ANSWERED -

[Guest]

 

 

 

Edited ... by HedonXCIV

[Staff 9972]

Hello!

 

Thank you for your choice and for the trust you put in us.

 

That warning is correct and can be extended to any node your traffic passes through. Each node has the potential to see your traffic content. In your case, you move your trust from your ISP and anybody wiretapping your ISP lines, to us and anybody wiretapping the datacenter lines. You get protection from your ISP and other entities willing to spy on you between your node, your ISP and any other node between you and our servers.

 

Even if you trust us blindly, you can't be sure that someone else is monitoring our servers. So, in every situation for which you just can't afford to trust us or the datacenter, you MUST use end-to-end encryption.  In this way our servers and any hostile entity monitoring the servers line can't see your traffic content.

 

The huge difference is that the protection against your ISP is more valuable than anything else, because you get a first, strong protection layer against local entities which have higher likelihood to have you as a target (for marketing reasons or more sinister reasons). And that's not all, because you can add a second protection layer which will protect you against us and any malicious entity INSIDE the datacenter our servers are located: use end-to-end encryption, and add Tor over the OpenVPN connection, according to your threat model.

 

Another important factor is the protection you get against the final destination of your communications: when they get out of the server, your packets do not contain your "real" IP address. There are a variety of common situations for which you want to hide your real IP address to the final destination of your communications.

 

A more extensive analysis of this issue can be found in the post linked below. Please take some minutes to read it, it's important. In this way you can make the best decision according to the evaluation of the power of your adversary, in other words according to a reasonable threat model that only you can estimate.

 

When you need to exchange extremely sensitive data, for example, simply using the VPN over Tor and using end-to-end encryption will make a huge difference by strengthening remarkably the anonymity layer.

https://airvpn.org/topic/54-using-airvpn-over-tor/?do=findComment&comment=1745

 

Last but not least, remember that our service protects your data in transit, and NOT your computer, so the essential pre-requisite of everything is that your device is not compromised (by spyware or anything malicious).

 

Some more food for mind can be found here:

https://airvpn.org/topic/26206-rebuttal-of-article-dont-use-vpn-services/

 

Finally, an important remark about iOS. Many Apple services such as Push Notifications and FaceTime are never routed through the VPN tunnel, as per Apple policy. We have come to know this from the openvpn-connect FAQ here:

https://docs.openvpn.net/connecting/connecting-to-access-server-with-apple-ios/faq-regarding-openvpn-connect-ios

 

To stay on the safe side, when security and privacy are a priority, you should consider an iOS device a nice toy which is not suitable for certain purposes (check again your threat model).

 

Kind regards

[LZ1 672]

Hello!

 

To add to Staffs post, you can also check the FAQ in my signature, where the First Questions section will supply you with plenty of links; including a rather large amount about what Air specifically does, feature-wise, to enhance its security and privacy.

[Guest]

-

Edited ... by HedonXCIV

[User of AirVPN 46]

It's just a generic message that shows up with all VPN profiles. My Samsung Galaxy S9+ shows the same type of warning