Jump to content
Not connected, Your IP: 3.21.21.209
dcarrera

How does AirVPN avoid logging?

Recommended Posts

I am a new user. I was browsing the forum and I saw that the reason why users cannot purchase additional connections is that doing so would require logging and reduce privacy:

 

https://airvpn.org/topic/11343-three-simultaneous-connections-per-account-allowed/?p=16657

https://airvpn.org/topic/17876-ability-to-purchase-more-connections/?p=41952

 

But I don't understand. First of all, how can AirVPN allow me to have 3 connections without doing any logging? Don't they have to somehow keep track of now many connections I'm using right now? I think I need to understand that before I can understand why you cannot have some accounts with more connections.

 

Thanks for the help.

 

Share this post


Link to post

Hello!

 

You don't need to log anything about the traffic content, type, source or destination to know how many simultaneous connections an account has established. You only need a counter for each account.

 

Kind regards

Share this post


Link to post

Hello!

 

You don't need to log anything about the traffic content, type, source or destination to know how many simultaneous connections an account has established. You only need a counter for each account.

 

Kind regards

 

Ok. Then why would you need logging to offer additional connections? You see why I am confused? Sure, I can see that you would need to keep track of how many connections each person paid for, but you don't need to log anything about traffic content, type, source, or destination to do that. Am I right? It's still just a counter. Right?

Share this post


Link to post

Ok. Then why would you need logging to offer additional connections?

 

We wouldn't, why do you say so?

 

Kind regards

Share this post


Link to post

 

 

Ok. Then why would you need logging to offer additional connections?

 

 

We wouldn't, why do you say so?

 

Kind regards

 

Because that's what zhang888 said. For example, here:

 

https://airvpn.org/topic/17876-ability-to-purchase-more-connections/?p=41952

 

Here zhang888 wrote:

 

 

You do understand that managing accounts with various preferences from each other means 100% logging?

Otherwise there is no technical way to achieve such "connection upgrades" without keeping a RADIUS server that
holds up each and every user information and shares it among all nodes.
 
The only way to keep a log-free service is making all accounts identical, with the only exception of an expiration date,
which does not require any advanced logging and billing systems, it uses the same logic as SSL client certificates with
expiration dates.

 

In this thread, just before you posted, zhang888 said:

 

Because keeping separate amounts of connections per user would require this.

 

 

This is what I'm trying to understand. And to be clear, I am not asking for additional connections. Right now I am satisfied with 3. I am trying to become a more educated user. I want to learn about the security issues surrounding VPNs, and how AirVPN protects my privacy.

 

Thanks for the help!

Share this post


Link to post

You are taking things out of context.

A user asked why it is not possible to make additional connections per account:

 

I would love to see the ability to purchase more connections! as 3 is not enough and having to manage more than one account under a different email is a pain.

Why not take an approach like TorGuard? who allow you to add more connections to your account for $1 a month for example.

 
When you take this approach, it means the service will have to log each user account and his connections amount for which he paid and used.
The only way to avoid such logs is making all the accounts same, except for their expiration date.

Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

 

You are taking things out of context.

A user asked why it is not possible to make additional connections per account:

 

I would love to see the ability to purchase more connections! as 3 is not enough and having to manage more than one account under a different email is a pain.

Why not take an approach like TorGuard? who allow you to add more connections to your account for $1 a month for example.

 
When you take this approach, it means the service will have to log each user account and his connections amount for which he paid and used.
The only way to avoid such logs is making all the accounts same, except for their expiration date.

 

 

Yes, that is also what I'm asking. If AirVPN allowed people to purchase extra connections, why would they need to do more logging than they do today? Right now they have to make sure that I only log in 3 times. Why would things be different if they had to check that I only log in N times where N is a number stored in a database? AirVPN already has a database about me because they need to track my support tickets and forum posts.

 

You see my point? I hope you'll see that the solution is not obvious. (1) How does AirVPN know how many devices I have connected right now if they don't have any logs? (2) Why would that method stop working if each user was allowed a different number of connections?

 

Cheers.

Share this post


Link to post

Aha! I found the Staff post with the architectural details:

 

https://airvpn.org/topic/11343-three-simultaneous-connections-per-account-allowed/?p=16673

 

 

Internal details:

- Each AirVPN server runs simply OpenVPN daemons
- When a new connection is received, after the cryptographic validations, the VPN server contacts indirectly a backend server to notify the connection. This updates a centralized 'active sessions' table in our db, data queried by our website pages for real time stats.
Previously, if our backend server already had a session from a user, it replied to OpenVPN server to reject the connection
Now, if our backend server already sees 3 sessions from the same user, it tells OpenVPN server to reject the connection.

 

 

THAT makes a lot of sense. From this explanation, it seems like the only cost of having N connections per user is that the backend server would need to have a table with the user id in one column and the maximum number of connections N for that user in another column. Still no logging.

Share this post


Link to post

I wonder... Is this a case of terminology confusion? You keep asking about extra connections (on the same account), rather than extra accounts (each new account adds 3 new connections). A new account only requires a different account ID (user "handle"/"call sign" + email address). Handling extra email addresses is as simple as creating an email filter rule to auiomatically move the content of the new email inbox fo your other email inbox (not reallu a hassle at all).

 

cse

Share this post


Link to post

I wonder... Is this a case of terminology confusion? You keep asking about extra connections (on the same account), rather than extra accounts (each new account will adds 3 new connections). A new account only requires a different account ID (user "handle"/"call sign").

 

cse

 

 

 

 

Well, I think it goes without saying that anybody can buy additional accounts. So, yes, I am clearly talking about a single account having more than 3 connections. Imagine for the sake of argument that I want exactly 4 connections and I am too cheap to pay $108/year for that. Or imagine that I have a family with 7 devices and I think that I should be able to get 7 connections without paying for three separate accounts. You know, a bulk discount.

 

I suspect that zhang888 might be mistaken when he says that having extra connections in the same account requires logging. I really don't see why it would. The backend server currently has a table with permitted account ids. To support extra connections, they would need to add one column to that table with the permitted number of connections. Everything else would remain as it is today. There is no need for logging. Now, there might be valid security arguments against having a table like that. You could make a case that such a table, if compromised, would leak some information about the users. But that argument would have nothing to do with logging, which is the claim made by zhand888. Personally, I would really like to see a staff member comment on this and clarify this point. I suspect that the reasons why AirVPN doesn't sell extra connections are not the reasons that zhang888 imagines.

Share this post


Link to post

Hmmm I'm getting so slow something untrustworthy that AirVPN logs are clean ...

"Pressure from private actors to obtain any data (including but not limited to IP address of users) is an illegal act and Air, in order to protect its business and the users' privacy, reserves the right to inform the competent authorities and prosecute the private entities responsible for such illegal acts."

 

Also AirVPN is reporting me, if I doing a forbidden act in my country?

(No Hacking, only for looking censored media)

 

Example: I looking censored media in my contry. Now is AirVPN reporting me?

Share this post


Link to post

Hmmm I'm getting so slow something untrustworthy that AirVPN logs are clean ...

"Pressure from private actors to obtain any data (including but not limited to IP address of users) is an illegal act and Air, in order to protect its business and the users' privacy, reserves the right to inform the competent authorities and prosecute the private entities responsible for such illegal acts."

 

Also AirVPN is reporting me, if I doing a forbidden act in my country?

(No Hacking, only for looking censored media)

 

Example: I looking censored media in my contry. Now is AirVPN reporting me?

You misunderstood the part that you quoted. If private actors (not governments, etc) try to pressure AirVPN into divulging information about their users, it is illegal. They will report this illegal act to competent authorities.

 

No comment is made in the quote in regards to your activities. AirVPN is the perfect service to access censored content.

Share this post


Link to post

You misunderstood the part that you quoted. If private actors (not governments, etc) try to pressure AirVPN into divulging information about their users, it is illegal. They will report this illegal act to competent authorities.

Hmmm I'm getting so slow something untrustworthy that AirVPN logs are clean ...

"Pressure from private actors to obtain any data (including but not limited to IP address of users) is an illegal act and Air, in order to protect its business and the users' privacy, reserves the right to inform the competent authorities and prosecute the private entities responsible for such illegal acts."

 

Also AirVPN is reporting me, if I doing a forbidden act in my country?

(No Hacking, only for looking censored media)

 

Example: I looking censored media in my contry. Now is AirVPN reporting me?

 

No comment is made in the quote in regards to your activities. AirVPN is the perfect service to access censored content.

Okay, that's good, Thank you

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...