Jump to content
Not connected, Your IP: 18.117.75.6

Leaderboard


Popular Content

Showing content with the highest reputation on 02/16/23 in all areas

  1. 1 point
    Staff

    More Canadian Servers

    Hello! 34000 Mbit/s (full duplex, i.e. 68000 Mbit/s total) available in Canada, in peak hours about 23000 Mbit/s used. Plenty of bandwidth still available. Considering Canada extension, and the fact that WireGuard diffusion will cause higher bandwidth demand (mobile devices and routers can get more), the asymmetry between Vancouver (12000 Mbit/s) and Toronto (52000 Mbit/s) will be progressively balanced according to needs (probably you have seen that 2000 Mbit/s have been added today in Toronto). Please consider that the available bandwidth is real, it's not like having a 10 Gbit/s line, sharing it with dozens of servers, and declaring each of those servers as "10 Gbit/s" servers, as some competitors do. @knighthawk The kernel of the servers balance the demand quite efficiently. For example, if a client is draining 1 Gbit/s (i.e. 2 Gbit/s on the server, 100%) while 20 other clients are idle, the first client may continue to do so. As soon as the idle clients start demanding bandwidth, the provided bandwidth will be re-distributed in a very short time, and the initial client will be no more able to use 2 Gbit/s. On top of that, we also take care (again thanks to kernel features) to distribute the incoming connections to different OpenVPN instances, so that a round robin distribution will contribute to keep balance. It's necessary only with OpenVPN, as a single OpenVPN process runs always in a single thread, while with WireGuard this is not necessary (and not applied). Kind regards
  2. 1 point
    Staff

    Quantum computing and Encryption

    Hello! Your message is from 2019 and in the meantime new challenges and problems arose in quantum computing, but anyway we have an important update. We offer WireGuard with per-client pre-shared key for post-quantum resistance, so we're ready, in the extremely unlikely event that a powerful quantum computer could work effectively during our life time. WireGuard pre-shared key is offered by default, you don't need any specific action. Kind regards
  3. 1 point
    Can you explain why IPv6 would solve this issue? AirVPN already supports IPv6. Wouldnt owners of infra being abused (hacked/overloaded/whatever) just block the IPv6 range as they do for IPv4?
  4. 1 point
    Let me add a bit, even though its not AirVPN related and so is going off path. An experiment I plan to try here when that Netflix sharing problem arises is to have the (dd-wrt) router at the main location run a wireguard server and have the remote Android TV connect to it using the WireGuard (client) app. No commercial VPN provider would be involved, so the usual IP-address checks used by Netflix will turn up nothing of interest. All Netflix watching, from either location, will appear to be at the main location. You could do it all in the OpenVPN world instead, but I find wireguard much simpler to deal with. Note that dd-wrt routers except really old/small ones can run an OpenVPN or wireguard client to AirVPN as well or even, once you are more advanced in the dd-wrt arts, multiple clients/servers at once. At present the Linksys EA7500 is not supported by the dd-wrt project. The better bets for dd-wrt are the Netgear R7800 or, redone in modern packaging with modern prices, the XR450 and XR500. In the Linksys world, the older WRT3200ACM and WRT1900ACS models are the best bets, if you can find them (but shun the WRT32X). Random online articles on installing dd-wrt are apt to be seriously out of date, so start your reading instead in the dd-wrt forums, either the Atheros one (Netgear) or Marvell one (Linksys), particularly the "Sticky posts" at the top and the "new build" threads. Ignore the router database, as it's not well maintained. Advice: if you think dd-wrt is a one-afternoon project... I'm sorry, I can't stop laughing! The capability it offers is amazing, but figure it's a new hobby. Some of the Asus routers either have or can be backfitted with wireguard capability. Google is your friend (for once). Check out AsusWRT Merlin. AsusWRT (the Asus OS run by some but not all Asus routers) does have an OpenVPN client built in (and Merlin enhances it), and it shouldn't be hard to set it up to connect to an Air server.
  5. 1 point
    Since the recent upgrades in versions, it is not possible anymore to manually edit the Eddie configuration file, even if "Plain (no password asked)" mode is selected when saving it. The reason is that the configuration data (which is actually XML) is always encrypted (with a hardcoded password, if none is set): https://github.com/AirVPN/Eddie/blob/de5c1ebb91030dc654a4cd3de81bfa8225982400/src/Lib.Core/Storage.cs#L153 This makes it extremely tedious to edit anything in the file manually, even if doing so was sensible. All information to do it is still available (including the password), so this isn't really a security issue, but one would need to implement the custom encryption/decryption algorithm of Eddie (source is available for that)... In my case, my reason for wanting to edit the file manually was that I have several dozen IP CIDR routes I want to add, but it is not reasonable to do it on configuration UI where I would manually need to click/type repeatedly hundreds of times (click "Plus", paste CIDR, click "Notes", paste comment, click "Save", repeat), it is horrible UX to do it that way for more than a 1-2 entries. When I already have the exact routes I want to add already in a text/bulk format, if I edited the XML configuration I would've achieved what I wanted in a few seconds, and I used to be able to do this before I upgraded. I would expect one of these things for usability: A way to export/import the configuration in a _truly_ plain text format from Eddie, where it can be edited by a human Or some tool that can "decrypt" the "Plain (no password asked)" format to actual plain text Or a way on the UI to add routes in a bulk-ish way so it isn't excruciating to do it for many entries en-masse (this would only solve my specific case but not the overall issue though)
  6. 1 point
    Ok, I ended up solving this myself with option 2), I made a script that "decrypts" and "encrypts" the file on demand so it can be edited manually. For it to work, the encyption/password in Eddie must be set to "Plain (no password asked)" (at least temporarily, after writing it back to the source, password protection can be turned back on). In case anybody else ever needs it, I attached the script (you need python and pycryptodome preinstalled). python eddie_profile.py decrypt --help python eddie_profile.py decrypt --outfile Eddie.xml # edit the XML, then make sure Eddie is not running before doing python eddie_profile.py encrypt --help python eddie_profile.py encrypt --infile Eddie.xml eddie_profile.py.txt
  7. 1 point
    Google's business model commands everyone is identified sufficiently enough to target ads to because that's what their clients require. The kind of person who understands the benefits of VPN is the kind of person who understands not to use Google.
  8. 1 point
    The only way to win is to stop patronizing google with your traffic. If google knows people lower their standards to conform to their utopia, they will continue its barbaric means of identifying 1 user by the IP they use. This is the least smart and least effective way to do it because IPs change, whether someone is on VPN or not, especially if their DHCP IP lease is only 24 hours. They do it because it's easy and they get to check off a box on their corporate list of accomplishments and smile happily in the absence of being able to perceive the blight in their wake. Mission accomplished. There are better search engines than using the one that takes you to commentary narrative checkers instead of the actual thing you searched for. I doubt they even give you 1% of the internet. In fact, just stop using corporate search engines altogether, including, as of last week, duckduckgo.
×
×
  • Create New...