Leaderboard

Hello and thank you for your tests! Of course, as you say, this is an early preview, an alpha 1, so we can and we will improve the software. With the understanding the the highest security level is reached only by renouncing to traffic splitting or by splitting traffic only through boosted virtualization via a proper hypervisor, our solution aims at offering a fair balance between a very light implementation and a safe environment. If we pushed on virtualization too much, then the user might as well use directly pushed solutions of non-Linux third-party components and software suites, such as VirtualBox or Docker. It's not in our vision to burden the AirVPN Suite at those levels, as the Suite is thought to remain the most lightweight piece of software we release. In the current default setup, you have a minimum of two separate login users in any Linux box: airvpn and your usual user. By default, only airvpn can run cuckoo. If you consider not to add your current user to the airvpn group, you can safely rely on the fact that the types of processes you mention launched by your current user will never be affected by processes started by airvpn user and vice-versa. In this way it's almost impossible to cause a confusion by distraction and, for example, using a browser outside the tunnel while you think that it's inside. It's also obvious that a decent concentration level is always required, but that's required even with full virtualization, because no security model can save you from the distraction to assume wrongly that a specific VM is connected to the VPN while in reality it is not. So nothing new, traffic splitting was, is and will be requiring some attention, no matter how you achieve it. Stay tuned for the alpha 2, we are working on it. Kind regards

Hi, I delete only that signs: $#@ Regards.

I do not think the last part is particularly true. You will have a better chance bitTorrenting in areas that have more lax rules (think Netherlands, Sweden, Romania, Iceland etc.) and the Provider is less likely to get a court order inquiry for information. If, at the least, a Provider cannot directly tie you to the piracy, they might be able to tie payment method depending if that was anonymous (read AirVPN privacy policy carefully: they specifically state to use more anonymous payment gateways [BitCoin] but they don't explicitly state why).

But then you're not really a defender of net neutrality anymore… so not an option.

I've had this with DOCSIS on Vodafone Kabel Deutschland, too. Yes, this is the principal reason why it's slowing down. Packets are too far out of order, so OpenVPN assumes this might be a replay attack and drops those packets. One can calibrate the replay window to suit the connection better. The default is a window of 64 packets in 15 seconds which works for most but not all connection technologies. To calibrate this window, the verbosity can temporarily be increased to 4 (In Eddie, one can enter this in Preferences > OVPN directives): verb 4 When you connect and let it run for a bit while using the connection, you will see replay window backtrack occured [x] kind of messages when such an AEAD Decrypt error occurs. x indicates how far out of order a received packet is. Look at what its max value is over time, then set the replay window to that max plus maybe 5 or 10 (or round it to the next 10, or base 2, or whatever; basically, make it slightly higher than the max): replay-window x .

This kind of questions, like many others in the cybersecurity field, will mainly depend of your personal context, who are you trying to protect from, and the criticality of what you're trying to protect. Trying to protect yourself from hackers is not the same from trying to protect from local police agencies which is also different to protect from the NSA so the answer will depend. If you don't want your government to arrest you then yes, theoricaly (again it will depend of the agency you try to hide from) it's better to select a server outside your juridiction. Why? Because it will be harder for them to gain/ask access to this server and the legal procedure will be way more paintful for them, without even be sure that it will succeed. But if you are just torrenting the last Spider-man, nobody will never ever care.