Leaderboard
Popular Content
Showing content with the highest reputation on 04/10/24 in Posts
-
2 pointsHello! The problem affects those users who run Eddie Desktop edition with OpenVPN and never logged out for more than a year, or use OpenVPN clients with configuration files generated before 2021. Since Eddie Desktop edition re-downloads certificates and keys only when the operator logs in, locally some certificates have expired because we extend their expiration date automatically at least one year in advance (three years normally). Please try the following procedure to quickly resolve the problem: run Eddie on Eddie's main window uncheck "Remember me" log your account out log your account in (you'll need to re-enter your AirVPN credentials) try again a connection Kind regards
-
1 pointRight, I'm now up and running again after re-flashing my router to the latest version of DD-WRT. Using the same keys and certs as before, but now it just works. The main difference I can see is that the new firmware is using OpenVPN 2.5. The problem I have now is getting my NAS setup working, but that's nothing to do with the VPN side of things... 👍
-
1 point
speedtest comparison
go558a83nk reacted to DogeX for a post in a topic
Hello @Staff can you please tell me how the speed is calculated and what is the delay between each update. Im currently breaking the record but my downloads are always finished when it update. -
1 point
ANSWERED No connection with FreshTomato
Staff reacted to outer ordeals for a post in a topic
I was doubtful, but it worked!!! Thank you so much!!! For the benefit of everybody, here are screenshots of my working configuration -
1 point
ANSWERED No connection with FreshTomato
outer ordeals reacted to Staff for a post in a topic
@eltznth Hello! Yes, TLS Crypt seems fully supported. Set the "TLS Control Channel security" combo box to "Encrypt channel" Set the "Compression" combo box to "LZO Adaptive" Check "Verify certificate" Do not enable server certificate verification by name, leave the "Verify server certificate" combo box to "No". Kind regards -
1 pointHello! You need to re-generate your configuration files through the Configuration Generator available in your AirVPN account "Client Area". Explanation: https://airvpn.org/forums/topic/58289-openvpn-certificate-has-expired/?do=findComment&comment=231319 Kind regards
-
1 point
ANSWERED OpenVPN Certificate has expired
al the yank reacted to MortenM for a post in a topic
Same problem here. Suddenly today. Downloaded latest version and installed just in case. There must be something wrong other than here locally? The suggested fix is way too complicated... That was lazy.. pointing to a description of ten thousand words to do something that probably is easy... Please give a step by step way to fix this without a million other things mixed in. -
1 pointHello! No, it was not and it is not. Every and each machine runs on non-affected Operating Systems, typically FreeBSD and Debian 12. Debian 12 trivially is not affected because it does not include (in the official repositories we point at) the exploited xz versions 5.6.0 / 5.6.1 (and of course we did not build them from git) while in FreeBSD: Gordon Tetlow, security officer, https://lists.freebsd.org/archives/freebsd-security/2024-March/000248.html). Kind regards
-
1 point
Honeypot VPN?
knighthawk reacted to OpenSourcerer for a post in a topic
The caution is warranted – as stated, point 4 is strange. But it's like that in any part of the world. The service offerings should be scrutinized based on promises of free services, not because it's got a Russian handwriting on it. That was my entire point. -
1 point
Honeypot VPN?
knighthawk reacted to OpenSourcerer for a post in a topic
Correlation != Causation. What if the service was set up by a desperate party because Russia banned VPN usage? Don't you think it makes sense? If you are a Russian in Russia and you cannot pay for the VPN services around the world because of sanctions (those services would give you a less restricted internet, after all), wouldn't you try to find a service which accepts whatever payment processors are available to you? Exactly – learn Russian or ask someone like me to translate for you. Don't go through the world, fingers pointing in crude directions, and voicing mere suspicions. No, it doesn't. Yandex is what Google is to US, or Tencent to China – a provider of various internet services tailored to a specific ethnic group's market. Yandex has got its own networks, which includes targeted advertising and analytics. Why shouldn't Yandex be allowed to offer their services to Russian diasporas across the world? Betteridge's law of headlines states that "any headline that ends in a question mark can be answered by the word no". -
1 point
Honeypot VPN?
knighthawk reacted to OpenSourcerer for a post in a topic
How do points 1, 2, 3 and 5 lead to such a conclusion? Just because it's Russian doesn't mean it's bad. Not everything from Russia is somehow connected to Russian politics; please take care to keep these matters separate. Only point 4 is a bit strange, but it'd be strange if it were an EU or US service, too. Let's not use the word "honeypot" here prematurely before any real analysis. Otherwise it's just FUD. -
1 point
VPN service disclosed user IP to French authorities
knighthawk reacted to Moat for a post in a topic
I've said it, I'll repeat it, even if Fred is right: "Most people don't want to hear the truth because they don't want their illusions destroyed" - Friedrich Nietzsche Regardless of what Proton or any Swiss service claims, Swiss law OBLIGES any "telecommunication company" to intercept and keep "ANY DATA" in "UNENCRYPTED FORMAT" which transits in or out of its country borders, for "AT LEAST 6 MONTHS" for the event law enforcement "ASKS". The asking part is without need for a court order or investigation warrant. The unencrypted part is where the telecommunications company becomes liable for any alleged wrongdoing which they can not provide the information unencrypted of. You can blame Swiss based services to not clearly advertise this. You can't blame them for complying, it is their arse or the wrongdoers... The pressure point is who "stores" the data. For example VPN keys at for example Proton, anyone? Since it can be asking without warrant or court order, it does not oblige law enforcement to do anything with it … They can let you stink for years, and when it matters to the Swiss use that as a pressure point to obtain something else they suddenly may want from you. Classic Swiss. Now it is particular: any connection going through the border. So if you are in Switzerland and your connection and data stays in Switzerland, well, the obligation does not exist. (as if a company will bear the cost burden to differentiate …) No, its just the Swiss don't like their secrecy shit kept, because if so and if ever used in court the public prosecutor has to order the destruction and inadmissibility of the evidence and it becomes an awkward display. Imagine if someone took it to ECHR, the only leg would be national security, no longer national interest or catching bad guys. AVPN (may) does not log connections, and (may) does have a good contract with their Swiss data center. Reality is the Swiss data center has to log anything which crosses the border for the Stasi . You're only a little safer if the keys can not be found in Schwein-e-land. Not saying the other countries are better, but Swiss services (dare I misbehave and suggest crooks?) like Proton, crap away from them as far as you can. If you like the Swiss funny concept of privacy and security, pay attention to certificates of web sites like Zoho being "safe" and "private" because hosted and served from Sierre for example There is no such thing as privacy online, only making life a bit more difficult to those who wish to know the colour of your underpants, when you last did your laundry, and what detergent you used... -
1 point
OpSec: Correlation attack
knighthawk reacted to OpenSourcerer for a post in a topic
You cannot remove it from the Top Users screen without removing them everywhere else as well. I believe the same class is used because the displaying of date/time strings across all of IPBoard is affected by the user's settings, changeable in the Preferences. -
1 point
ANSWERED Eddie Constantly refreshes Server list - will not stop unless I totally close AirVPN
cljonesey reacted to OpenSourcerer for a post in a topic
This is the very first time this was reported across the forums, so I must express some confusion after your threats. Please try a clean profile first to see if that behavior is config-driven. It's found in %APPDATA%\Eddie\default.profile on Windows and ~/.config/eddie/default.profile on Linux. Rename this to something.else and launch Eddie, then see if the problem persists. -
1 point
VPN service disclosed user IP to French authorities
knighthawk reacted to OpenSourcerer for a post in a topic
I can confirm Mr. fishbasketballaries' information via translation as well. There is no suggestion that the VPN provider in this case was ProtonVPN. Mr. DogeX, please check and recheck the information you get next time before you post. -
1 point
VPN service disclosed user IP to French authorities
knighthawk reacted to fishbasketballaries for a post in a topic
Perhaps DeepL's machine translation is failing me here, but it looks to me like the article only mentions that most bomb threats targeting airports are sent from IP addresses in Switzerland. Then they point out that Proton is a Switzerland based company who, in the past, has provided user identities to courts, but it does not say that this bomb threat was sent from Switzerland or whether Proton unmasked the perpetrator. -
1 point
Split Tunnel.
tranquivox69 reacted to NaDre for a post in a topic
EDIT: I know now that this leak is coming from Firefox. Not SQUID. If you set "DNS over HTTPS" to "https://dns.google/dns-query" while everything else points somewhere else, then the "leak" is to Google. So Firefox is doing DNS look ups without relying on SQUID. Yeah. I think the binding to the specified UDP outgoing address, which is used for DNS, is not fully respected by the DNS module in squid. At some point it makes a DNS look up request in the usual way which will use the default DNS server. I didn't want to put you off. I don't see this as a big issue. Particularly if you set the default DNS for your system to Cloudflare, Google or Quad9. That is actually why I suggested it. If I feel energetic sometime I will chase it down. But then I would have to compile squid myself. I doubt I would ever convince the development team to incorporate some fix I offered. I will look at the scripts to see if I can make the scanning for addresses more bullet-proof. I don't like that these work with Eddie but not openvpn or wq-quick. I would like to believe they will work with any VPN client/wrapper. -
1 pointNot only TikTok. For example the Bitcoin network can not be controlled so a transaction from an American citizen could potentially go to a citizen of a country that's "a menace" for the USA (definition of enemy and menace is discretionary, the used language seems fine tuned to allow scope enlargement at will without judiciary supervision). Since that's not controllable, we find it potentially possible that operators might be required to block "the Bitcoin network". What's worse, according to a preliminary interpretation of the text, if in some way (difficult but personal and house search, pre-selected through the usual monitoring performed by USA ISPs, can help...) it can be proved that a USA citizen has used some tool like Tor or VPN to access any of the blocked network / services etc., that citizen will be prosecuted: civil liability up to a million of dollars, and criminal behavior subjected to up to 20 years in jail - which, if we're not mistaken, is worse than in China, Russia, and various countries controlled by human rights hostile regimes. Kind regards
-
1 pointi fixed this problem by C:\Users\USER\AppData\Local\AirVPN\ deleting everythig in here. can be closed