Jump to content
Not connected, Your IP: 34.207.247.69

Recommended Posts

I would formally like to request the addition of an XMPP server as a feature.

 

Unfortunately, forums in general are not conducive for many of the types and manner of communication that Air and VPN users in general require. Privacy is a concern for many matters and Pidgin + OTR for instance offers a much higher level of security and shrinks the partition of trust during such communication.

 

Another area the forums fall short is offering an efficient manner for real time conversations, chats and even support from other forum members. For instance, there quite often is a need for personalized support for members who have followed my pfSense setup guide due to the fact that there are so many variables to consider for hardware choices and network environments. This type of support can take days or weeks with back and forth forum conversation.. or can take minutes to hours in real time chat. Posts with such personalized instruction could also potentially confuse the uninitiated, as settings for one setup could be detrimental to another. As such, I feel personal support is a much better option in such instances.

 

A group of air users and myself currently converse on XMPP using Pidgin + OTR. It has been a great convenience for all of us. However, and this is a big however, some of us have concerns over using an "unknown" XMPP Server. I personally scoured for a few days before choosing one (I will not advertise which server was chosen) based on the required use of SSL on all communications. Most servers required registration over clear http. Even though we found one that was a bit more secure, the service I don't think is meant for or ready for a large influx of users and there are frequent drops of the service. We all agree we need to find another server, but who do you trust?

 

Which brings me to my request. I believe it would be greatly beneficial to all if there was an Air supported XMPP server with end to end encryption and no logs of any sort.

 

I believe the ability to create chats will also open up access for individuals to learn more about methods of security, privacy, recommended software and even hardware discussions. Overall I feel it can help build the community, and the more that participate, the more knowledge and experience that gets shared and the community can grow. I personally would love to see that happen, and I think many more would participate if a more private arena existed. This information would trickle its way to the forums I suspect as well, only helping more and more.

 

This would be one more feature to add to the reasons why AirVPN is the best around.

 

Staff, can we make this happen?


Have my guides helped you? Help me keep helping you, use my referral: userbar.png

How to set up pfSense 2.3 for AirVPN

Friends don't let friends use consumer networking equipment!

Share this post


Link to post

This is such a nice idea, I got thousands more. Listen up.

A chat server. With group (AirVPN members) and private channels (user to user). Encrypted. "If the forums can't help you, try asking in the public chatroom for quick help. If there is none - start a new topic". Addition to the forum. Might prevent people from asking the same questions over and over again..


» I am not an AirVPN team member. All opinions are my own and are not official. Refer to Staff postings for the official word.

» These are the community forums, not the support portal. You're writing with other users here.

» New here? LZ1's New User Guide to AirVPN. Use the search function, Luke!

» Tor exits behind a VPN connection are discouraged. Using Tor on the other hand is not.

 

» Privacy is like alcohol: Drink a little and it can help you stay unnoticed. Drink a lot and everyone will notice you.

» I cannot give you the solution to all your issues. But I can guide you to it. The rest is up to you.

Share this post


Link to post

Respectfully, I think you missed the point, this isn't a chat room as such he is requesting, its a XMPP server.

http://xmpp.org/xmpp-software/servers/ 

In light of Air's stance on net neutrality, this makes sense supporting another form of user to user communication and support via anonymous but validated means. Rather than authenticate on a random server somewhere, it could be part of the Air's service. 

Share this post


Link to post

Hi. Interesting idea.

We ALREADY have a XMPP server, but it's used only by our staff (we use Pidgin+OTR on pc, and Xabber on mobile).

It's not actually ready for public only because it has a lower priority :p :
- We need help to study how XMPP works to configure it.
- It's not currently under failover servers.
- It needs a join between registered AirVPN forum members and XMPP accounts.

We don't know how, but maybe it's possible to create chat rooms with XMPP, maybe with a web frontend that can be used from a page in https://airvpn.org website

 

Kind regards

Share this post


Link to post

Respectfully, I think you missed the point, this isn't a chat room as such he is requesting, its a XMPP server.

http://xmpp.org/xmpp-software/servers/ 

In light of Air's stance on net neutrality, this makes sense supporting another form of user to user communication and support via anonymous but validated means. Rather than authenticate on a random server somewhere, it could be part of the Air's service. 

 

No I didn't. I know that he wants a XMPP server. My idea was to mix that with characteristics of an IRC server. Something like that.


» I am not an AirVPN team member. All opinions are my own and are not official. Refer to Staff postings for the official word.

» These are the community forums, not the support portal. You're writing with other users here.

» New here? LZ1's New User Guide to AirVPN. Use the search function, Luke!

» Tor exits behind a VPN connection are discouraged. Using Tor on the other hand is not.

 

» Privacy is like alcohol: Drink a little and it can help you stay unnoticed. Drink a lot and everyone will notice you.

» I cannot give you the solution to all your issues. But I can guide you to it. The rest is up to you.

Share this post


Link to post

While the page is in German, a server that requires SSL (not just supports it) and has a strong privacy record is jabber.ccc.de as operated by Germany's Chaos Computer Club (one of the oldest and largest hacker organizations in the world). 

 

http://web.jabber.ccc.de/?page_id=12

 

It should easily be able to cope with AirVPN's entire userbase. It supports group chat. It is maintained.

 

@gigan3rd: that statement does not make much sense, either you want an xmpp server or an irc server, an xmpp server "with the characteristics of an IRC server" is not a thing. You can use group chats / conference rooms to chat with multiple people though.

 

While airvpn is awesome, I'm not sure offering xmpp and the like is in scope for the service; the same argument could then be made for webhosting in http, team fortress game servers, BitTorrent seedboxing/tracking, etc.; while all of those rock, I'd rather airvpn focus on what they do best -- provide a robust, speedy, secure network of VPN servers -- especially in light of the fact that there are, in fact, well-operated XMPP servers out there already

Share this post


Link to post

Would also like to see this would also help Air users understand privacy concerns much better not to mention sharing of ideas.

Share this post


Link to post

Hi. Interesting idea.

 

We ALREADY have a XMPP server, but it's used only by our staff (we use Pidgin+OTR on pc, and Xabber on mobile).

 

It's not actually ready for public only because it has a lower priority :

- We need help to study how XMPP works to configure it.

- It's not currently under failover servers.

- It needs a join between registered AirVPN forum members and XMPP accounts.

 

We don't know how, but maybe it's possible to create chat rooms with XMPP, maybe with a web frontend that can be used from a page in https://airvpn.org website

 

Kind regards

 

First I would like to thank you for your expeditious reply, it is greatly appreciated.

 

I will be the first to admit there needs to be some discussion on how it would work.

 

Some initial thoughts are that perhaps only users connected to air could use it to keep abuse and load to a minimum. It would be best though if it could be tied to forum user names though, so we could know we are chatting with the same people from the forum indeed.

 

Any help you need, I volunteer in any way I am capable of helping. I'm sure a few others that currently join me would also be happy to beta test.

 

I'm not sure it needs any integration into a web frontend however. Very easily a tutorial could be posted on the forums on how to get started with XMPP. A set of default conference rooms can be available on the server, and user can create their own chats.

 

 

 

While the page is in German, a server that requires SSL (not just supports it) and has a strong privacy record is jabber.ccc.de as operated by Germany's Chaos Computer Club (one of the oldest and largest hacker organizations in the world). 

 

Thank you, I was not aware of them. I will have to research them now.

 

http://web.jabber.ccc.de/?page_id=12

 

It should easily be able to cope with AirVPN's entire userbase. It supports group chat. It is maintained.

 

Perhaps, but this is beyond the point of what we are trying to accomplish. I somehow do not think it would be good form to suggest the entire user base sign up there either.

 

@gigan3rd: that statement does not make much sense, either you want an xmpp server or an irc server, an xmpp server "with the characteristics of an IRC server" is not a thing. You can use group chats / conference rooms to chat with multiple people though.

 

While I am not against chats/group chat in any way, it's only a benefit that XMPP also has this ability. The real focus here is Off The Record communication with the OTR plugin. It is precisely the need for this ability in some circumstances that promted this request.

 

While airvpn is awesome, I'm not sure offering xmpp and the like is in scope for the service; the same argument could then be made for webhosting in http, team fortress game servers, BitTorrent seedboxing/tracking, etc.; while all of those rock, I'd rather airvpn focus on what they do best -- provide a robust, speedy, secure network of VPN servers -- especially in light of the fact that there are, in fact, well-operated XMPP servers out there already

 

To be fair, I heavily weighed the pros and cons of this request for weeks before asking. While it is unprecedented in the scope of the current service compared to the competition, it is not outside the scope of their mission statement.

 

To compare the need for secure communication with bittorrent and game servers is a bit of a reach... and possibly an assumption. While I do not pass judgement on ones reasons for using this service, I can assure you my motivations are privacy and advocacy.

 

I will end by giving a few examples of issues I've ran into in helping a number of users learn about security/piracy/networkingand why I feel it would be best if there was an "in-house" solution.

 

1.) In helping people set up pfsense and other networking equipment, it is quite often that logs require reviewing. This sometimes can be as many as 2000 lines of logs. For those that don't know, many times OpenVPN and other network logs can give away a users clearnet ip-address. Ask anyone I have helped (and I hope some may chime in) that I ask them to search these logs and remove identifying info before sending them to me. Unfortunately these people are seeking help because they don't understand it as it is, and 9 times out of ten they overlook info that absolutely would not belong on a forum, even in a private message. I should have no knowledge of those bits honestly, but at least with OTR these users can shrink their partition of trust.

 

2.) Another common form of troubleshooting is viewing screen captures. This has the same concerns as above and a few others.A screen shot may include bits of info on a user they may not realize is potentially exposing. Weather apps/widgets that show a city is one example. The dashboard of pfSense gives away all ip addresses of the system. Again, uninformed users don't know better and this info DOES NOT belong on a forum. Without the assistance, however, these folks may not get up and running securely. This does not even get intot the further potential for exposure with exif data on pictures.

 

3.) I have spent many, many hours teaching users about hardware choices and why some choices are better than others or even "must have" if certain levels of security and privacy are to be attained. Some of this equipment is not common consumer equipment. Public discussion of these hardware choices could potentially put a user at risk of being correlated. With the revelations that equipment can be intercepted and bugged, the need for off the record discussion of such matters cannot be overlooked for those who require privacy or may be oppressed. In private, I can share with a user what best practices I know of how they can best attain the equipment... from methods of payment right down to where and how to purchase it. And for anyone who thinks this is a far fetched scenario... the need has been very real for some already.

 

4.) I very much enjoy sharing what I know with others and helping where I can, but I also work for a living. I work long hours in fact, very long indeed some days. There has a been a few times already where it was exceedingly hard to help some users because we simply were not on the forums at the same time. So much time would pass between communication that I would forget where we had left off. Moving the coversation over to XMPP expedited the whole process because as soon as we were both on we chugged away at the setups. It made my helping others more convenient for me. I'm not sure many people realize just how many hours of my own time I've dedicated to helping the community. I am not looking for thanks.... what I am looking for is a way to "help me help you".

 

So to reiterate, chats/conference rooms are great and all, and I do and would use them, but lets not overlook they do not offer OTR in conference rooms. What myself and others are looking for/asking for is the ability to use OTR if and when it is needed. While it is great that there are other services out there, we would not be shrinking our partition of trust but expanding it. That's not to add we would all need to register there, increasing our web footprint (I try not to use an identity at more than one site ever). There is also nothing to prevent someone from impersonating another forum member on another service, while an air server would be tied to forum usernames.

 

So this is just a few of the examples I can think of right now (and there are more) that warranted the use of OTR. That's not even considering the many others who may wish to learn how to speak out against an employer or oppressive government but don't know how. This could be a good step in spreading this knowledge and growing the community. It's hard to know who to trust as far as using other services. Anyone who hosts a server has the potential to spy, especially in conference rooms. Heck, I could host a server quite easy with the equipment I have and it could handle the entire userbase... and it would be quite secure behind a very powerful firewall, Snort/Suricata and various blacklists for bots and attacks... but I do not have the bandwidth... and nothing would prevent me from logging. Air (I assume) would be obligated not to spy or log in the same way they are obligated not to on the VPN servers. They can not be forced to divulge what they do not know. This is why it seems a good fit,in my humble opinion, considering the mission statement.

 

While I would understand if this was ultimately determined to be outside the scope of the project, I look forward to hearing ideas on how to make this a reality!


Have my guides helped you? Help me keep helping you, use my referral: userbar.png

How to set up pfSense 2.3 for AirVPN

Friends don't let friends use consumer networking equipment!

Share this post


Link to post

XMPP also has this ability

 

Well, I guess, my information was obsolete, then. Thanks for the update, I just did some research on this.


» I am not an AirVPN team member. All opinions are my own and are not official. Refer to Staff postings for the official word.

» These are the community forums, not the support portal. You're writing with other users here.

» New here? LZ1's New User Guide to AirVPN. Use the search function, Luke!

» Tor exits behind a VPN connection are discouraged. Using Tor on the other hand is not.

 

» Privacy is like alcohol: Drink a little and it can help you stay unnoticed. Drink a lot and everyone will notice you.

» I cannot give you the solution to all your issues. But I can guide you to it. The rest is up to you.

Share this post


Link to post

I've requested this before via the Contact Us page.

 

I'm glad to see other members of the community have the same idea.

 

Hi. Interesting idea.

We ALREADY have a XMPP server, but it's used only by our staff (we use Pidgin+OTR on pc, and Xabber on mobile).

It's not actually ready for public only because it has a lower priority :
- We need help to study how XMPP works to configure it.
- It's not currently under failover servers.
- It needs a join between registered AirVPN forum members and XMPP accounts.
 

We don't know how, but maybe it's possible to create chat rooms with XMPP, maybe with a web frontend that can be used from a page in https://airvpn.org website

 

Kind regards

 

First I would like to thank you for your expeditious reply, it is greatly appreciated.

 

I will be the first to admit there needs to be some discussion on how it would work.

 

Some initial thoughts are that perhaps only users connected to air could use it to keep abuse and load to a minimum. It would be best though if it could be tied to forum user names though, so we could know we are chatting with the same people from the forum indeed.

IMHO this is an important point. Making it public to unregistered users would invite spam.

 

You (Air) also might want to restrict it to customers who have previously subscribed to the service or to those whom Air has given free access (such as for people in human rights hostile regimes as mentioned on the Mission page). This way spammers couldn't just create accounts to get access.

 

Also, the link to the XMPP setup information/details and guides for clients (and software pidgin, adium, etc.) should be in the client area, not on the publicly-accessible website.

The XMPP server should use a separate password than the web login so in case the XMPP server got hacked, users' website passwords wouldn't be compromised. This could be generated by the user or via a tool in the client area.

 

For users who wish to use OTR, the profile page could show the (user-submitted) OTR fingerprints so users who have "friended" each other could verify there is no MITM attack occurring.

Any help you need, I volunteer in any way I am capable of helping. I'm sure a few others that currently join me would also be happy to beta test.

I would volunteer to beta test the XMPP server!

I'm not sure it needs any integration into a web frontend however. Very easily a tutorial could be posted on the forums on how to get started with XMPP. A set of default conference rooms can be available on the server, and user can create their own chats.

Perhaps some conference rooms could be the same as those on the Forums.

Also, users could create their own conference rooms. Unused user-generated conference rooms could expire within say 30 days except for the official rooms (not sure if this is possible).

 

While the page is in German, a server that requires SSL (not just supports it) and has a strong privacy record is jabber.ccc.de as operated by Germany's Chaos Computer Club (one of the oldest and largest hacker organizations in the world). 

 

Thank you, I was not aware of them. I will have to research them now.

 

http://web.jabber.ccc.de/?page_id=12

 

It should easily be able to cope with AirVPN's entire userbase. It supports group chat. It is maintained.

 

Perhaps, but this is beyond the point of what we are trying to accomplish. I somehow do not think it would be good form to suggest the entire user base sign up there either.

 

@gigan3rd: that statement does not make much sense, either you want an xmpp server or an irc server, an xmpp server "with the characteristics of an IRC server" is not a thing. You can use group chats / conference rooms to chat with multiple people though.

 

While I am not against chats/group chat in any way, it's only a benefit that XMPP also has this ability. The real focus here is Off The Record communication with the OTR plugin. It is precisely the need for this ability in some circumstances that promted this request.

 

While airvpn is awesome, I'm not sure offering xmpp and the like is in scope for the service; the same argument could then be made for webhosting in http, team fortress game servers, BitTorrent seedboxing/tracking, etc.; while all of those rock, I'd rather airvpn focus on what they do best -- provide a robust, speedy, secure network of VPN servers -- especially in light of the fact that there are, in fact, well-operated XMPP servers out there already

 

To be fair, I heavily weighed the pros and cons of this request for weeks before asking. While it is unprecedented in the scope of the current service compared to the competition, it is not outside the scope of their mission statement.

 

To compare the need for secure communication with bittorrent and game servers is a bit of a reach... and possibly an assumption. While I do not pass judgement on ones reasons for using this service, I can assure you my motivations are privacy and advocacy.

 

I will end by giving a few examples of issues I've ran into in helping a number of users learn about security/piracy/networkingand why I feel it would be best if there was an "in-house" solution.

 

1.) In helping people set up pfsense and other networking equipment, it is quite often that logs require reviewing. This sometimes can be as many as 2000 lines of logs. For those that don't know, many times OpenVPN and other network logs can give away a users clearnet ip-address. Ask anyone I have helped (and I hope some may chime in) that I ask them to search these logs and remove identifying info before sending them to me. Unfortunately these people are seeking help because they don't understand it as it is, and 9 times out of ten they overlook info that absolutely would not belong on a forum, even in a private message. I should have no knowledge of those bits honestly, but at least with OTR these users can shrink their partition of trust.

I've chatted with pfSense_fan several times and really appreciate the time taken to help me. Before I sent logs, pfSense_fan reminded me to remove identifying data such as my IP. I knew how to do this, but I appreciated that pfSense_fan was concerned about my privacy while helping me. pfSense_fan did the same for screenshots I sent.

2.) Another common form of troubleshooting is viewing screen captures. This has the same concerns as above and a few others.A screen shot may include bits of info on a user they may not realize is potentially exposing. Weather apps/widgets that show a city is one example. The dashboard of pfSense gives away all ip addresses of the system. Again, uninformed users don't know better and this info DOES NOT belong on a forum. Without the assistance, however, these folks may not get up and running securely. This does not even get intot the further potential for exposure with exif data on pictures.

 

3.) I have spent many, many hours teaching users about hardware choices and why some choices are better than others or even "must have" if certain levels of security and privacy are to be attained. Some of this equipment is not common consumer equipment. Public discussion of these hardware choices could potentially put a user at risk of being correlated. With the revelations that equipment can be intercepted and bugged, the need for off the record discussion of such matters cannot be overlooked for those who require privacy or may be oppressed. In private, I can share with a user what best practices I know of how they can best attain the equipment... from methods of payment right down to where and how to purchase it. And for anyone who thinks this is a far fetched scenario... the need has been very real for some already.

 

4.) I very much enjoy sharing what I know with others and helping where I can, but I also work for a living. I work long hours in fact, very long indeed some days. There has a been a few times already where it was exceedingly hard to help some users because we simply were not on the forums at the same time. So much time would pass between communication that I would forget where we had left off. Moving the coversation over to XMPP expedited the whole process because as soon as we were both on we chugged away at the setups. It made my helping others more convenient for me. I'm not sure many people realize just how many hours of my own time I've dedicated to helping the community. I am not looking for thanks.... what I am looking for is a way to "help me help you".

 

So to reiterate, chats/conference rooms are great and all, and I do and would use them, but lets not overlook they do not offer OTR in conference rooms. What myself and others are looking for/asking for is the ability to use OTR if and when it is needed. While it is great that there are other services out there, we would not be shrinking our partition of trust but expanding it. That's not to add we would all need to register there, increasing our web footprint (I try not to use an identity at more than one site ever). There is also nothing to prevent someone from impersonating another forum member on another service, while an air server would be tied to forum usernames.

 

So this is just a few of the examples I can think of right now (and there are more) that warranted the use of OTR. That's not even considering the many others who may wish to learn how to speak out against an employer or oppressive government but don't know how. This could be a good step in spreading this knowledge and growing the community. It's hard to know who to trust as far as using other services. Anyone who hosts a server has the potential to spy, especially in conference rooms. Heck, I could host a server quite easy with the equipment I have and it could handle the entire userbase... and it would be quite secure behind a very powerful firewall, Snort/Suricata and various blacklists for bots and attacks... but I do not have the bandwidth... and nothing would prevent me from logging. Air (I assume) would be obligated not to spy or log in the same way they are obligated not to on the VPN servers. They can not be forced to divulge what they do not know. This is why it seems a good fit,in my humble opinion, considering the mission statement.

 

While I would understand if this was ultimately determined to be outside the scope of the project, I look forward to hearing ideas on how to make this a reality!

 

I can help with writing tutorials for the XMPP server if needed. Just let me know.

Share this post


Link to post

this dude pfsense_fan gave me help a while back, and since has helped me heaps over time. the pidgin + otr is abit hard to setup the very first time especially when you have never seen it before.

 

an xmpp server in the airvpn cloud would be very useful

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...