Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Meile dVPN GUI for Linux, OS X, and Windows - Powered by the Sentinel Network - a blockchain decentralized VPN.
The full version 1.8.0 has been released to GitHub. Branches include main, osx-fiat-intel, windows, fiat, osx-fiat, pip. The exception is that we did not include the scrtsxx.py which contains credentials for the FIAT gateway. Please navigate the various branches to understand the different interworkings. It is our intention to eventually merge all branches into a unified code source.
The current release is version 1.8.0. Please note this does not use Windows APIs to ask for Administration privleges and relies on an open source implementation called "gsudo". Gsudo is just a hack to ask the user to modify network adapters so that Meile may connect without issue.
Also, Meile opens a debug console in the background. Do not close this otherwise the app will close as well. We are working on getting a Microsoft Developers Certificate so we may sign the app for official release. Also, when we get the certificate we will eliminate the debug console as well. This is all in the works.
Download: Meile for Windows (v1.8.0)
Download the latest release as a DMG: Mac OS X v1.8.0
The OS X M1/M2 and Intel builds are packaged as a disk image (DMG). To install, simply download the correct DMG for your architecture (Intel or Apple Silicon). Double click on the DMG file and move the Meile app bundle to your desktop or to the Applications folder.
Both the OS X Intel and Apple Silicon release are signed by a Apple Developer Certificate. There should be no errors when running these.
pip install is not currently available for Mac OS X. We are working on bringing this as a separate packages.
The latest version of Meile GUI comes packaged as a Debian archive. Simply download the latest release: Meile Releases
and run apt for your build:
sudo apt install -y ./meile-gui-v1.8.0_ubuntu22.04_amd64.deb
This release will install wireguard tools, resolvconf, curl, and net-tools alongside the Meile GUI. To connect to nodes or disconnect requires "sudo" privileges. You will be prompted by your system dialog to enter your username's password to give authorization to complete the connection. This is due to how Linux handles permissions with regards to network interfaces.
meile-gui
Or goto your panel menu under Internet and there will be a clickable icon.
Because there were issues loading certain mesa OpenGL drivers in various Debian Virtual Machines, we have included a separate .deb archive that automatically configures the system to handle the Meile dependencies. Please use this version if you are running a Debian flavor in a virutal machine (VM).
Debian/Ubuntu 20.04 Virtual Machine
Debian/Ubuntu 22.04 Virtual Machine
Download the latest RPM for RedHat releases:
Install the rpm from a terminal via dnf (RECOMMENDED):
sudo dnf install meile-gui-v1.8.0-1.fc36.x86_64.rpm
or via rpm:
sudo rpm -i meile-gui-v1.8.0-1.fc36.x86_64.rpm
dnf is recommended as it will install all dependencies for Meile to function correctly.
Meile dVPN GUI v0.14.1 is now available as a pip packages as well. These are pre-releases scheduled to be built into a binary. First install system dependencies:
sudo apt install -y wireguard-tools openresolv mesa-utils libgl1-mesa-glx xclip python3-devel curl net-tools python3-venv
Then install via pip
pip3 install meile-gui
via a virtual environment:
mkdir ~/venv && python3 -m venv ~/venv/meile
source venv/meile/bin/activate
pip3 install meile-gui
Upgrade via pip
pip3 install meile-gui --upgrade
To run Meile GUI after pip install do the following:
meile-gui
The FIAT gateway is not included in the pip package. This is due to certain credentials needing to remain secret for OPSEC reasons. The pip package will continue to get updated with the FIAT release with bug fixes and feature additions.
We consider the pip releases to be pre-releases of the compiled binaries. Pip is considered the bleeding edge of Meile releases
We package the following binaries with our releases:
tun2socks(GitHub - xjasonlyu/tun2socks: tun2socks - powered by gVisor TCP/IP stack)
v2ray (GitHub - v2fly/v2ray-core: A platform for building proxies to bypass network restrictions.)
sentinel-cli (GitHub - sentinel-official/cli-client: The official Sentinel CLI client)
We have built tun2socks, v2ray, and sentinel-cli from source on the target architectures. Cloudflare warp is closed-source and so we packaged the binaries direct from the install link above.
Note: we use v2ray version 5.1.0 as this is what the dvpn-node software also uses and it is recommended to use the same client version as the server version.
Please make comments, suggestions, and issues on the issues page here at GitHub. If you are a GitHub newb, you can join us in our various open messaging channels:
Session:
All suggestions are welcome.
In order to create a binary for your distribution some packages need to be installed first.
Pyinstaller:
pip3 install pyinstaller
Install a python virtualenv:
sudo apt install python3-venv
Then clone the repo:
git clone https://github.com/MathNodes/meile-gui
Switch to the pip branch as this is the one without FIAT gateway
cd meile-gui && git checkout pip
Then run a python virtual environment and install meile-gui. This will find all the dependencies for meile-gui.
python3 -m venv meile-gui && \
source meile-gui/bin/activate && \
pip install -r requriements.txt && pip install -e .
Once meile-gui and it's dependencies have been installed within the python virutal environment, a binary release can be created:
bash pyinstaller.cmd
That's it. Navigate to the dist
folder where the binary will be.
For windows, install the necessary pip packages found in setup.py
and run the following with pyinstaller
pyinstaller meile_gui.spec
This will build the binary found in the dist
directory of the Meile tree.
Because we are working on a small grant with no VC funding, any additional contributions to our developer team is more than certainly welcomed. It will help fund future releases.
bc1qtvc9l3cr9u4qg6uwe6pvv7jufvsnn0xxpdyftl
sent12v8ghhg98e2n0chyje3su4uqlsg75sh4lwcyww
87qHJPU5dZGWaWzuoC3My5SgoQSuxh4sHSv1FXRZrQ9XZHWnfC33EX1NLv5HujpVhbPbbF9RcXXD94byT18HonAQ75b9dyR
zs1gn457262c52z5xa666k77zafqmke0hd60qvc38dk48w9fx378h4zjs5rrwnl0x8qazj4q3x4svz
FAQs
Meile dVPN powered by the Sentinel Network
We found that meile-gui demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.