Jump to content
Not connected, Your IP: 18.234.55.154
deeperdot

Does AirVPN log its users' IP addresses?

Recommended Posts

In a few words, any server must know your IP address to communicate with your node for all the time you remain connected to any service. This IP address, in our case, stays in RAM and no action, transfer, storage of it etc. is performed after the disconnection.

 

You have clarified my doubts. 

 

Thanks for your time, patience, and care. 

Share this post


Link to post

Addendum:

 

My doubts may have been clarified, but consider revising the wording of your privacy policy accordingly, as I'm not the only one who can get confused:

https://www.deepdotweb.com/2014/07/08/is-your-vpn-legit-or-shit/

 

 

That's not a problem with the Privacy Notice... that article deliberately reported false data for reasons that are not worth the time to be investigated, and not only about us (you can easily cross-check other false claims in that table). Note also how the table is a picture, to avoid indexing by search engines.

 

Kind regards

Share this post


Link to post

Addendum:

 

My doubts may have been clarified, but consider revising the wording of your privacy policy accordingly, as I'm not the only one who can get confused:

https://www.deepdotweb.com/2014/07/08/is-your-vpn-legit-or-shit/

 

From all this i get the sense that you want absolute privacy and perhaps the reason for this is the darknet activities. My humble advice to you is to stay away from illegal activity, well at least from the kind that requires darknet usage. Just like there is no absolute truth, there is no absolute privacy either, a great many people find that out the hard way. I always thought that i was torrenting peacefully through my VPN connection after I made sure that there are no DNS leaks, and that my connection to internet is disabled in case VPN connection drops. To my dismay, i recently discovered a new technology (perhaps only new to me) called WebRTC detection (introduced thanks to google) which can detect your original IP address even if you are connecting through a VPN tunnel and your DNS servers are public. Thankfully there is a fix for that too and I now fixed it, but who knows how many times I torrented with that vulnurability thinking I was absolutely safe and anonymous.

 

The moral of the story is, there is no guarantee that a new technology won't be introduced behind your back and you will once again be vulnarable, there is also no guarantee that such technology doesn't already exist in the hands of law enforcement. So my humble advice to you if you want to be safe just don't do anything you would later regret.

 

 

Share this post


Link to post

 

. I always thought that i was torrenting peacefully through my VPN connection after I made sure that there are no DNS leaks, and that my connection to internet is disabled in case VPN connection drops. To my dismay, i recently discovered a new technology (perhaps only new to me) called WebRTC detection (introduced thanks to google) which can detect your original IP address even if you are connecting through a VPN tunnel and your DNS servers are public. Thankfully there is a fix for that too and I now fixed it, but who knows how many times I torrented with that vulnurability thinking I was absolutely safe and anonymous.

 

Hello!

 

If you had Network Lock enabled in our Air client, you have always prevented "WebRTC leaks", as well as any other packet out of the tunnel sent by any process binding to your physical network card. https://airvpn.org/faq/software_lock/

 

Kind regards

Share this post


Link to post

And BTW, @VpnAndMe: the IPLeak website (run by the good folks from AirVPN) checks and reports whether you're susceptible to the WebRTC leak.

Why the hell would the rest of us be here making testaments and telling how it is if what we say was not true?

Share this post


Link to post

Hi everyone

 

Sorry for reopening an old thread.

 

I was going through this thread because i found the same article/link (mentioned above) stating that Air is logging the personal user IP's.

I have understood Air's explanation saying that the IP is stored in the RAM only, which is great.

 

My question is the following:

I connect to an AirVPN server. Let's assume this server lies in the States.

This openvpn server stores my IP in the RAM to establish and maintain the connection. It verifies my login credentials over a backend db where username password and no. of active connections are stored (no IP)

But if I go to AirVPN.org  to the client area (which is located somewhere in Europe), I see all my open connections including my IP.

 

How does the website knows my real IP? It could ask the same backend db - but there is no real IP stored...

For each active connection it would have to go asking the corresponding openvpn server for my real IP (in this example the one in the States) in order to show it on the website? This sounds extremely inefficient to me...?!?

 

I am no expert but it would be great you could explain me this process for my understanding.

 

BTW: Thanks very much for this superb VPN service.

 

regards

Share this post


Link to post

How does the website knows my real IP? It could ask the same backend db - but there is no real IP stored...

For each active connection it would have to go asking the corresponding openvpn server for my real IP (in this example the one in the States) in order to show it on the website? This sounds extremely inefficient to me...?!?

 

I am no expert but it would be great you could explain me this process for my understanding.

 

 

Hello!

 

Actually it is, but the inefficiency is negligible in terms of overall performance and under any other aspect. We confirm that everything is kept in RAM. Basically usage of RAM disks is involved but we are not willing to enter into details, sorry.

 

Kind regards

 

 

BTW: Thanks very much for this superb VPN service.

 

regards

Share this post


Link to post

Hello!

 

Actually it is, but the inefficiency is negligible in terms of overall performance and under any other aspect. We confirm that everything is kept in RAM. Basically usage of RAM disks is involved but we are not willing to enter into details, sorry.

 

Kind regards

 

Not only negligible but also safer than any alternative.

Share this post


Link to post

deerdot (OP),

 

I have found Air to be extremely trustworthy and honest with the members.  However; with that said its important for YOU never to rely upon a single value trust such as AIR (or any vpn provider) alone.  In open honesty Air has mentioned numerous times to setup a partition of trust so that no one provider holds the key to your activity.

 

On the IP front, which is the thrust of your thread here, have you considered and planned for outside monitoring?  I assure you without any question that vpn datacenters are monitored for incoming IP's.  These can be and are likely recorded by authorities and NO vpn provider can control its occurrence.  That doesn't mean that Air's tunnel is broken or that your plain text data is visible to outside viewing, but it does mean that YOUR incoming IP is known to have connected to the vpn datacenter.  Your ISP also clearly sees this too if Air is vpn1 in your circuit.  Any single hop relay can be monitored and over a short time period it would be possible to isolate where you go using the vpn.  Its not Air's fault but how it all works, so construct a partition of trust.  Maybe Air plus TOR because this would give you 4 relays and make it quite unreasonable to track unless you are an EXTREMELY high value target.

 

I am only posting this to enlighten your mind to the OVERALL scope of how this all works, not to scare you.

Share this post


Link to post

 

deerdot (OP),

 never to rely upon a single value trust

 

Sorry to single out such a short quote but it means a great deal.

Indeed it embodies mine and many in Jesus. We need no religous bigotry or any man made nonesense.

Share this post


Link to post

"  Your ISP also clearly sees this too if Air is vpn1 in your circuit.  Any single hop relay can be monitored and over a short time period it would be possible to isolate where you go using the vpn. "

 

Could you elaborate more on this in layman term and a little bit more details ?   I really want to know for my knowledge.

Thanks.

Share this post


Link to post

 

"  Your ISP also clearly sees this too if Air is vpn1 in your circuit.  Any single hop relay can be monitored and over a short time period it would be possible to isolate where you go using the vpn. "

 

Could you elaborate more on this in layman term and a little bit more details ?   I really want to know for my knowledge.

Thanks.

 

I am not certain what elaboration you are looking for.  Lets start with the first part of the quoted post.  Both your ISP (internet service provider) AND any authority monitoring the vpn datacenter can easily see that your IP XXX connects to an Air server.  If properly configured both your ISP and the outside monitoring authority CANNOT read or see the plain text.  They know that IP XXX is clearly connected.  In this example lets say Air functions as vpn1, and in fact lets make it a one hop one Air server circuit.  I never use something this simple but lets just stay with it for our example.  In this simple design an adversary of "authority" magnitude can oversee all IP's coming into the server via the datacenter and can monitor them over TIME.  Next they start observing activity on the net coming from the exit IP of the Air server and again TIME is their friend.  Remember they have money and resources and just keep logging both ends of the server starting to look for patterns, which will not be too tough to develop.  At your request I am keeping this simple and not technical as to HOW its done.  In the worst case scenario you have an Air member that connects to the same server all the time making their timing/observation child's play on a one hop circuit.  Reminding you I am talking about an adversary at the "authority" level not a script kiddie.

 

Only you can decide if what you are doing online is worth "their" effort to track you down.  To me this is a hobby and even though I am boring I study and learn like I really have something to hide.  Consider just adding TOR (running in a linux VM) over your one Air server, and you basically have graduated to catastrophic loss for the adversaries most will ever face.

 

There are many technical papers on timing attacks and such for monitoring one hop vpn's from the OUTSIDE.  I for one am assuming Air is solid and they are NOT on the inside of our tunnels.  Still, I use a partition of trust among several vpn providers and TOR because logic dictates I should.  You decide for YOU.

Share this post


Link to post

 

 

"  Your ISP also clearly sees this too if Air is vpn1 in your circuit.  Any single hop relay can be monitored and over a short time period it would be possible to isolate where you go using the vpn. "

 

Could you elaborate more on this in layman term and a little bit more details ?   I really want to know for my knowledge.

Thanks.

 

I am not certain what elaboration you are looking for.  Lets start with the first part of the quoted post.  Both your ISP (internet service provider) AND any authority monitoring the vpn datacenter can easily see that your IP XXX connects to an Air server.  If properly configured both your ISP and the outside monitoring authority CANNOT read or see the plain text.  They know that IP XXX is clearly connected.  In this example lets say Air functions as vpn1, and in fact lets make it a one hop one Air server circuit.  I never use something this simple but lets just stay with it for our example.  In this simple design an adversary of "authority" magnitude can oversee all IP's coming into the server via the datacenter and can monitor them over TIME.  Next they start observing activity on the net coming from the exit IP of the Air server and again TIME is their friend.  Remember they have money and resources and just keep logging both ends of the server starting to look for patterns, which will not be too tough to develop.  At your request I am keeping this simple and not technical as to HOW its done.  In the worst case scenario you have an Air member that connects to the same server all the time making their timing/observation child's play on a one hop circuit.  Reminding you I am talking about an adversary at the "authority" level not a script kiddie.

 

Only you can decide if what you are doing online is worth "their" effort to track you down.  To me this is a hobby and even though I am boring I study and learn like I really have something to hide.  Consider just adding TOR (running in a linux VM) over your one Air server, and you basically have graduated to catastrophic loss for the adversaries most will ever face.

 

There are many technical papers on timing attacks and such for monitoring one hop vpn's from the OUTSIDE.  I for one am assuming Air is solid and they are NOT on the inside of our tunnels.  Still, I use a partition of trust among several vpn providers and TOR because logic dictates I should.  You decide for YOU.

 

Thanks for the explanation. It's very educational.

Share this post


Link to post

 

 

 

"  Your ISP also clearly sees this too if Air is vpn1 in your circuit.  Any single hop relay can be monitored and over a short time period it would be possible to isolate where you go using the vpn. "

 

Could you elaborate more on this in layman term and a little bit more details ?   I really want to know for my knowledge.

Thanks.

 

I am not certain what elaboration you are looking for.  Lets start with the first part of the quoted post.  Both your ISP (internet service provider) AND any authority monitoring the vpn datacenter can easily see that your IP XXX connects to an Air server.  If properly configured both your ISP and the outside monitoring authority CANNOT read or see the plain text.  They know that IP XXX is clearly connected.  In this example lets say Air functions as vpn1, and in fact lets make it a one hop one Air server circuit.  I never use something this simple but lets just stay with it for our example.  In this simple design an adversary of "authority" magnitude can oversee all IP's coming into the server via the datacenter and can monitor them over TIME.  Next they start observing activity on the net coming from the exit IP of the Air server and again TIME is their friend.  Remember they have money and resources and just keep logging both ends of the server starting to look for patterns, which will not be too tough to develop.  At your request I am keeping this simple and not technical as to HOW its done.  In the worst case scenario you have an Air member that connects to the same server all the time making their timing/observation child's play on a one hop circuit.  Reminding you I am talking about an adversary at the "authority" level not a script kiddie.

 

Only you can decide if what you are doing online is worth "their" effort to track you down.  To me this is a hobby and even though I am boring I study and learn like I really have something to hide.  Consider just adding TOR (running in a linux VM) over your one Air server, and you basically have graduated to catastrophic loss for the adversaries most will ever face.

 

There are many technical papers on timing attacks and such for monitoring one hop vpn's from the OUTSIDE.  I for one am assuming Air is solid and they are NOT on the inside of our tunnels.  Still, I use a partition of trust among several vpn providers and TOR because logic dictates I should.  You decide for YOU.

 

Thanks for the explanation. It's very educational.

HI iwih2gk, When you say' I use a partition of trust among several VPN providers,' do you mean that you use several different VPN providers at the same time?? How do you do this? How can I avoid this one hop detection if I use VPN mainly for P2P connections? I understand that Using TOR slows down the network and is not recommended.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...