Networklock doesn't work and no minimization

[StylishSpecter 0]

Hi, I've been using AirVPN for a few days and I noticed that Eddie probably isn't quite fully developed yet. On the one hand there is the matter with Networklock I mean if Eddie is running it works perfectly but if you close Eddie for some reason or it is terminated by another process, the connection is immediately free and the actual IP appears. I tested it several times with Automatic with Windows filter control and with iptables on Linux, same result. Why can't Eddie, like other VPNs, keep it that way if desired so that the Internet only works with Eddie or have I overlooked something? Then the things with minimization under Windows will dutifully disappear into the taskbar if desired, but under Linux, despite installing the Gnome extensions for tray icons, I still have to move them to another workspace - only. It's annoying. That's exactly how I ask myself why airvpn doesn't have a double hop, of course because of tor, but does it really make sense that I first have to install and start tor so that Eddie can access it? I do not know. Otherwise I think airvpn is really great, I like the technical details but these are things that annoy me. Maybe I'm just missing something, I'm happy about any suggested solutions.

[Tech Jedi Alex 1501]

1 hour ago, StylishSpecter said:

Why can't Eddie, like other VPNs, keep it that way if desired so that the Internet only works with Eddie or have I overlooked something

This is by design, see for example:

1 hour ago, StylishSpecter said:

That's exactly how I ask myself why airvpn doesn't have a double hop, of course because of tor, but does it really make sense that I first have to install and start tor so that Eddie can access it?

Huh? Of course it does – for supported websites and services. And offering double hop between servers of the same VPN provider does not add anything to privacy, safety or security, it just caters to unnecessary paranoia.
The solid recommendation is to use Tor as it is designed to route traffic through multiple nodes. Much more thorough and battle-tested as when AirVPN would implement something akin to it.

[StylishSpecter 0]

Ok thanks for the answer, it's a shame to see that AIRVPN considers these methods "unnecessary". Recent history has shown that it can be very, very easy to trace data traffic via network analysis or AI traffic analysis. I don't know if you're familiar with the topic, but your ISP can still see the amount of data you send to the VPN and if someone is monitoring the website you're accessing, it's pretty easy if you're only connected to one server with the right means to find out which connection the request came from, whether encrypted or not. That's why it would be nice if AIRVPN also made double hopp available for activation by default to make it a little more difficult for snoopers. I'm not talking about authorities in general, data brokers can also use this technology. I don't think that's paranoia, but rather a real threat to our time. Okay enough technical things about the killswitch are stupid but less bad, assuming you don't catch a virus that then specifically closes VPN programs and thus reveals the true connection, that would be a big problem. I hope that AIRVPN improves this. With my problem minimizing in Linux, you can't tell me anything?

[Tech Jedi Alex 1501]

1 hour ago, StylishSpecter said:

it's a shame to see that AIRVPN considers these methods "unnecessary"

Please don't misunderstand – I'm not an AirVPN team member. My opinions are my own and don't represent AirVPN's or their team's stance on things.
 

1 hour ago, StylishSpecter said:

I don't know if you're familiar with the topic, but your ISP can still see the amount of data you send to the VPN and if someone is monitoring the website you're accessing, it's pretty easy if you're only connected to one server with the right means to find out which connection the request came from, whether encrypted or not.

I'm not worried in the least in that regard – I live in a constitutional democracy currently.  If I want anonymity, I use Tor, and this is frequently recommended across these forums, too.
 

1 hour ago, StylishSpecter said:

That's why it would be nice if AIRVPN also made double hopp available for activation by default to make it a little more difficult for snoopers.

If you want to make it "much more difficult" instead of just "a little more difficult", use Tor. Double Hop is a feature requiring tremendous work to implement, but yielding little effect.
 

1 hour ago, StylishSpecter said:

I don't think that's paranoia, but rather a real threat to our time.

It's nothing but paranoia. VPNs are used by a very specific, niche clientele. And the majority of that clientele are file sharers aka torrenters who need a pseudonymous IP address.
Again, if you need more or less absolute anonymity, use Tor, not a VPN. Although, it is a strong combination.
 

1 hour ago, StylishSpecter said:

assuming you don't catch a virus that then specifically closes VPN programs and thus reveals the true connection

If I were someone writing malware, this'd be waaaaaay down my priority list. I'd concentrate on wringing money out of you personally, for me personally, by checking your drives for bank and credit card data, extracting website and mail credentials, forging nice messages for you to fall for, or simply encrypting your drive and making you pay for the decryption key. No one will break into your PC to kill some VPN connection  I mean, what'd be in it for the attacker?
 

1 hour ago, StylishSpecter said:

With my problem minimizing in Linux, you can't tell me anything?

It's honestly a bit difficult to answer. Eddie's behavior is rather inconsistent between all platforms, and on Linux even between different desktops, network managers and init systems.

[StylishSpecter 0]

47 minutes ago, Tech Jedi Alex said:

Please don't misunderstand – I'm not an AirVPN team member. My opinions are my own and don't represent AirVPN's or their team's stance on things.

Yes, I know that but I've been following the other posts here and I've noticed that you're an active writer, so you'll most likely know more about the practices and background of AIRVPN than most people here.
 

49 minutes ago, Tech Jedi Alex said:

'm not worried in the least in that regard – I live in a constitutional democracy currently.  If I want anonymity, I use Tor, and this is frequently recommended across these forums, too.

Since the latest leaks showed that 84% of all Tor exit notes are operated by the FBI, I'm staying away from it, if at all only via onion sites, but unfortunately most websites don't offer any yet
 

51 minutes ago, Tech Jedi Alex said:

If you want to make it "much more difficult" instead of just "a little more difficult", use Tor. Double Hop is a feature requiring tremendous work to implement, but yielding little effect.

It may have a manageable effect, but as contradictory as it sounds, I trust hacktivists who run a VPN like AIRVPN significantly more than the FBI who run a TOR exit node

53 minutes ago, Tech Jedi Alex said:

It's nothing but paranoia. VPNs are used by a very specific, niche clientele. And the majority of that clientele are file sharers aka torrenters who need a pseudonymous IP address.
Again, if you need more or less absolute anonymity, use Tor, not a VPN. Although, it is a strong combination.

That may be the case, but the TOR project itself and AIRVPN also advises against using torrent via tor because it could even harm the network. VPNs have long since emerged from the niche, some have one because they believe the baseless marketing promises and others just want a little more privacy, fewer trackers and that the service provider doesn't see what preferences you share with the hamster, for example ;-) 

56 minutes ago, Tech Jedi Alex said:

If I were someone writing malware, this'd be waaaaaay down my priority list. I'd concentrate on wringing money out of you personally, for me personally, by checking your drives for bank and credit card data, extracting website and mail credentials, forging nice messages for you to fall for, or simply encrypting your drive and making you pay for the decryption key. No one will break into your PC to kill some VPN connection  I mean, what'd be in it for the attacker?

You'll laugh just recently, that's exactly what happened -. Hackers had injected malware into company software and Chatgpt that was supposed to do exactly that, end all processes and then distribute malware or connect the computer to a bot network.
 

1 hour ago, Tech Jedi Alex said:

It's honestly a bit difficult to answer. Eddie's behavior is rather inconsistent between all platforms, and on Linux even between different desktops, network managers and init systems.

Yes Eddie is like the nice aunt who smooches you at every family celebration, she's annoying but somehow you like her


So now we have come extremely far away from the topic, had a lesson in IT technology and pushed my post into a corner that belongs in a nice private chat rather than in the post. I now know Eddie doesn't offer a permanent kill switch and there is no double hop. Whether and how you can get Eddie to accept his place in the taskbar on Linux is still unclear.
 

[Staff 10346]

On 11/2/2025 at 11:43 PM, Tech Jedi Alex said:

VPNs are used by a very specific, niche clientele.

It's a weird urban legend that the VPN clientele is a niche one, at least since 2015 (maybe even earlier).

According to security.org and other sources 1.75 billion people "commonly" use a consumer VPN in 2025,. Usage in the USA has declined significantly to 32% (we had a 50% peak in 2022-2023), yes, but it's not a niche obviously. The decline is driven mainly by the shift of companies dropping VPN to replace it with zero-trust solutions (corporate VPN now account for just 5% of usage, 8% in the USA, so it's less meaningful).

Worldwide, if 2024 survey of a specialized company we bought is correct, roughly 1/3 of the whole Internet population used a VPN at least "once per week". Unfortunately (for them too) of this 1/3, more than 30% used a "free" VPN (this implies that free VPNs are used commonly by more than half a billion persons in the world).

Some more data showing usage from USA perspective:
https://www.security.org/resources/vpn-consumer-report-annual

Kind regards
 

[Tech Jedi Alex 1501]

On 11/3/2025 at 12:48 AM, StylishSpecter said:

Hackers had injected malware into company software and Chatgpt that was supposed to do exactly that, end all processes and then distribute malware or connect the computer to a bot network.

Well, there you have it. The primary goal was to prepare the network for further abuse, not to end some VPN process. Collateral damage, yes, VPN connections were dropped, but not what I'm gunning for as an attacker. Edited ... by Tech Jedi Alex
Delete off-topic reaction to the "VPN is a niche" thing

[Staff 10346]

On 11/6/2025 at 8:21 PM, Tech Jedi Alex said:

n = 1009. I'm getting hard Selection Bias vibes from this. How can a thousand samples be representative of 322 million internet users in the US?

It's the Cochran's formula. When you want a 95% confidence with an error margin of 5%, you need 383 samples out of 322 millions or infinite population. With 1009 samples you get a confidence of 95% with an error of +/-3.1%, which is accurate and acceptable for our business and for this conversation to show that your claim must be incorrect.

However the Cochran's formula assumes that there's no bias in picking the sample and the above is based on an optimistic estimate of p=0.5 variability. Therefore, let's compare other surveys. An important source is GWI as it covers 2.7 billion Internet users through various tools. You must pay for their reports and insights but we found that Meltwater / We Are Social / Kepios published for free some GWI data here:
https://learn.meltwater.com/rs/814-WJU-189/images/2025_Kepios_Digital_Global_Overview_Report.pdf

Another source (using different tools) such as Anlyzify / Shopify publishes a few data here:
https://analyzify.com/statsup/vpn

You may notice that all of the above show consistent data within the confidence and error margins and they all agree to compute the amount of Internet users connecting to VPNs to 1.7 billion persons globally. There are even more surveys confirming this. They are reserved to paying companies but you can trust us, they show the same within a 5% error margin.

Your estimate of 10-15% therefore lacks credibility as it is outside the error margin of many other reputable surveys which are consistent with each other. You may have a problem in how you picked your sample, it could have been unintentionally biased. On the other hand, if your sample amount is n₀=40 with a high variability then you have a confidence level of 90% on an error margin of 13%, which would explain the discrepancy with no need to assume a bias.

Thus VPN usage is indeed mainstream, if we agree to consider "mainstream" the usage of something with an agreed frequency by 1.7 billion people out of 6.4 billion people (26.5%).
 

On 11/2/2025 at 8:01 PM, StylishSpecter said:

Why can't Eddie, like other VPNs, keep it that way if desired so that the Internet only works with Eddie [...] it's a shame to see that AIRVPN considers these methods "unnecessary"

It's a design choice based on community feedback and a few considerations. The main consideration is preventing lock out from remotely administered machines, whereas community considered a permanent system modification too invasive for a program that has the responsibility to run with admin privileges.

Anyway, it's true that the the previous considerations have been partially ignored by the new "persistent network lock" implemented in the AirVPN Suite for Linux daemon (Bluetit). The daemon, when this option is enabled (anyway it's off by default), sets network lock as soon as the machine has a default gateway, emulating therefore your request (as long as the daemon is allowed to start during the system bootstrap), but avoiding at the same time to set permanent changes to the system. 

It must also be said that implementing permanent "block all outgoing Internet traffic" rules by default on a system is a trivial task. Then, when the Network Lock comes in, the traffic towards VPN servers is re-allowed, permitting VPN connections... thus the matter does not seem relevant at all: the idea behind the whole matter is that if you know how to use a firewall, you need 30 seconds or so to set proper permanent rules; if you don't know, it's preferable that a software does not modify permanently your system in a way that you might not be able to roll back on your own.
 

Quote

I ask myself why airvpn doesn't have a double hop

The type of double hop you suggest is a client side feature that you can easily achieve by yourself (feel free to open a ticket if in doubt). It may be integrated on our software, no rocket science here, but remember that double hopping on servers administered by the same entity is not an optimal solution and could potentially provide a false sense of security. As suggested, running Tor over a VPN connection is a much, much more robust solution for privacy purposes. The VPN hides Tor usage to your ISP and snoopers, while at the same time helps build a circuit outside a potential cage you might have been put inside by your country regime. At the same time Tor hides from the VPN servers any information related to your Internet usage.

With that said, double hop for marketing reasons and for specific needs tied to jurisdictional monitoring could make sense, so we will re-consider its integration in the future.

Kind regards
 

[StylishSpecter 0]

@Tech Jedi Alex Well, you see, 6.4 billion people—as I said, this is no longer a niche market. 

Nowadays, there are dozens of reasons to use a VPN, and I think it's a real shame that great providers like AIRVPN fall through the cracks because they lack certain features and audits. People would rather rely on paper than on years of experience and expertise. The same goes for free VPNs. Let's be honest, the offers that AIRVPN recently put out for Halloween are practically free. Personally, I wonder how you can stay in business and establish yourself for 15 years with offers like that.

 

Quote

On 11/6/2025 at 10:00 PM, Staff said:

running Tor over a VPN connection is a much, much more robust solution for privacy purposes.

Yes, Alex and I already had that theme here, but the problem is that I have to start Tor first so that I can then switch to Eddie Tor as a gateway. So, to do it properly, the ideal way would be to start Eddie first, connect, then start Tor, so that my Tor usage remains hidden, then go to Eddie and select Tor as the gateway. Which, in my opinion, makes it pretty pointless from that point on. It would be smarter to do it like the competition, for example, ProtonVPN has the option of using Tor as a gateway and everything runs through the client, so you don't have to start Tor separately beforehand or anything else. Instead, as it should be, the VPN software starts, connects to Tor, and then connects to the VPN servers. I hope we'll see a feature like this in Eddie soon.  
@Staff While we're on the subject of technical stuff and obfuscation, does AIRVPN have any plans to combat network analysis or deep packet inspection? I mean, MultiHop would be a really good idea, but the snoopers never sleep

[Staff 10346]

On 11/9/2025 at 4:37 PM, StylishSpecter said:

I wonder how you can stay in business and establish yourself for 15 years with offers like that.

You don't worry about that, that's our business and we can assure you that we're good at math and that the business model is sustainable, as 15 years of activity show.
 

On 11/9/2025 at 4:37 PM, StylishSpecter said:

the problem is that I have to start Tor first so that I can then switch to Eddie Tor as a gateway.

No, it's not necessary for this use case: you need Tor over VPN and not VPN over Tor to hide your ISP from detecting Tor usage and hide our servers from knowing your actual Internet usage. This solution meets the needs you mentioned and can also be used with WireGuard. Just start the VPN connection and then, when you need it, use the Tor browser for your browsing needs, for example. 
 

Quote

ProtonVPN has the option of using Tor as a gateway and everything runs through the client,

 

We understand that it may be good for marketing fluff, but it's a solution that does not deserve much consideration, because it is against the most basic rules of safety. To understand why, just think about how the circuit is built. Furthermore, it does not hide Tor usage from your ISP.

Tor over VPN and Tor alone are not a VPN side feature (except in the sense that the VPN infrastructure must not block Tor usage, of course). The fact that it is being advertised as a "premium feature" sadly says a lot about what kind of people is targeted by such ads.
 

On 11/9/2025 at 4:37 PM, StylishSpecter said:

does AIRVPN have any plans to combat network analysis or deep packet inspection?

Yes, as usual, we were the first to offer specific anti-blocking techniques starting from 2012 and we kept adding new connection modes which are effective (AirVPN bypasses > 80% of the blocks according to a recent paper). We are working to further increase that percentage through new connection modes in the near future, and because it's always a cat and mouse game, stay tuned! However, please do not expect marketing fluff and ads for gullible people, it's not our style.

Kind regards
 

[StylishSpecter 0]

1 hour ago, Staff said:

You don't worry about that, that's our business and we can assure you that we're good at math and that the business model is sustainable, as 15 years of activity show.

No, I'm not worried. Their reputation and performance show that it works, even though I can't understand how.
 

1 hour ago, Staff said:

Yes, as usual, we were the first to offer specific anti-blocking techniques starting from 2012 and we kept adding new connection modes which are effective (AirVPN bypasses > 80% of the blocks according to a recent paper). We are working to further increase that percentage through new connection modes in the near future, and because it's always a cat and mouse game, stay tuned! However, please do not expect marketing fluff and ads for gullible people, it's not our style.

I think if we look at these two sites  Hermann/Wendolsky/Federrath 2009, How Data Brokers Sell , it's clear that it's more than just marketing. If someone is targeting your connection, an encrypted VPN connection is no longer an obstacle.  I would really welcome these features in Eddie. I mean, let's take a look at Mullvad or Windscribe—both have implemented a method that makes it possible to put powerful obstacles in the way of data analysis and brokers. As a techie, I love that Eddie has very few settings that it doesn't recognize.  But among all the technical adjustments that make it a very good VPN for me, there are small things missing, such as decoy traffic or the ability to use external DNS providers with DNS over TLS.

[Staff 10346]

@StylishSpecter

Hello!

Both decoy traffic and usage of DNS over TLS (external or internal) have been available in Eddie since several years ago. On the server side you may connect an OpenVPN client over a stunnel or SSH tunnel previously established, you are not forced to run proprietary software.

It is proven that currently AIs are able to discern from the pattern which web site you visit when you are connected to AirVPN only in 2% of the cases of real world usage, which is consistent with the paper you linked (see Tor avg. accuracy of 2.96%, negligible). 

Please note that the accuracy reported in the paper you linked is inferred from a not very realistic usage, where the target visited only 775 URLs in total (they discarded anything else for the analysis from the global proxy traffic). We add, on our side, that a double blind test in real world usage (where you do NOT filter out a selected amount of URLs before starting the guessing analysis) caused failure rates dramatically higher.

Kind regards

 

[StylishSpecter 0]

15 minutes ago, Staff said:

Both decoy traffic and usage of DNS over TLS (external or internal) have been available in Eddie since several years ago. On the server side you may connect an OpenVPN client over a stunnel or SSH tunnel previously established, you are not forced to run proprietary software.

Hello, where is this function hidden in Eddie? I've combed through every corner of the settings and haven't found Network Decoy or anything similar to activate. I also wanted to set up my own DNS, but neither the DNS over TLS nor the DNS over HTTPS address worked. Eddie only lets me enter the IP address, but not the address, and then I can't press save. Is my Eddie malfunctioning, or am I overlooking something?

Best regards and thanks for your reply.

" Disguise Your Traffic

By turning on Decoy Traffic, the Windscribe app will generate random activity over the tunnel and upload/download random data at chosen intervals. This helps anonymize your activity and is especially important in areas of heavy censorship, when doing any type of “high risk” activity."

An excerpt from the Windscribe website, and this should also be possible with Eddie?

[Staff 10346]

@StylishSpecter

Hello!

Not hidden, and anyway you can use them without Eddie. They are available respectively it is in the "Preferences" > "DNS" window and in "Preferences" > "Protocols" window. Eddie sets the DNS you wish, then it's up to you to ensure compatibility with specific protocols you want. Or you can just use the DNS over TLS or HTTPS of the VPN DNS - totally useless of course as the DNS is inside the VPN but anyway available.

Eddie does not apply trivial decoys (except the padding offered by wg) you mention (which unfortunately are very or totally ineffective against blocks) but offers the much more effective feature (against blocks and pattern analysis) to encrypt the tunnel inside another tunnel, using OpenVPN abilities. In particular you can tunnel the VPN traffic inside a SOCKS proxy, an HTTPS proxy, an SSH tunnel and a pure TLS tunnel. Such features are more effective but come at a price: performance hit. Trivial, less noble decoys that are not so effective but are surely more performance friendly are anyway under consideration, stay tuned!

Kind regards
 

[StylishSpecter 0]

@Staff
Great, thank you for the quick reply. I'm very excited to see what else you come up with. Yes, with some things I don't care about performance, I just want to get the most security out of Eddie. Which leads me to another question. I understand the OpenVPN over SSL, and I've already found the function, but unfortunately Android Eddie doesn't say which of the “if your ISP block” options is the SSL or SSH tunnel, or is that not available for Android?
Best regards