Jump to content
Not connected, Your IP: 44.204.65.189
agent008

Deactivation of Network Lock at reboot

Recommended Posts

Hello
I am running an installer version of Eddie 2.16.3 on a 64-bits Windows 10 computer. I have set this up with the network lock activated and an automatic start of Eddie at windows startup.

After rebooting and an automatic startup of Eddie I see a notification "Deactivation of Network Lock". Immediately after the network lock is activated again. Here is the relevant part of the log, including some lines before and after:

. 2019.12.20 16:48:17 - Certification Authorities: C:\Program Files\AirVPN\res\cacert.pem
W 2019.12.20 16:48:18 - Recovery. Unexpected crash?
. 2019.12.20 16:48:18 - Routes, remove 91.214.169.69 for gateway 10.20.6.1 failed: The route deletion failed: Element not found
. 2019.12.20 16:48:18 - Above log line repeated 11 times more
. 2019.12.20 16:48:18 - DNS IPv4 of a network adapter restored to original settings (Ethernet 2, to automatic)
! 2019.12.20 16:48:18 - Deactivation of Network Lock
! 2019.12.20 16:48:18 - Activation of Network Lock - Windows Filtering Platform

. 2019.12.20 16:48:18 - Updating systems & servers data ...
I 2019.12.20 16:48:18 - Session starting.
. 2019.12.20 16:48:19 - Systems & servers data update completed
I 2019.12.20 16:48:19 - Checking authorization ...
. 2019.12.20 16:48:19 - IPv6 disabled with packet filtering.

This does not sound good to me. So I checked on my laptop with Windows 7 and a slightly earlier version of Eddie (2.15.2), set up the same way (network lock on, autostart with windows). When I reboot that laptop and check the logs, I do not see this line "Deactivation of Network Lock". Now I am thinking that, although only for a split second, my connection is leaking in between the deactivation and re-activation of the network lock.

Why is this difference between the two Eddies on my two computers? Is something actually wrong? What to do?

Kind regards.




 

Share this post


Link to post

It seems like you are forcefully killing Eddie on shutdown (as in, just shut it down while all programs are running) and maybe disabled the exit confirmation prompt to allow this. When Eddie launches it assumes a crash and restores your network to former settings. This is one series of things it does.
It also seems like you enabled the option to automatically engage NetLock on Eddie launch, which is another series of things it does. And since both series are not done in parallel, you get what you see.

2.15.2 is an older version in which part of this logic might simply be absent.
 

5 hours ago, agent008 said:

Now I am thinking that, although only for a split second, my connection is leaking in between the deactivation and re-activation of the network lock.


I propose that your paranoia is to be destroyed. No one cares about you so much that even hypothetical leaks of a split second are news. Besides, maybe there wasn't even time to send any meaningful packets out.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Hi Giganerd, thanks for your fast reply.
 

12 hours ago, giganerd said:

I propose that your paranoia is to be destroyed.


:) Yes, I noticed your signature already before.  Paranoia versus 'being careful' remains difficult for some of us.
 
13 hours ago, giganerd said:

It seems like you are forcefully killing Eddie on shutdown (as in, just shut it down while all programs are running) and maybe disabled the exit confirmation prompt to allow this. When Eddie launches it assumes a crash and restores your network to former settings. This is one series of things it does.
It also seems like you enabled the option to automatically engage NetLock on Eddie launch, which is another series of things it does. And since both series are not done in parallel, you get what you see.


Indeed, I have set up Eddie like you say, with network lock enabled on launch. And yes, the way I restart (and also shutdown) is to forcefully stop Eddie when Windows asks me to. I did some testing and if I first disconnect, then close Eddie, and then restart, the line "Deactivation of Network Lock" does not show in the logs. But I assume this method is worse, since this way I would not be outside of the VPN tunnel for just a split second, but for a whole bunch of seconds.

My wish is to have the VPN activated always, and never have an unprotected connection. So, do I understand well, my settings of Eddie and forcefully closing Eddie when restarting is the way to go to achieve this?

This brings me to a related question as well. When waking up Windows from hibernation, it takes some time for Eddie to start and to actually engage the Network Lock. Before that, some programs are already having internet activity. For example, the antivirus software downloading signature updates, torrent software resuming downloading, etc. If that is the case, this is unprotected traffic. Am I right? If so, what would be the way to stop this?

 

Share this post


Link to post
10 hours ago, agent008 said:

My wish is to have the VPN activated always, and never have an unprotected connection. So, do I understand well, my settings of Eddie and forcefully closing Eddie when restarting is the way to go to achieve this?


If you are using Windows Update, all these measures are void, anyway. Windows Update can identify you even through Tor by several IDs sent out. Your approach is deeply flawed in the first place if you stay in the comfort zone.
So no, your approach does not help you at all, and I urge you to think about whom you want to hide yourself from and act accordingly. If your life is under threat, Windows will sell you out, period.
 
10 hours ago, agent008 said:

This brings me to a related question as well. When waking up Windows from hibernation, it takes some time for Eddie to start and to actually engage the Network Lock. Before that, some programs are already having internet activity.


Don't Suspend-to-RAM/-Disk, then. Suspend-to-X and OpenVPN are not the best friends, simply because OpenVPN relies on established connections and the routing table. The connection will be killed by the server since a turned off computer will not reply. The routing table is deleted when entering one of the suspend states or shutdown.
Moreover, since OpenVPN runs in user space, Windows services will always talk first with the world (and therefore "betray" you).
 
10 hours ago, agent008 said:

If so, what would be the way to stop this?


Again: Leave the comfort zone and at least stop using Windows. Usually it comes down to using Linux instead or, if you are determined to succumb to paranoia, a hardcore live OS like Tails. :)

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...