croco 1 Posted ... (edited) Can anyone comment on this report done on vpn leak tests and tell me if these issues have now been fixed on Eddie Mac OS X client please. Or in fact if it ever was a genuine problem. also any IVPN users who have anything to say about that vpn service seeing as they sponsored it. Sorry im not sure on the date it was done so this topic might already be on this forum somewhere but a search here didn't bring any result. heres the link to the report https://vpntesting.info Edited ... by OpenSourcerer Fix IDN homograph attack – dead link anyway Quote Share this post Link to post
Staff 9973 Posted ... Can anyone comment on this report done on vpn leak tests and tell me if these issues have now been fixed on Eddie Mac OS X client please. Or in fact if it ever was a genuine problem. also any IVPN users who have anything to say about that vpn service seeing as they sponsored it. Sorry im not sure on the date it was done so this topic might already be on this forum somewhere but a search here didn't bring any result. heres the link to the report https://vpntesting.info Thank you very much for this warning: unfortunately we were never contacted by the authors about this problem, and we are going to investigate in the nearest future. We will keep you posted. Kind regards Quote Share this post Link to post
Staff 9973 Posted ... Hello, we can't reproduce the presumed issue in any way. As far as we can see it does not exist. We have never been contacted by the author. We have anyway written to the author of the article for clarifications and explanations. We will keep you posted. Kind regards Quote Share this post Link to post
croco 1 Posted ... Thanks. i guess then its not impossible the test results could of been set up by a competitor to increase their rating & sales. If the author was genuinely concerned for vpn users anonymity then he would certainly of contacted all providers about the results and help them fix it, regardless of who sponsored it. But theirs also the possibility the author DID in fact contact all VPN's concerned but the providers are keeping it quiet until they fix it. Either way its food for thought. 1 Lonesome Joe reacted to this Quote Share this post Link to post
Staff 9973 Posted ... But theirs also the possibility the author DID in fact contact all VPN's concerned but the providers are keeping it quiet until they fix it. Either way its food for thought. No, we were not contacted. We contacted the author of the article as we said, and he kindly answered. We will be waiting for the information we required and we will keep you posted. Kind regards Quote Share this post Link to post
mirimir 2 Posted ... I'd like to clarify a few things. First, IVPN did pay me for the work. And, having written a leak-testing guide for them, I knew that I hadn't managed to make their Windows or OSX clients leak. As long as their firewall was on, that is. However, I was entirely free to choose which other VPNs to test. And there were no restrictions on what I could or couldn't report. Indeed, I reported that six Windows clients didn't leak, and four OS X clients. Second, I did in fact leave the default "Allow pings" option checked in the AirVPN client's "Network Lock". But here's the thing: I didn't even look at the options. Nor did I look at options for the firewall in IVPN's Windows and OSX clients, or at options for any firewall/lock/kill-switch features in other VPN clients. If I saw a firewall/lock/kill-switch feature, I enabled it. Also any other top-level security features. But I did no fine tuning. Why did I do that? I did it because I wasn't just testing the capabilities of VPN clients. Rather, I was testing how VPN clients performed for users that are security-conscious, but not highly technical. I mean, if they were highly technical, they'd be running open-source OpenVPN clients, and using firewall rules to prevent leaks. Or pfSense VMs. So my target users were people who knew that leaks could happen, and so would enable features to prevent them. But such users wouldn't have the technical expertise to change default options in those features. And arguably, they might not even look. At least, not when they first used the VPN client. And the point is that even one leaked packet can be problematic. Let's say that you're torrenting some popular film or TV episode. You notice that your Internet connection is funky, and the VPN connection is flapping. So you close the torrent client, and troubleshoot the problem. What can bite you is the tendency for torrent clients to ping swarms, when transfers start failing. And pinging malicious peers directly, rather than through the VPN, can disclose your IP to people who will make trouble for you. Also, there was an odd difference between the behavior of AirVPN's Windows and OSX clients (both v2.10). I was pinging 8.8.8.8 throughout the testing. In Windows, I saw no pings to 8.8.8.8, or replies from it, until after exiting from the AirVPN client. In OS X, I saw no ping requests/responses until after interrupting and restoring the uplink. So Network Lock in the OSX client must have been blocking pings initially, just as in the Windows client. But unlike the Windows client, the OSX client apparently allowed pings during reconnection after uplink interruption. Third, I did not contact AirVPN, or any of the other VPNs for which I found leaks. I did announce https://vpntesting.info/ on Wilders Security Forums and in /r/VPNs, and summarized the results. I assumed that VPN providers would generally be monitoring such sites for issues. And Wilders does trend high in Google results. Also, I admit, the prospect of dialoguing with numerous VPNs, and retesting their clients, was daunting. In any case, it was a mistake to not alert VPNs to the leaks. And I apologize. 2 strykenKN and go558a83nk reacted to this Quote Share this post Link to post