dcarrera 0 Posted ... I am a new user. I was browsing the forum and I saw that the reason why users cannot purchase additional connections is that doing so would require logging and reduce privacy: https://airvpn.org/topic/11343-three-simultaneous-connections-per-account-allowed/?p=16657https://airvpn.org/topic/17876-ability-to-purchase-more-connections/?p=41952 But I don't understand. First of all, how can AirVPN allow me to have 3 connections without doing any logging? Don't they have to somehow keep track of now many connections I'm using right now? I think I need to understand that before I can understand why you cannot have some accounts with more connections. Thanks for the help. Quote Share this post Link to post
Staff 9973 Posted ... Hello! You don't need to log anything about the traffic content, type, source or destination to know how many simultaneous connections an account has established. You only need a counter for each account. Kind regards Quote Share this post Link to post
dcarrera 0 Posted ... Hello! You don't need to log anything about the traffic content, type, source or destination to know how many simultaneous connections an account has established. You only need a counter for each account. Kind regards Ok. Then why would you need logging to offer additional connections? You see why I am confused? Sure, I can see that you would need to keep track of how many connections each person paid for, but you don't need to log anything about traffic content, type, source, or destination to do that. Am I right? It's still just a counter. Right? Quote Share this post Link to post
zhang888 1066 Posted ... Because keeping separate amounts of connections per user would require this. Some users ask if they can have more connections for additional payments,and the easiest way to do it would be opening a second account. Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
Staff 9973 Posted ... Ok. Then why would you need logging to offer additional connections? We wouldn't, why do you say so? Kind regards Quote Share this post Link to post
dcarrera 0 Posted ... Ok. Then why would you need logging to offer additional connections? We wouldn't, why do you say so? Kind regards Because that's what zhang888 said. For example, here: https://airvpn.org/topic/17876-ability-to-purchase-more-connections/?p=41952 Here zhang888 wrote: You do understand that managing accounts with various preferences from each other means 100% logging?Otherwise there is no technical way to achieve such "connection upgrades" without keeping a RADIUS server thatholds up each and every user information and shares it among all nodes. The only way to keep a log-free service is making all accounts identical, with the only exception of an expiration date,which does not require any advanced logging and billing systems, it uses the same logic as SSL client certificates withexpiration dates. In this thread, just before you posted, zhang888 said: Because keeping separate amounts of connections per user would require this. This is what I'm trying to understand. And to be clear, I am not asking for additional connections. Right now I am satisfied with 3. I am trying to become a more educated user. I want to learn about the security issues surrounding VPNs, and how AirVPN protects my privacy. Thanks for the help! Quote Share this post Link to post
zhang888 1066 Posted ... You are taking things out of context.A user asked why it is not possible to make additional connections per account: I would love to see the ability to purchase more connections! as 3 is not enough and having to manage more than one account under a different email is a pain.Why not take an approach like TorGuard? who allow you to add more connections to your account for $1 a month for example. When you take this approach, it means the service will have to log each user account and his connections amount for which he paid and used.The only way to avoid such logs is making all the accounts same, except for their expiration date. Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
dcarrera 0 Posted ... You are taking things out of context.A user asked why it is not possible to make additional connections per account: I would love to see the ability to purchase more connections! as 3 is not enough and having to manage more than one account under a different email is a pain.Why not take an approach like TorGuard? who allow you to add more connections to your account for $1 a month for example. When you take this approach, it means the service will have to log each user account and his connections amount for which he paid and used.The only way to avoid such logs is making all the accounts same, except for their expiration date. Yes, that is also what I'm asking. If AirVPN allowed people to purchase extra connections, why would they need to do more logging than they do today? Right now they have to make sure that I only log in 3 times. Why would things be different if they had to check that I only log in N times where N is a number stored in a database? AirVPN already has a database about me because they need to track my support tickets and forum posts. You see my point? I hope you'll see that the solution is not obvious. (1) How does AirVPN know how many devices I have connected right now if they don't have any logs? (2) Why would that method stop working if each user was allowed a different number of connections? Cheers. Quote Share this post Link to post
dcarrera 0 Posted ... Aha! I found the Staff post with the architectural details: https://airvpn.org/topic/11343-three-simultaneous-connections-per-account-allowed/?p=16673 Internal details:- Each AirVPN server runs simply OpenVPN daemons- When a new connection is received, after the cryptographic validations, the VPN server contacts indirectly a backend server to notify the connection. This updates a centralized 'active sessions' table in our db, data queried by our website pages for real time stats.Previously, if our backend server already had a session from a user, it replied to OpenVPN server to reject the connectionNow, if our backend server already sees 3 sessions from the same user, it tells OpenVPN server to reject the connection. THAT makes a lot of sense. From this explanation, it seems like the only cost of having N connections per user is that the backend server would need to have a table with the user id in one column and the maximum number of connections N for that user in another column. Still no logging. Quote Share this post Link to post
cse 0 Posted ... I wonder... Is this a case of terminology confusion? You keep asking about extra connections (on the same account), rather than extra accounts (each new account adds 3 new connections). A new account only requires a different account ID (user "handle"/"call sign" + email address). Handling extra email addresses is as simple as creating an email filter rule to auiomatically move the content of the new email inbox fo your other email inbox (not reallu a hassle at all). cse Quote Share this post Link to post
dcarrera 0 Posted ... I wonder... Is this a case of terminology confusion? You keep asking about extra connections (on the same account), rather than extra accounts (each new account will adds 3 new connections). A new account only requires a different account ID (user "handle"/"call sign"). cse Well, I think it goes without saying that anybody can buy additional accounts. So, yes, I am clearly talking about a single account having more than 3 connections. Imagine for the sake of argument that I want exactly 4 connections and I am too cheap to pay $108/year for that. Or imagine that I have a family with 7 devices and I think that I should be able to get 7 connections without paying for three separate accounts. You know, a bulk discount. I suspect that zhang888 might be mistaken when he says that having extra connections in the same account requires logging. I really don't see why it would. The backend server currently has a table with permitted account ids. To support extra connections, they would need to add one column to that table with the permitted number of connections. Everything else would remain as it is today. There is no need for logging. Now, there might be valid security arguments against having a table like that. You could make a case that such a table, if compromised, would leak some information about the users. But that argument would have nothing to do with logging, which is the claim made by zhand888. Personally, I would really like to see a staff member comment on this and clarify this point. I suspect that the reasons why AirVPN doesn't sell extra connections are not the reasons that zhang888 imagines. Quote Share this post Link to post
Kristall 0 Posted ... Hmmm I'm getting so slow something untrustworthy that AirVPN logs are clean ..."Pressure from private actors to obtain any data (including but not limited to IP address of users) is an illegal act and Air, in order to protect its business and the users' privacy, reserves the right to inform the competent authorities and prosecute the private entities responsible for such illegal acts." Also AirVPN is reporting me, if I doing a forbidden act in my country?(No Hacking, only for looking censored media) Example: I looking censored media in my contry. Now is AirVPN reporting me? Quote Share this post Link to post
eyes878 43 Posted ... Hmmm I'm getting so slow something untrustworthy that AirVPN logs are clean ..."Pressure from private actors to obtain any data (including but not limited to IP address of users) is an illegal act and Air, in order to protect its business and the users' privacy, reserves the right to inform the competent authorities and prosecute the private entities responsible for such illegal acts." Also AirVPN is reporting me, if I doing a forbidden act in my country?(No Hacking, only for looking censored media) Example: I looking censored media in my contry. Now is AirVPN reporting me?You misunderstood the part that you quoted. If private actors (not governments, etc) try to pressure AirVPN into divulging information about their users, it is illegal. They will report this illegal act to competent authorities. No comment is made in the quote in regards to your activities. AirVPN is the perfect service to access censored content. Quote Share this post Link to post
Kristall 0 Posted ... You misunderstood the part that you quoted. If private actors (not governments, etc) try to pressure AirVPN into divulging information about their users, it is illegal. They will report this illegal act to competent authorities.Hmmm I'm getting so slow something untrustworthy that AirVPN logs are clean ..."Pressure from private actors to obtain any data (including but not limited to IP address of users) is an illegal act and Air, in order to protect its business and the users' privacy, reserves the right to inform the competent authorities and prosecute the private entities responsible for such illegal acts." Also AirVPN is reporting me, if I doing a forbidden act in my country?(No Hacking, only for looking censored media) Example: I looking censored media in my contry. Now is AirVPN reporting me? No comment is made in the quote in regards to your activities. AirVPN is the perfect service to access censored content.Okay, that's good, Thank you Quote Share this post Link to post