Leaderboard

@Stalinium Hello! Maybe you talk about network-manager-openvpn plugin, as network-manager by itself does not support OpenVPN. In our configuration files the directives to cause IPv6 push are included, unless you specifically tell the CG to NOT route IPv6 over IPv4. It's not our fault if they are ignored. On the other hand we have been deprecating usage of network-manager-openvpn since years and years ago for other critical problems. If you decide to use it in spite of our recommendations, you do it at your own risk. You are not forced to run our software in Linux. You can run OpenVPN directly for example, or any other OpenVPN GUI/wrapper different than network-manager-openvpn. In this case, you will of course need by yourself to take care of DNS push and network lock, features that are handled automatically by all of our software for Linux. It's therefore a security issue by network-manager-openvpn, not by AirVPN, because it's network-manager-openvpn that ignores directives that our Configuration Generator puts in, and it's you the one who does not replicate Network Lock which would have made the problem anyway irrelevant (under a security point of view). Nonsense, a MAC address is simply is not included in IPv4 packets (there's just no room for it), while nowadays all systems mitigate the MAC problem in IPv6 addresses. Our servers never receive the MAC address of any of your physical network interfaces of the router and even less of the computer. The problem is more basic, and it's simply having IPv6 traffic outside the VPN tunnel but keep in mind that you ignored instructions and our suggestions, up to the point to use exactly the software we tell you NOT to use. About FBI... What FBI really did was something quite different and is not a Tor problem in itself (for Silk Road, for example, it was "only" social engineering, by infiltrating an agent in the core of Silk Road and exploiting administrator's trust in this infiltrated agent - in other cases it used javascript which the final user recklessly allowed execution of, on the browser, and in a Windows system) but anyway they are talking about Tor and not OpenVPN, so we can cut the FBI cracking techniques discussion here as it is irrelevant for the matter. Unfortunately not all OpenVPN versions, in client mode, can push a UV, and most versions which can't are the old ones which are also bugged with IPv6. The whole setup has been made with the purpose not to send IPv6 push to those OpenVPN versions which are bugged and would create critical errors with IPv6 push. This backward compatibility may be abandoned one day, but it's still not the right time. Anyone having new versions can send UV and therefore this solution makes everyone happy. Furthermore our Network Lock includes IPv6 rules to prevent leaks. Remember that VPN software is not designed to provide an anonymity layer. It's the environment we create with our software which makes it possible, and VPN connection is a part of the anonymity layer. If you renounce to part of this environment by not using our software, you must understand what you do and how to replicate various features, first and foremost Network Lock. If you use a software that, to make things even worse, negligently ignores our own CG directives, and it is furthermore deprecated by us, then you're running at your own risk, ça va sans dire. . Kind regards