goal of this project is to improve the user experience (UX) and accessibility of eduVPN and Let's Connect. This includes analysing the full digital ecosystem of both ecosystems, meaning mobile and desktop apps as well as websites. The goal is to achieve a consistent and WCAG 2.1 (AA)-compliant user experience across the various platforms. This includes expert review, small-scale in-person user testing and remote larger-scale testing to improve overall accessibility and usability. The expected outcome is a set of UI redesign ready for implementation by the developers.

>> Read more about eduVPN Accessibility & UX Improvements

eduVPN app — Add Wireguard protocol to federated VPN suite

Let's Connect aims to provide a comprehensive and reliable, open source VPN solution for all platforms. For the codebase containing the Mac/iOS implementation of the EduVPN app a continuous integration setup is needed, which should be inspectable by the wider internet community and based on open and/or freely available tooling. Furthermore, the iOS and Mac apps of Let's Connect/EduVPN should rely on as few third party dependencies as possible - as such dependencies introduce risk, for example due to bugs or dependency poisoning. This project will set up the CI infrastructure and prune the dependency to reduce the attack surface on the app.

>> Read more about eduVPN app

eduVPN on Apple — eduVPN for Apple devices

eduVPN is a program under the Commons Conservancy, a non-for-profit foundation focusing on free and open source projects. The goal of the project is to provide a comprehensive and reliable, open source VPN solution for all platforms. This project aims to improve the security and usability of the macOS- and iOS-apps.

>> Read more about eduVPN on Apple

eduVPN on Apple part II — Improved version of eduVPN for Apple devices

eduVPN is a program under the Commons Conservancy, a non-for-profit foundation focusing on free and open source projects. The goal of the project is to provide a comprehensive and reliable, open source VPN solution for all platforms. The project is plagued by some nasty bugs that have been found hard to fix by the community. This particular project aims to deliver a new and more user-friendly user interface for the macOS and iOS-app, as well as implement a new server discovery mechanism in these apps.

>> Read more about eduVPN on Apple part II

eduVPN multi-protocol — Review of the eduVPN multi-protocol project.

The eduVPN framework is currently build on top of OpenVPN 2.x. A new design will be delivered in order to accommodate WireGuard next to OpenVPN. WireGuard is a very simple, fast and modern VPN that utilizes state-of-the-art cryptography. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it is now cross-platform and widely deployable.

>> Read more about eduVPN multi-protocol