Jump to content
Not connected, Your IP: 54.80.252.84

Leaderboard


Popular Content

Showing content with the highest reputation since 01/20/21 in all areas

  1. 13 points
    Hello! We're very glad to announce that, in compliance with its mission, AirVPN proudly supports WikiLeaks https://wikileaks.org in 2021 too, with a 0.32577602 BTC donation, around 20,000 USD at the moment of the transaction. WikiLeaks is an international non-profit organization that publishes news leaks and classified media provided by anonymous sources. Since 2006, the group has released a huge amount of documents of paramount importance and public interest, with an outstanding 100% accuracy so far, which deeply changed our vision and knowledge of the world. https://www.blockchain.com/btc/tx/527abecb9e8959556fd01cba66b45890a71f643eddff3cb1d6f9d4ffd39dc15b AirVPN's mission: https://airvpn.org/mission Kind regards & datalove AirVPN Staff
  2. 12 points
    Staff

    New feature: DNS block lists

    Hello! We're glad to introduce a new feature in AirVPN infrastructure: DNS block lists. By default, AirVPN DNS remains neutral in accordance with our mission. However, from now on you have the option to enforce block lists which poison our DNS, in order, for example, to block known sources of ads, spam, malware and so on. You can manage your preferences in your account Client Area ⇨ DNS panel https://airvpn.org/dns/. We offer only lists released with licenses which grant re-distribution for business purposes too. The system is very flexible and offers some exclusive features never seen before in other VPN services: You can activate or de-activate, anytime, any combination of lists. You can add customized exceptions and/or additional blocks. Any specified domain which must be blocked includes all of its subdomains too. Lists which can return custom A,AAAA,CNAME,TXT records are supported. You can define any combination of block lists and/or exceptions and/or additions for your whole account or only for specific certificate/key pairs of your account (Client Area ⇨ Devices ⇨ Details ⇨ DNS) Different matching methods are available for your additions and exceptions: Exact (exact FQDN), Domain (domain and its subdomains), Wildcard (with * and ? as wildcards), Contain, Start with, End with. An API to fetch every and each list in different formats (see Client Area ⇨ API ⇨ dns_lists service) is active Any change in your selected list(s), any added exception and any added block is enforced very quickly, within few tens of seconds. You don't need to disconnect and re-connect your account. You can define your own lists and discuss lists and anything related in the community forum here Essential requisite to enjoy the service is, of course, querying AirVPN DNS while your system is connected to some VPN server, which is by the way a default setup if you run any of our software. Kind regards & datalove AirVPN Staff
  3. 8 points
    Hello! We're very glad to inform you that a new 1 Gbit/s server located in Auckland (NZ) is available: Fawaris. We're also very pleased to be back in Oceania. The AirVPN client will show automatically the new server. If you use any other OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other Air server, Fawaris supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/Fawaris Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team
  4. 7 points
    Hello! We're very glad to inform you that a new 1 Gbit/s full duplex server located in Dublin, Ireland, is available: Minchir. The AirVPN client will show automatically the new server; if you use any other OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 UDP for WireGuard. Minchir supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/minchir Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team
  5. 7 points
    Staff

    AirVPN vs ProtonVPN.

    With all due respect for an old time customer like you, comparing AirVPN with ExpressVPN is an insult we can't accept. ExpressVPN has always been perfectly aware that one of its executives was an American intelligence operative who helped UAE human rights hostile government in cracking operations. We do agree with Edward Snowden when he says that you must not use ExpressVPN. Incidentally, ExpressVPN is now part of a big group that, throughout the past decade, was an adware based business with shady privacy practices. Please check: https://www.vice.com/en/article/3aq9p5/expressvpn-uae-hacking-project-raven-daniel-gericke https://twitter.com/josephfcox/status/1438127822883729412 https://twitter.com/Snowden/status/1438291654239215619 https://www.theregister.com/2021/09/14/expressvpn_bought_kape/ Kind regards
  6. 6 points
    Staff

    WireGuard beta testing available

    Hello! We're glad to announce the beginning of WireGuard beta testing in AirPVN infrastructure. In order to test WireGuard, go to Client Area ⇨ Preferences and activate Access to BETA Features. This will allow you to see specific guides and options pertaining to WireGuard. About privacy concerns, we wrote a FAQ answer here . Please make sure to read it. WireGuard with Eddie If you want to use Eddie, go to download page of your OS, and click Other versions ⇨ Experimental in Eddie download pages. Linux note: Eddie doesn't recognize WireGuard until it is present at kernel level. Use cat /sys/module/wireguard/version to check your WireGuard kernel module. Wireguard will be available in Preferences > Protocols window (logout and login from Eddie's main window might be necessary). WireGuard without Eddie Otherwise, for official WireGuard app/binaries, see the guides below: Windows - with official WireGuard app (GUI) ⇨ https://airvpn.org/windows/wireguard/gui/ macOS - with official WireGuard app from App Store (GUI) ⇨ https://airvpn.org/macos/wireguard/appstore/ macOS - with Homebrew, terminal ⇨ https://airvpn.org/macos/wireguard/homebrew/ Linux - with official WireGuard from your distro, terminal ⇨ https://airvpn.org/linux/wireguard/terminal/ iOS - with official WireGuard app from App Store (GUI) ⇨ https://airvpn.org/ios/wireguard/appstore/ Android - with official WireGuard app from Play Store (GUI) ⇨ https://airvpn.org/android/wireguard/playstore/ The guides above will be also shown in Download section when Beta Features option is checked. Notes: We will add other connection ports, suggestions are welcome. We automatically generate WireGuard keypair (and preshared-key), and assigned IPv4/IPv6 addresses, for any device, no action required. Kind regards & datalove AirVPN Staff
  7. 6 points
    Staff

    No log4j vulnerability here

    Hello! We would like to inform you that we have never used the Apache Logging Services and/or Java in general, so any Log4j vulnerability, CVE-2021-44228 included (overall CVSS score 10.0 - critical) doesn't affect AirVPN web site or anything related to AirVPN. https://nvd.nist.gov/vuln/detail/CVE-2021-44228 Kind regards and datalove AirVPN Staff
  8. 6 points
    Staff

    Spooky Halloween 2021 deals

    Hello! We reluctantly have to announce gloomy news to you all: Spooky Halloween Deals are now available in AirVPN... Save up to 74% on AirVPN longer plans (*) (*) When compared to 1 month plan price Check all plans and discounts here: https://airvpn.org/plans If you're already our customer and you wish to jump aboard for a longer period any additional plan will be added on top of already existing subscriptions and you will not lose any day. Every plan gives you all the features that made AirVPN a nightmare for snoopers and a scary service for competitors: a clear mission without compromises https://airvpn.org/mission active OpenVPN 3 open source development WireGuard support exclusive and very flexible, opt-in block lists against malware and other hostile entities. Pick pre-defined lists, add exceptions or additional blocks, or just use our totally neutral DNS by default ChaCha20 cipher on OpenVPN Data Channel for higher performance and longer battery life on tablets and smart phones IPv6 support, including IPv6 over IPv4 configurable remote port forwarding refined load balancing to squeeze every last bit per second from VPN servers free and open source software for Android, Linux, Mac and Windows easy "Configuration Generator" web interface for access through third party software guaranteed minimum bandwidth allocation GDPR compliance and very high standards for privacy protection no log and/or inspection of clients' traffic effective traffic leaks prevention by AirVPN software Tor support via AirVPN software on Linux, Mac and Windows various cryptocurrencies accepted without any intermediary no obligation to use our free and open source software to enter AirVPN infrastructure. Interoperability is an AirVPN priority. perfectly clear and easy to read Privacy Notice and Terms https://airvpn.org/privacy No tricks, only treats! Grim regards & datathrills AirVPN Staff
  9. 6 points
    Hello! The current state of play as well as important clarifications. The issue occurs only in those OpenVPN clients linked against OpenSSL 3 and only to some of our users, see below Since 2017, our system generates CRT signed with SHA512 algorithm. Previously they were signed with SHA1. Regeneration of old CRT is not triggered and forced by us automatically, because it would invalidate any previous OVPN configuration file out there and lock out the user who does not follow our forum, notification e-mails etc. @rprimus you have a client CRT (user.crt) dated 2015. You and anybody else using pre-2017 user certificates: please go to your "Client Area" > "Devices" menu, renew your cert/key pair, re-download your OVPN configuration files from the Configuration Generator, use them and you will be fine. (*) The problem has never been caused by the CA certificate. Replacing the CA.crt is not mandatory, it just avoids warning message (that you can safely ignore and has nothing to do with the main issue of this thread) you may meet in Eddie Android edition, Hummingbird and Bluetit. Anyway, now even ca.crt is SHA512 signed, so you will not get anymore the mentioned warning (*) Yellow rows show certificates which use a signature based on a deprecated for security reasons hash algorithm (SHA1). They are still here to ensure backward compatibility, because we can't know whether you still use them in generated profiles. However, future OpenVPN versions might not allow them anymore. Click 'Renew' or 'Delete' to resolve the issue. After that, re-generate profile(s) with our Configuration Generator. If you run our client software Eddie, you just need to log your account out and in again from the main window. Kind regards
  10. 6 points
    I am getting the exact same error. Probably everyone else does as well as the SSL certificate seems to be invalid.
  11. 5 points
    Staff

    Black Friday Sale 2021

    Hello! We're very glad to inform you that the Black Friday week has just begun in AirVPN! Save up to 74% when compared to one month plan price Check all plans and discounts here: https://airvpn.org/buy If you're already our customer and you wish to jump aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. AirVPN is one of the oldest and most experienced consumer VPN on the market, operating since 2010. It never changed ownership, it was never sold out to data harvesting or malware specialized companies as it regrettably happened to most competitors. AirVPN does not inspect and/or log client traffic, and offers: five simultaneous connections per account IPv6 full support AES-GCM and ChaCha20 OpenVPN ciphers on all servers WireGuard support on all servers Perfect Forward Secrecy with unique per-server 4096 bit Diffie-Hellman keys active daemons load balancing for unmatched high performance - current 'all time high' on client side is 730 Mbit/s with OpenVPN and 1046 Mbit/s with WireGuard even more, exclusive features, such as DNS customizable and flexible block lists to neutralize sources of ads, spam, trackers etc. AirVPN is the only VPN provider which is actively developing OpenVPN 3 library with a fork that's currently 113 commits ahead of OpenVPN master and adds key features and bug fixes for a much more comfortable and reliable experience: AirVPN, in accordance with its mission, develops only free and open source software for many platforms, including Android, Linux (both x86 and ARM based systems), macOS and Windows. Kind regards & datalove AirVPN Staff
  12. 5 points
    spinmaster

    [Proposal] [Implemented] OISD

    I'd like to propose adding the (very popular) OISD Blocklist. This list is also used by other free DNS "Adblock" services like Adhole.org, AhaDNS.com, etc. OISD (https://oisd.nl/) OISD is a pre-filtered blocklist consisting of lots of other popular blocklists. Domains which do not resolve from these blocklists are filtered out on a daily basis. OISD is focusing on functionality and not overblocking. License: ? I couldn't find any licensing information on the website. Raw URL: https://dbl.oisd.nl/ or (alternatively) https://hosts.oisd.nl/
  13. 5 points
    Eddie V2.20.0 suddenly won't connect using Windows 10, 20H2. It starts to connect, then disconnects, then restarts again - all in a continuous loop. Any ideas on a solution? Thanks.
  14. 4 points
    Staff

    Two new 1 Gbit/s servers available (JP)

    Hello! We're very glad to inform you that two new 1 Gbit/s full duplex servers located in Tokyo, Japan, are available: Albaldah and Bharani. The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and port 1637 UDP for WireGuard. Albaldah and Bahrani support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check servers status as usual in our real time servers monitor: https://airvpn.org/servers/albaldah https://airvpn.org/servers/bharani Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team
  15. 4 points
    Clodo

    [Proposal] [Implemented] OISD

    Thanks, Basic and Extra will be included as soon as possible. "Full" is huge (>300k entries the wildcard version), we need to perform some stress test (ensure that it doesn't slow down resolution) before inclusion.
  16. 4 points
    Hello, Recently I have noticed that it looks like the Phoenix AirVPN servers (Bootes, Chalawan, Indus, Phoenix, Virgo) , Berlin AirVPN Server (Cujam) , and Barcelona AirVPN server (Eridanus) are not actually located where M247 claims they are located, and it appears M247 is misrepresenting the locations of these servers If you go to the status page of any "Phoenix" server for example https://airvpn.org/servers/Bootes/ you will see the latencies to other cities where AirVPN has servers, and it shows 0ms to Los Angeles, that wouldn't be physically possible if the Phoenix servers were truly located in Phoenix. This points to the Phoenix servers truly being hosted in Los Angeles Additionally, on a personal VPS server of mine which is located in Los Angeles, I get less than 1ms latency between my VPS in Los Angeles to the AirVPN "Phoenix" servers, which, again, points to the Phoenix servers truly being in Los Angeles, because this 1ms latency would not be physically possible between Los Angeles and Phoenix And if you go to the status page of the "Berlin" server https://airvpn.org/servers/Cujam/ It shows 0ms latency to Frankfurt, also not physically possible This points to the Berlin servers really being in Frankfurt And if you go to the status page of the "Barcelona" server https://airvpn.org/servers/Eridanus/ It shows 0ms latency to Madrid, again, not physically possible! This points to the Barcelona servers truly being hosted in Madrid M247 may say that if you do a WHOIS lookup on their Phoenix IP block, the description is "M247 Phoenix" but honestly this is not proof at all, as the network admins can set whatever netname and description they want when they're creating the inetnum object in their RIR's database. For additional proof other than the "Berlin" , "Barcelona", and "Phoenix" that Air has from M247, Here is M247's full list of locations according to their website You can see that neither Berlin, Phoenix, or Barcelona is on this list. https://m247.com/services/host/dedicated-servers/ From the website, their locations: Europe: Amsterdam, NL Belgrade, RS Brussels, BE Bucharest, RO Budapest, HU Copenhagen, DK Dublin, IE Frankfurt, DE London, UK Manchester, UK Madrid, ES Milan, IT Oslo, NO Paris, FR Prague, CZ Sofia, BG Stockholm, SE Warsaw, PL Vienna, AT Zurich, CH North America: Dallas, TX, USA Los Angeles, CA, USA Miami, FL, USA New York Metro Area, USA (Secaucus, NJ) Montreal, QC, CA Asia and Middle East: Dubai, UAE Hong Kong, HK Singapore, SG Tokyo, JP Oceania: Sydney, AU Based on this information it is clear to see that M247 is misrepresenting the locations of AirVPN's Phoenix, Berlin, and Barcelona servers, From being a customer of Air for as long as I have, I can tell that the Air staff are honest and they have provided and continue to provide a great and true service, this is extremely evident for example by looking at how AirVPN left France because of the concerning legal framework there, and why AirVPN does not operate in Poland or Italy for similar reasons, even though other VPNs gladly operate services in those countries. It's clear as day to see that AirVPN is not deceptive or untruthful at all, so I am absolutely not accusing Air at all of participating in this misrepresentation, it just seems to me like Air was duped by M247 into buying these servers that are reported to be in a different location than the one they are truly in. So given that the 5 Phoenix AirVPN servers , the 1 Berlin server, and 1 Barcelona server are falsely geolocated, it would be good idea for Staff to replace those servers with ones that are actually in the reported locations, or just change the reported location of those servers in Eddie to reflect the true locations.
  17. 4 points
    Stalinium

    Happy AirVPN power user

    I don't know what to write about... Everything's fine and I love AirVPN. Sounds cheesy but it is what it is. I've been using AirVPN for half a year. Many servers to choose from, very transparent from the user's point of view - something I value. Transparency about server status and an API (admittedly I haven't used it much). From reading the forums I grasped that AirVPN has very strict (legal) criteria for choosing server locations (countries), an approach that is unique across all providers I've seen so far. Yea placing servers in China wouldn't be the best idea or many other more "democratic" as a matter of fact which were ruled out. The config generator is awesome if you're not using their open source client Eddie (bonus points again!) - plenty of flexibility. Configs? Afaik there're some providers out there who still have user/password prompt on each connection, laughable. AirVPN not only properly makes use of certificates (that's how the server knows you are you without asking for credentials) and on top of that allows you to properly distribute different access keys across your devices (in case of theft etc). Lost a device? Revoke access to that single one and done! Port-forwarding support ALONG WITH Dynamic DNS is unparalleled. Sure an advanced user probably could create an ad-hoc DDNS solution for themself, but offering it along the VPN is ingenius. The servers are very stable, the stats currently show a user has been connected since January. I've read comments where other VPNs often force reconnects etc, that just sounds wild to me. Before AirVPN I've been on a private VPN server with 24/7 uptime and that's the quality of service I got used to and wouldn't want to downgrade from (looking at those other VPN providers) The AirVPN forums are a great source of information. The staff cannot be commended enough for responding to concerns and generally being here for discussion. @OpenSourcerer is a damn community hero, this place is unimaginable without him! I myself have contributed in one form or another and will continue to. As a side note to forums: AirVPN appears to have customized the forum software for privacy. I can't assess how far it goes (hopefully "enough"), and it's a far better choice than those completely relying on Reddit - undoubtedly a useful puppet of/for the certain government. The only problem I've had was with initial payment. I bought the 1 month plan and found no clear indications it was still active (because it is a PayPal recurring payment), so before the month expired I bought the 1 year plan. I was quite surprised to see a few days later my access days to have been extended by +31d - the automatic Paypal payment kicked in and I paid a single month extra. Though I like the service so much I decided not to bother with a refund (consider it a donation hehe). You need to login in Paypal to cancel those, I wish this was made clear/er. What's unclear to me was whether/how much info is retained on payment after all the transactions... but to grossly paraphrase an official response: use crypto. Just make sure your mug shot (photo) isn't connected to the coin wallet Roses are red, AirVPN's great.
  18. 4 points
    I have a reason to believe that M247 is falsifying a few of its server locations which it sells to VPN companies such as AirVPN. Disclaimer: I am not accusing AirVPN of participating in this falsification, I believe that AirVPN staff has the integrity and honesty to only purchase servers in locations they know are correct as advertised. My hypothesis is that AirVPN was merely duped into buying thse falsified locations because M247 claimed that they were real locations and AirVPN did not have any reason to suspect anything to the contrary. I noticed recently that the M247 "Phoenix" location seems to really be located in Los Angeles, M247 "Barcelona" location seems to really be in Madrid, and the M247 "Berlin" location seems to really be in Frankfurt. Traceroute shows identical routes between each of these false locations and the real location they are in, not to mention that neither Phoenix, Barcelona, or Berlin appear on M247's list of locations on their website Disclaimer 2: All of the data below is shown as it was generated, with the only thing being edited is the redaction of my ISP's traceroute hops for protection of my privacy. Exhibit A: "Phoenix" is really Los Angeles. Traceroute and ping to Indus , allegedly in M247 Phoenix Traceroute to Indus server traceroute to indus.airservers.org (193.37.254.26), 30 hops max, 38 byte packets [Redacted my ISP's traceroute hops] 8 * * * 9 ae-5.r01.lsanca20.us.bb.gin.ntt.net (129.250.6.49) 73.593 ms 68.449 ms 69.689 ms 10 ce-0-1-0-0.r01.lsanca20.us.ce.gin.ntt.net (128.241.6.1) 66.818 ms 71.847 ms 72.087 ms 11 * irb-0.agg1.lax1.us.m247.com (77.243.185.149) 89.481 ms et-0-0-49-0.agg1.lax1.us.m247.com (77.243.185.145) 79.797 ms 12 vlan2921.as09.lax1.us.m247.com (193.9.115.167) 123.200 ms 71.520 ms vlan2909.as09.lax1.us.m247.com (193.9.115.169) 74.228 ms 13 * * * 14 * * * Traceroute from Indus to Google traceroute to google.com (172.217.5.110), 30 hops max, 60 byte packets 1 10.32.6.1 (10.32.6.1) 69.597 ms 69.603 ms 69.595 ms 2 vlan177.as09.lax1.us.m247.com (193.37.254.1) 69.687 ms 69.711 ms 69.778 ms 3 irb-0.agg1.lax1.us.m247.com (193.9.115.168) 633.031 ms 633.038 ms 633.034 ms 4 37.120.220.170 (37.120.220.170) 69.490 ms 69.452 ms 69.546 ms 5 72.14.204.180 (72.14.204.180) 69.661 ms te-4-3-0.bb1.lax1.us.m247.com (82.102.29.110) 69.769 ms 69.821 ms 6 10.252.217.158 (10.252.217.158) 69.615 ms 72.14.204.180 (72.14.204.180) 67.888 ms 10.23.211.158 (10.23.211.158) 68.754 ms 7 10.252.234.254 (10.252.234.254) 67.871 ms 142.250.228.74 (142.250.228.74) 68.216 ms 10.252.234.254 (10.252.234.254) 68.221 ms 8 108.170.247.244 (108.170.247.244) 68.254 ms 108.170.237.114 (108.170.237.114) 68.228 ms 108.170.247.244 (108.170.247.244) 68.243 ms 9 108.170.247.211 (108.170.247.211) 68.818 ms 108.170.247.148 (108.170.247.148) 68.598 ms 68.843 ms 10 108.170.230.123 (108.170.230.123) 68.806 ms 108.170.230.133 (108.170.230.133) 69.010 ms 172.253.75.217 (172.253.75.217) 76.905 ms 11 172.253.75.217 (172.253.75.217) 76.921 ms 172.253.70.153 (172.253.70.153) 80.406 ms 74.125.253.148 (74.125.253.148) 75.588 ms 12 142.250.234.59 (142.250.234.59) 81.965 ms 108.170.243.1 (108.170.243.1) 78.518 ms 80.377 ms 13 108.170.236.61 (108.170.236.61) 75.650 ms 75.356 ms 108.170.243.1 (108.170.243.1) 77.960 ms 14 sfo03s07-in-f14.1e100.net (172.217.5.110) 82.906 ms 108.170.236.63 (108.170.236.63) 77.106 ms sfo03s07-in-f110.1e100.net (172.217.5.110) 103.936 ms Ping to Indus PING 193.37.254.26 (193.37.254.26) 56(84) bytes of data. 64 bytes from 193.37.254.26: icmp_seq=1 ttl=57 time=69.5 ms 64 bytes from 193.37.254.26: icmp_seq=2 ttl=57 time=68.8 ms 64 bytes from 193.37.254.26: icmp_seq=3 ttl=57 time=69.1 ms 64 bytes from 193.37.254.26: icmp_seq=4 ttl=57 time=68.0 ms 64 bytes from 193.37.254.26: icmp_seq=5 ttl=57 time=69.3 ms 64 bytes from 193.37.254.26: icmp_seq=6 ttl=57 time=68.5 ms 64 bytes from 193.37.254.26: icmp_seq=7 ttl=57 time=70.0 ms 64 bytes from 193.37.254.26: icmp_seq=8 ttl=57 time=69.2 ms 64 bytes from 193.37.254.26: icmp_seq=9 ttl=57 time=69.7 ms 64 bytes from 193.37.254.26: icmp_seq=10 ttl=57 time=68.1 ms Hmm, I wonder why all the M247 router hops are all labelled as "LAX1" for a "Phoenix" location??? Now we will compare this to Groombridge, a server in M247 Los Angeles Traceroute to Groombridge traceroute to groombridge.airservers.org (37.120.132.82), 30 hops max, 38 byte packets [Redacted my ISP's traceroute hops] 7 * * * 8 ae-2.r25.lsanca07.us.bb.gin.ntt.net (129.250.3.189) 74.561 ms 97.764 ms * 9 ae-5.r01.lsanca20.us.bb.gin.ntt.net (129.250.6.49) 73.048 ms 70.967 ms 73.707 ms 10 ce-0-1-0-0.r01.lsanca20.us.ce.gin.ntt.net (128.241.6.1) 65.112 ms 73.968 ms 71.939 ms 11 irb-0.agg1.lax1.us.m247.com (77.243.185.149) 77.359 ms * * 12 vlan2926.as15.lax1.us.m247.com (89.44.212.37) 75.003 ms 73.769 ms 217.138.223.35 (217.138.223.35) 67.763 ms 13 * * * 14 * * * Traceroute from Groombridge to YouTube traceroute to youtube.com (216.58.195.78), 30 hops max, 60 byte packets 1 10.15.134.1 (10.15.134.1) 71.514 ms 71.502 ms 71.493 ms 2 vlan170.as15.lax1.us.m247.com (37.120.132.81) 71.810 ms 71.986 ms 72.005 ms 3 * * * 4 37.120.220.198 (37.120.220.198) 75.969 ms te-1-2-0.bb1.nyc1.us.m247.com (77.243.185.18) 76.140 ms 37.120.220.198 (37.120.220.198) 75.971 ms 5 72.14.204.180 (72.14.204.180) 76.149 ms 76.154 ms te-4-3-0.bb1.lax1.us.m247.com (82.102.29.110) 75.138 ms 6 10.252.173.62 (10.252.173.62) 78.254 ms 72.14.204.180 (72.14.204.180) 73.797 ms 73.781 ms 7 209.85.254.86 (209.85.254.86) 73.773 ms 10.252.50.62 (10.252.50.62) 73.975 ms 108.170.247.193 (108.170.247.193) 74.551 ms 8 108.170.237.114 (108.170.237.114) 73.937 ms 108.170.247.193 (108.170.247.193) 74.759 ms 108.170.247.243 (108.170.247.243) 74.214 ms 9 * 108.170.247.244 (108.170.247.244) 74.196 ms 108.170.234.124 (108.170.234.124) 74.648 ms 10 209.85.254.229 (209.85.254.229) 86.701 ms * 108.170.234.27 (108.170.234.27) 72.588 ms 11 216.239.58.214 (216.239.58.214) 80.460 ms 142.250.234.56 (142.250.234.56) 81.648 ms 172.253.70.155 (172.253.70.155) 83.700 ms 12 108.170.242.241 (108.170.242.241) 80.580 ms 66.249.94.28 (66.249.94.28) 79.787 ms 108.170.242.241 (108.170.242.241) 81.349 ms 13 72.14.239.97 (72.14.239.97) 80.326 ms 108.170.242.241 (108.170.242.241) 81.308 ms 72.14.239.43 (72.14.239.43) 84.462 ms 14 72.14.239.43 (72.14.239.43) 82.598 ms sfo07s16-in-f78.1e100.net (216.58.195.78) 80.463 ms 81.950 ms Ping to Groombridge PING groombridge.airservers.org (37.120.132.82) 56(84) bytes of data. 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=1 ttl=57 time=68.8 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=2 ttl=57 time=68.8 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=3 ttl=57 time=68.9 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=4 ttl=57 time=68.0 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=5 ttl=57 time=70.4 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=6 ttl=57 time=69.0 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=7 ttl=57 time=70.4 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=8 ttl=57 time=67.6 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=9 ttl=57 time=68.3 ms 64 bytes from 82.132.120.37.in-addr.arpa (37.120.132.82): icmp_seq=10 ttl=57 time=68.0 ms Hmm, looks suspiciously similar to me... Routes are both the same, ping is near-equal Exhibit B: "Barcelona" is really Madrid Traceroute and ping to Eridanus, allegedly in Barcelona Traceroute to Eridanus traceroute to eridanus.airservers.org (185.183.106.2), 30 hops max, 38 byte packets [Redacted my ISP's traceroute hops] 7 * * * 8 be2332.ccr32.bio02.atlas.cogentco.com (154.54.85.246) 83.833 ms 82.655 ms 83.244 ms 9 be2325.ccr32.mad05.atlas.cogentco.com (154.54.61.134) 86.389 ms 85.839 ms 86.422 ms 10 quantum-sistemas.demarc.cogentco.com (149.6.150.130) 110.559 ms 171.268 ms 118.386 ms 11 * * * 12 * * * Traceroute from Eridanus to YouTube traceroute to youtube.com (216.58.211.46), 30 hops max, 60 byte packets 1 10.16.134.1 (10.16.134.1) 89.066 ms 89.077 ms 89.072 ms 2 * * * 3 xe-1-2-3-0.bb1.mad1.es.m247.com (212.103.51.62) 89.002 ms 88.997 ms 88.992 ms 4 mad-b1-link.telia.net (213.248.95.33) 89.157 ms 89.176 ms 89.172 ms 5 google-ic-314668-mad-b1.c.telia.net (62.115.61.14) 89.168 ms 89.324 ms 89.328 ms 6 * * * 7 142.250.239.26 (142.250.239.26) 92.637 ms 72.14.233.124 (72.14.233.124) 91.657 ms 142.250.62.202 (142.250.62.202) 91.548 ms 8 108.170.234.221 (108.170.234.221) 92.059 ms 74.125.242.178 (74.125.242.178) 91.787 ms 144.397 ms 9 108.170.253.225 (108.170.253.225) 91.930 ms muc03s14-in-f14.1e100.net (216.58.211.46) 91.631 ms 108.170.253.225 (108.170.253.225) 91.934 ms Hmm, I wonder why M247's router hops in the "Barcelona" location are all labelled as "MAD1" Ping to Eridanus PING 185.183.106.2 (185.183.106.2) 56(84) bytes of data. 64 bytes from 185.183.106.2: icmp_seq=1 ttl=56 time=89.4 ms 64 bytes from 185.183.106.2: icmp_seq=2 ttl=56 time=85.9 ms 64 bytes from 185.183.106.2: icmp_seq=3 ttl=56 time=84.9 ms 64 bytes from 185.183.106.2: icmp_seq=4 ttl=56 time=85.5 ms 64 bytes from 185.183.106.2: icmp_seq=5 ttl=56 time=86.4 ms 64 bytes from 185.183.106.2: icmp_seq=6 ttl=56 time=85.0 ms 64 bytes from 185.183.106.2: icmp_seq=7 ttl=56 time=85.3 ms 64 bytes from 185.183.106.2: icmp_seq=8 ttl=56 time=87.1 ms 64 bytes from 185.183.106.2: icmp_seq=9 ttl=56 time=85.8 ms 64 bytes from 185.183.106.2: icmp_seq=10 ttl=56 time=85.3 ms Comparing this to Mekbuda, a server in Madrid M247 Traceroute to Mekbuda [Redacted my ISP's traceroute hops] 7 * * * 8 be2332.ccr32.bio02.atlas.cogentco.com (154.54.85.246) 83.761 ms 82.333 ms 82.102 ms 9 be2325.ccr32.mad05.atlas.cogentco.com (154.54.61.134) 86.121 ms 85.032 ms 86.308 ms 10 quantum-sistemas.demarc.cogentco.com (149.6.150.130) 94.879 ms 87.337 ms 88.230 ms 11 * * * 12 * * * Route from Mekbuda to Youtube traceroute to youtube.com (216.58.215.142), 30 hops max, 60 byte packets 1 10.21.198.1 (10.21.198.1) 87.692 ms 87.693 ms 87.686 ms 2 vlan29.bb2.mad1.es.m247.com (185.93.182.161) 87.696 ms 87.690 ms 87.750 ms 3 xe-1-1-0-0.bb1.mad1.es.m247.com (82.102.29.25) 87.762 ms 87.758 ms 87.753 ms 4 mad-b1-link.telia.net (213.248.95.33) 87.956 ms 88.558 ms 87.931 ms 5 google-ic-314668-mad-b1.c.telia.net (62.115.61.14) 87.836 ms 87.992 ms 87.988 ms 6 * * * 7 mad41s04-in-f14.1e100.net (216.58.215.142) 86.846 ms 74.125.242.177 (74.125.242.177) 98.934 ms 98.992 ms Ping to Mekbuda PING mekbuda.airservers.org (185.93.182.170) 56(84) bytes of data. 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=1 ttl=56 time=87.0 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=2 ttl=56 time=88.4 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=3 ttl=56 time=86.2 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=4 ttl=56 time=88.4 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=5 ttl=56 time=86.7 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=6 ttl=56 time=85.7 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=7 ttl=56 time=85.7 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=8 ttl=56 time=87.1 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=9 ttl=56 time=88.3 ms 64 bytes from 185.93.182.170 (185.93.182.170): icmp_seq=10 ttl=56 time=88.2 ms Once again, everything is near-identical, with only a slight difference in Youtube traceroute. Exhibit C: "Berlin" is really in Frankfurt First we will test ping and traceroute to Cujam, a Berlin M247 server Traceroute to Cujam [Redacted my ISP's traceroute hops] 6 * * * 7 ae-9.r20.londen12.uk.bb.gin.ntt.net (129.250.6.146) 73.904 ms ae-11.r20.parsfr04.fr.bb.gin.ntt.net (129.250.4.195) 78.812 ms 75.580 ms 8 ae-1.r21.londen12.uk.bb.gin.ntt.net (129.250.2.183) 79.099 ms ae-2.r21.parsfr04.fr.bb.gin.ntt.net (129.250.3.46) 85.715 ms ae-1.r21.londen12.uk.bb.gin.ntt.net (129.250.2.183) 78.384 ms 9 ae-16.r20.frnkge13.de.bb.gin.ntt.net (129.250.3.13) 91.553 ms ae-11.r21.frnkge13.de.bb.gin.ntt.net (129.250.5.26) 91.521 ms ae-16.r20.frnkge13.de.bb.gin.ntt.net (129.250.3.13) 94.728 ms 10 ae-0.a00.frnkge13.de.bb.gin.ntt.net (129.250.2.25) 92.855 ms 89.619 ms 90.740 ms 11 ae-8-501.a00.frnkge13.de.ce.gin.ntt.net (213.198.52.62) 91.869 ms 92.824 ms 93.136 ms 12 37.120.220.131 (37.120.220.131) 90.856 ms vlan2945.agg2.fra4.de.m247.com (193.27.15.241) 92.015 ms 37.120.220.116 (37.120.220.116) 89.007 ms 13 vlan2925.as03.fra4.de.m247.com (83.97.21.17) 88.304 ms vlan2901.as03.fra4.de.m247.com (82.102.29.155) 93.828 ms vlan2925.as03.fra4.de.m247.com (83.97.21.17) 89.713 ms 14 * * * 15 * * * Traceroute from Cujam to YouTube 1 10.11.102.1 (10.11.102.1) 89.968 ms 89.978 ms 89.972 ms 2 37.120.217.241 (37.120.217.241) 90.041 ms 90.036 ms 90.134 ms 3 vlan2925.agg2.fra4.de.m247.com (83.97.21.16) 89.915 ms 89.910 ms 89.905 ms 4 37.120.220.130 (37.120.220.130) 90.078 ms 193.27.15.240 (193.27.15.240) 89.956 ms 37.120.220.130 (37.120.220.130) 90.199 ms 5 vlan2906.bb1.ams1.nl.m247.com (37.120.128.248) 90.252 ms 90.009 ms 37.120.128.253 (37.120.128.253) 90.176 ms 6 37.120.128.253 (37.120.128.253) 90.171 ms no-mans-land.m247.com (185.206.226.71) 89.888 ms 37.120.128.253 (37.120.128.253) 89.597 ms 7 no-mans-land.m247.com (185.206.226.71) 89.851 ms 10.252.43.30 (10.252.43.30) 89.962 ms 10.252.45.126 (10.252.45.126) 89.649 ms 8 108.170.252.1 (108.170.252.1) 90.496 ms 108.170.235.248 (108.170.235.248) 89.578 ms 10.252.73.190 (10.252.73.190) 89.598 ms 9 108.170.252.83 (108.170.252.83) 90.067 ms 108.170.252.18 (108.170.252.18) 90.020 ms 108.170.252.65 (108.170.252.65) 90.430 ms 10 * * 209.85.252.77 (209.85.252.77) 90.872 ms 11 216.239.50.187 (216.239.50.187) 99.430 ms * 209.85.252.149 (209.85.252.149) 97.794 ms 12 108.170.230.210 (108.170.230.210) 98.329 ms 72.14.238.52 (72.14.238.52) 97.997 ms 97.910 ms 13 108.170.244.161 (108.170.244.161) 97.921 ms 108.170.235.98 (108.170.235.98) 98.316 ms 108.170.244.225 (108.170.244.225) 98.802 ms 14 108.170.232.125 (108.170.232.125) 97.839 ms 98.060 ms 98.173 ms 15 108.170.234.51 (108.170.234.51) 98.067 ms par10s27-in-f206.1e100.net (216.58.198.206) 97.811 ms 98.150 ms Ping to Cujam PING cujam.airservers.org (37.120.217.242) 56(84) bytes of data. 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=1 ttl=53 time=90.3 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=2 ttl=53 time=91.8 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=3 ttl=53 time=91.7 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=4 ttl=53 time=92.5 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=5 ttl=53 time=91.3 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=6 ttl=53 time=92.1 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=7 ttl=53 time=90.5 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=8 ttl=53 time=91.3 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=9 ttl=53 time=90.0 ms 64 bytes from 37.120.217.242 (37.120.217.242): icmp_seq=10 ttl=53 time=92.1 ms I wonder why there's no mention of "Berlin" in the traceroute hops, instead says FRA4 for Frankfurt.... Next we will compare this to Mirfak, a M247 Frankfurt server Traceroute to Mirfak [Redacted my ISP's traceroute hops] 5 * * * 6 if-ae-66-8.tcore1.l78-london.as6453.net (80.231.130.194) 93.049 ms if-ae-66-9.tcore1.l78-london.as6453.net (80.231.130.21) 92.427 ms if-ae-66-8.tcore1.l78-london.as6453.net (80.231.130.194) 92.662 ms 7 * if-ae-3-2.tcore1.pye-paris.as6453.net (80.231.154.142) 94.296 ms * 8 * * if-ae-11-2.tcore1.pvu-paris.as6453.net (80.231.153.49) 92.280 ms 9 * if-ae-49-2.tcore2.pvu-paris.as6453.net (80.231.153.21) 91.508 ms * 10 if-ae-55-2.tcore1.fr0-frankfurt.as6453.net (80.231.245.7) 100.752 ms 91.321 ms 92.308 ms 11 if-ae-55-2.tcore1.fr0-frankfurt.as6453.net (80.231.245.7) 88.325 ms 195.219.50.23 (195.219.50.23) 96.137 ms 94.877 ms 12 vlan2946.agg1.fra4.de.m247.com (193.27.15.243) 94.155 ms 37.120.220.116 (37.120.220.116) 93.367 ms 37.120.220.118 (37.120.220.118) 91.790 ms 13 vlan2917.as11.fra4.de.m247.com (212.103.51.191) 101.641 ms vlan2945.agg2.fra4.de.m247.com (193.27.15.241) 90.441 ms vlan2917.as11.fra4.de.m247.com (212.103.51.191) 93.836 ms 14 * vlan2917.as11.fra4.de.m247.com (212.103.51.191) 94.359 ms vlan2919.as11.fra4.de.m247.com (212.103.51.151) 96.080 ms 15 * * * 16 * * * The only difference in this traceroute is that the traffic goes through TATA instead of NTT which the Cujam server goes through, but the destination for both is the same: M247 in Frankfurt Traceroute to YouTube from Mirfak traceroute to youtube.com (172.217.17.46), 30 hops max, 60 byte packets 1 10.27.230.1 (10.27.230.1) 96.778 ms 96.764 ms 96.774 ms 2 vlan27.as11.fra4.de.m247.com (141.98.102.177) 97.067 ms 97.135 ms 97.329 ms 3 vlan2917.agg1.fra4.de.m247.com (212.103.51.190) 96.705 ms 96.704 ms 96.699 ms 4 37.120.128.148 (37.120.128.148) 97.120 ms 193.27.15.242 (193.27.15.242) 97.724 ms 37.120.128.148 (37.120.128.148) 97.107 ms 5 37.120.128.253 (37.120.128.253) 96.833 ms 96.835 ms vlan2906.bb1.ams1.nl.m247.com (37.120.128.248) 96.894 ms 6 no-mans-land.m247.com (185.206.226.71) 97.037 ms 37.120.128.253 (37.120.128.253) 95.349 ms 95.494 ms 7 no-mans-land.m247.com (185.206.226.71) 95.615 ms 10.252.45.190 (10.252.45.190) 98.342 ms 10.252.45.158 (10.252.45.158) 96.818 ms 8 216.239.47.244 (216.239.47.244) 96.897 ms 108.170.252.65 (108.170.252.65) 97.534 ms 142.250.46.244 (142.250.46.244) 96.712 ms 9 108.170.252.18 (108.170.252.18) 97.041 ms 108.170.251.144 (108.170.251.144) 97.279 ms 108.170.252.18 (108.170.252.18) 96.977 ms 10 * * * 11 209.85.244.158 (209.85.244.158) 104.649 ms * * 12 216.239.42.171 (216.239.42.171) 104.672 ms 216.239.42.102 (216.239.42.102) 116.455 ms 216.239.43.37 (216.239.43.37) 104.324 ms 13 216.239.42.171 (216.239.42.171) 104.748 ms 104.733 ms 216.239.43.37 (216.239.43.37) 115.898 ms 14 108.170.236.135 (108.170.236.135) 104.245 ms 104.183 ms 108.170.236.137 (108.170.236.137) 104.074 ms 15 ams16s29-in-f46.1e100.net (172.217.17.46) 103.791 ms 103.813 ms 102.372 ms Ping to Mirfak PING mirfak.airservers.org (141.98.102.234) 56(84) bytes of data. 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=1 ttl=53 time=89.3 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=2 ttl=53 time=89.8 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=3 ttl=53 time=89.1 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=4 ttl=53 time=90.6 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=5 ttl=53 time=89.6 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=6 ttl=53 time=89.2 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=7 ttl=53 time=90.0 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=8 ttl=53 time=90.0 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=9 ttl=53 time=87.6 ms 64 bytes from 234.102.98.141.in-addr.arpa (141.98.102.234): icmp_seq=10 ttl=53 time=88.9 ms Again, everything is near-identical, suggesting that these Berlin, Phoenix, and Barcelona locations are just falsified geolocation information and nothing more. With near-identical traceroutes, and ping values that don't differ by more than 1-2ms , it is extremely unrealistic that these servers are in the locations they claim to be. If you think my data is wrong/inaccurate, then feel free to repeat my experiment yourself, you will find the same thing. I would like to reiterate that I believe that AirVPN has no part in this falsification and that they have no ill will, I think they were duped/deceived by M247 to believe that the Phoenix, Berlin and Barcelona locations are actually real physical locations M247 has their servers located in. I think after these findings, AirVPN should have a long discussion with M247 staff about this falsification that took place.
  19. 4 points
    Staff

    AirVPN 11th birthday celebrations

    Hello! Today we're starting AirVPN eleventh birthday celebrations offering special discounts on longer term plans. It seems like it was only yesterday that we celebrated the 10th milestone birthday, and here we are, one year later already. From a two servers service located in a single country providing a handful of Mbit/s, the baby has grown up to a wide infrastructure in 22 countries in four continents, providing now 240,000+ Mbit/s to tens of thousands of people around the world. We still define it as a "baby", but AirVPN is now the oldest VPN in the market which never changed ownership, and it's one of the last that still puts ethics well over profit, a philosophy which has been rewarded by customers and users. 2020 (and 2021 so far) have been harsh years for the mankind but we have no rights to complain too much because AirVPN was only marginally touched by those terrible repercussions which affected many other business sectors in general. In spite of that, we could not maintain our promise to deliver native software for FreeBSD and we apologize for the failure. However, releasing software for FreeBSD, specifically AirVPN Suite, remains one of our goals, so stay tuned. On the other hand, Eddie desktop edition, AirVPN Suite for Linux, Hummingbird for Linux and macOS, and OpenVPN 3 AirVPN library were updated substantially and swiftly. Moreover, Eddie Android edition development has been recently re-opened to provide a new version updated to new requirements and specifications of Android 11 during 2021. Hummingbird was natively released for M1 based Apple Mac systems too, allowing a dramatic performance boost (up to +100% in >100 Mbit/s lines). Behind the scenes, infrastructure had some paramount improvements. The whole network in the Netherlands has been enlarged with additional redundancy and several servers around the world have had hardware upgrades. In Sweden and Switzerland we started operating servers connected to exclusive 10 Gbit/s lines and ports, and we optimized the environment to obtain more bandwidth from the OpenVPN processes. We managed to beat the previous 1.7 Gbit/s barrier. The performance on the customer side has improved and reached new peaks of excellence, as you can see here: https://airvpn.org/forums/topic/48234-speedtest-comparison/?do=findComment&comment=130191 Furthermore, the infrastructure has become fully Wireguard capable and throughout 2021 we will start offering Wireguard connections, in addition to OpenVPN ones, in an hardened environment which mitigates the numerous privacy problems posed by Wireguard. Last but not least we re-started operations in a fourth continent, Oceania, with a new server in New Zealand. All AirVPN applications and libraries are free and open source software released under GPLv3. It's worth quoting literally what we wrote last year for AirVPN birthday: Kind regards and datalove AirVPN Staff
  20. 4 points
    Reporting this issue as this started today, I get this on three different machines, 2x running 2.20.0, 1x running 2.19.7: AirVPN goes into an endless connect/cancel/re-connect loop, logs state: "Fetch url error:SSL peer certificate or SSH remote key was not OK" Already rebooted modem and router, flushed DNS on all machines, re-installed Eddie, reset Win firewall....did not help. The only way to get AirVPN to connect is to uncheck "Check if the VPN tunnel works" and "Check Air VPN DNS" (and still use Network lock)... Is this a known issue ? Thanks.
  21. 4 points
    I've had problems with IPv6 error as described and also Network Lock function since upgrading to 2.19.7 on Windows 10 Home. Tried thoroughly uninstalling and downgrading to an older version of Eddie but it didn't improve. Then tried uninstalling Eddie and installing OpenVPN 2.5 instead. Still had errors. Therefore Eddie was not the problem. Something in the log led me to try "Reset Network TCP/IP Stack" which I found at Open VPN's Community Wiki. It fixed my problem. Seems there are other ways to reset Window's network stack if you search for it. Below is taken from the Open VPN Wiki. Good luck! Windows Vista, 7, 8, 10 Search for Command Prompt > Run As Administrator > Enter the following commands one at a time > Restart computer. netsh winsock reset catalog netsh int ipv4 reset reset.log netsh int ipv6 reset reset.log
  22. 4 points
    Hello! We're very glad to inform you that a server located in Stockholm (SE) has been upgraded: Ain. Server is now connected to a 10 Gbit/s line and port, while the motherboard has been replaced with a more powerful CPU. IP addresses remain the same. You don't need to re-generate configuration files, even if you don't run our software. As usual the server includes load balancing between daemons to squeeze as much bandwidth as possible from the 10 Gbit/s line. The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other Air server, Ain supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/Ain Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team
  23. 4 points
    Staff

    ANSWERED CBS Broadcasting Inc. (CBS)

    Website: http://www.cbs.com Watch CBS television online. Find CBS primetime, daytime, late night, and classic tv episodes, videos, and information. Status: OK Native: no servers Routing: all servers Updated: 03-Aug-18
  24. 3 points
    Staff

    Eddie Desktop 2.21 beta released

    Hello! We're very glad to inform you that a new Eddie Air client version has been released: 2.21 beta. It is ready for public beta testing. How to test our experimental release: Go to download page of your OS Click on Other versions Click on Experimental Look at the changelog if you wish Download and install Please see the changelog: https://eddie.website/changelog/?software=client&format=html This version contains an almost completely rewritten code for routes management, DNS and more, so please report any difference from the latest stable release 2.20. This version implements WireGuard support. AirVPN servers will offer it, during an opt-in beta-testing phase, within September. WireGuard support is expected to work out-of-the-box (no need to install anything else but Eddie) in Windows and macOS. In Linux it works if kernel supports it (WG support by kernel is required). PLEASE CONSIDER THIS AS A BETA VERSION. Don't use it for real connections it's only for those who want to collaborate to the project as beta-testers.
  25. 3 points
    Hello! We're very glad to inform you that Eddie Android edition 2.5 alpha beta is available. UPDATE 2021-09-14: Alpha 2 is now available. UPDATE 2021-11-10: Alpha 3 is now available. UPDATE 2021-12-10: Beta 1 is now available. UPDATE 2021-12-17: Release Candidate 1 is now available. UPDATE 2021.-12-24: 2.5 has been released. Topic locked, let's move to # sha256sum org.airvpn.eddie-2.5-RC1-Unsigned.apk 2133a81c584ca7a20c930824b5823d1c882492a0bc23e22cd64c8f44ce839d1c org.airvpn.eddie-2.5-RC1-Unsigned.apk What's new in Eddie 2.5 RC 1 updated to the latest OpenVPN3-AirVPN and asio libraries extensive native library rewrite and revision for higher efficiency improved VPN concurrency management global objects enhanced instance handling linked against OpenSSL 1.1.1l (*) full integration with VPN traffic leaks prevention by system in Android 7 or higher version full compatibility with Android 10, 11 and 12, including ability to start and connect from a profile during device bootstrap ability to start and connect during bootstrap (if Master Password is disabled) according to a priority list which includes automatic choice, your defined country and your defined server ability to select directly an area (country, continent, planet) to connect to on the fly language change allowing to switch language without re-starting application unification of connection parameters between settings and server settings: changes on one side are mirrored to the other so that no discrepancy occurs anymore improved login credentials prompt: if wrong credentials are entered, the prompt is proposed again even when "Remember me" is selected VPN lock option off by default Opt-in Master Password which remains off by default TLS minimum required version set to 1.2 by default option to select an OpenVPN boot profile in Android 7 or higher version VPN lock is forced to off and cannot be activated if "Block connection without VPN" is enabled in Android 8 or higher version system settings connection restore now allows re-connection during the device bootstrap from the last active or default OpenVPN profile. It requires "VPN Always On" system setting active and Android 7 or higher version Force AES-CBC suite option has been removed compatibility with Android 5.1 and higher version has been maintained bug fixes solving various issues, including the crash occurring on specific devices when some contextual menu item to connect was selected new option to skip a single promotional message ("Do not show anymore") has been implemented, without prejudice to future promotional messages manifest permissions modified in order to populate correctly app black and white lists in Android 11 and 12 check the changelog at the end of the message (*) Eddie 2.4 was linked against mbedTLS library. Such a major change has been adopted to offer TLS 1.3 and slightly higher performance both with AES and CHACHA20 cipher suites. Please do not hesitate to report any variation in battery life and performance in your device compared to Eddie 2.4. Important note for Android TV users. In Android 10, 11 and 12, a VPN application can start and connect during the device bootstrap if and only if "Always on VPN" option is active. Unfortunately the option is not available in Android TV 10, 11 and 12. Therefore the ability to start at boot is lost. OpenVPN for Android and openvpn-connect applications are affected by the same constraint. For a complete list of Eddie Android edition features please see here: https://gitlab.com/AirVPN/EddieAndroid Special thanks in advance to all users who will test Eddie Android edition 2.5 alpha and beta versions! Changelog 2.5 RC 1 (VC 26) - Release date: 17 December 2021 by ProMIND - [ProMIND] Added "QUERY_ALL_PACKAGES" permission to the manifest - [ProMIND] Minimum TLS level now defaults to 1.2 - [ProMIND] VPN Lock is now off by default - [ProMIND] Removed force aes-cbc suite option - [ProMIND] Native library updated to the latest dependencies - [ProMIND] "AirVPN profile" has been renamed to "AirVPN Key" - [ProMIND] All android devices having at least API level 24 (Android 7) are now fully managed by Android system VPN facilities (including "VPN Always On" and "Block Connections without VPN") - [ProMIND] In case a connected OpenVPN profile is about an AirVPN server, the name is shown across the whole app instead if the IP - [ProMIND] Compression is now off by default - [ProMIND] Language override is now immediate and does not need app restart anymore Native Library - [ProMIND] Updated to OpenVPN3 3.7.1 AirVPN - [ProMIND] Moved to version 1.4 (Complete revision of code, structure and naming scheme) - [ProMIND] Moved all header files in eddie directory into include directory - [ProMIND] Renamed several 1.0 classes and members to more solid names - [ProMIND] Removed all references to boost library functions and switched to standard C++ equivalents api.cpp - [ProMIND] Added sslLibraryVersion() function api.hpp - [ProMIND] Added sslLibraryVersion() function client.cpp (Native library) - [ProMIND] Implemented private method releaseJniCallbackObject() - [ProMIND] Switched to instance model management for JNI callback object - [ProMIND] removed tun_builder_set_block_ipv6() function - [ProMIND] added tun_builder_set_allow_family() function client.hpp (Native library) - [ProMIND] Added private method releaseJniCallbackObject() - [ProMIND] removed tun_builder_set_block_ipv6() function - [ProMIND] added tun_builder_set_allow_family() function common.h (Native library) - [ProMIND] New file. It defines all common macros and includes constants.cpp (Native library) - [ProMIND] removed file constants.h (Native library) - [ProMIND] removed file macros.h (Native library) - [ProMIND] removed file stdafx.h (Native library) - [ProMIND] removed file types.h (Native library) - [ProMIND] removed file utils.cpp (Native library) - [ProMIND] Removed all C function and reimplemented as relative class methods - [ProMIND] Most of methods and functions have been rewritten from scratch - [ProMIND] Removed all references to boost library functions and switched to standard C++ equivalents AirVPNManifest.java - [ProMIND] Added method getServerByIP() - [ProMIND] Added method getFullServerDescription(String name) - [ProMIND] Added method getFullServerDescriptionByIP(String ip) - [ProMIND] Added method isEncrypted() - [ProMIND] Added Continent stats - [ProMIND] Added "Do not show again" methods for manifest messages AirVPNUser.java - [ProMIND] Added method isEncrypted() - [ProMIND] private class getUserLocation is now aware of current local country setting - [ProMIND] Added method reloadUserLocation() AirVPNServerProvider.java - [ProMIND] added "DEFAULT" case to getUserConnectionPriority() method AirVPNServerSettingsActivity.java - [ProMIND] TLS, Protocol, Port and IP Version are now linked to their relative default options BootVPNActivity.java - [ProMIND] Revamped VPN connection boot logics. It now supports AirVPN best server, AirVPN default server and AirVPN default country and improved management of default OpenVPN profile and last active connection ConnectAirVPNServerFragment.java - [ProMIND] Added default AirVPN items management - [ProMIND] Added direct connection to country's best server via context menu - [ProMIND] Added direct connection to continent and world best servers - [ProMIND] exportOpenVPNProfile() now exports profiles both to internal databse and external file - [ProMIND] Added export continent, country and server profile to file ConnectOpenVpnProfileFragment.java - [ProMIND] Added "set" and "unset" boot in context menu for OpenVPN profiles CountryContinent.java - [ProMIND] Added methods getTreeMapCountry and countryCount() - [ProMIND] Added methods getTreeMaoContinent() and continentCount() EddieApplication.java - [ProMIND] Initialization log messages are now sent once at the first run of the app instance - [ProMIND] Classes SettingsManager, EddieLogger, SupportTools, VPNManager, MainActivity, CountryContinent, AirVPNManifest, AirVPNUser and NetworkStatusReceiver are now instantiated here and the unique instance is used all over the app - [ProMIND] Checks whether manifest and user's data files are encrypted and sets "Enable Master Password" setting accordingly - [ProMIND] Added method isVisible() returning whether the app is in foreground or visible EddieEvent.java - [ProMIND] Removed generic onAirVPNIgnoredDocumentRequest - [ProMIND] Added onAirVPNIgnoredManifestDocumentRequest and onAirVPNIgnoredUserDocumentRequest - [ProMIND] Added onAirVPNRequestError event EddieEventListener.java - [ProMIND] Removed generic onAirVPNIgnoredDocumentRequest - [ProMIND] Added onAirVPNIgnoredManifestDocumentRequest and onAirVPNIgnoredUserDocumentRequest - [ProMIND] Added onAirVPNRequestError event EddieLogger.java - [ProMIND] Added instance and context support in order to keep the log across multiple runs belonging to the same app instance LogActivity.java - [ProMIND] Added "Clear log" button MainActivity.java - [ProMIND] At startup check whether system's "Block connections without VPN" setting is enable, if so VPN Lock is disabled and show a dialog - [ProMIND] Added new VPN Statuses management - [ProMIND] AirVPN Manifest messages are now shown only in case they have the "do not show again" flag turned off - [ProMIND] Max reconnection retries now supports infinite OpenVPNProfileDatabase.java - [ProMIND] Added "boot" element and relative methods - [ProMIND] Added "airVPNServerName" element and relative methods - [ProMIND] Added "airVPNServerLocation" element and relative methods - [ProMIND] Added "airVPNServerCountry" element and relative methods SettingsActivity.java - [ProMIND] In case system's "Block connections without VPN" setting is enable, VPN Lock is disabled and hidden - [ProMIND] Added controls for new settings - [ProMIND] Revised language change setting and adapted to new Android levels. The change is now immediate and does not require restart anymore - [ProMIND] Added infinite to max reconnection retries setting SettingsManager.java - [ProMIND] Added SYSTEM_IS_ALWAYS_ON_VPN and SYSTEM_VPN_LOCKOWN internal settings and relative get/set methods - [ProMIND] Added AIRVPN_CURRENT_LOCAL_COUNTRY and AIRVPN_CURRENT_LOCAL_COUNTRY_DEFAULT internal settings and relative get/set methods - [ProMIND] Added AIRVPN_DO_NOT_SHOW_AGAIN_MESSAGES and AIRVPN_DO_NOT_SHOW_AGAIN_MESSAGES_DEFAULT internal settings and relative get/set methods VPN.java - [ProMIND] Added CONNECTION_CANCELED to Status enum VPNManager.java - [ProMIND] Improved VPN concurrency management VPNService.java - [ProMIND] Check "VPN Always On" and "Block connections without VPN" system options and set Eddie's internal options accordingly WebViewerActivity.java - [ProMIND] http: and https: links are now opened by invoking the external browser - [ProMIND] Added bottom "Do not show again" layout bar - [ProMIND] Restore language/locale to the app setting and reverts Chrome/WebView default locale override Kind regards and datalove AirVPN Staff
  26. 3 points
    pmik76

    DNS Filtering

    Thank you for this amazing feature!
  27. 3 points
    blueport26

    Tom Spark review

    I like and use AirVPN but I don't trust him/his reviews. It's not hidden knowledge that the whole VPN review market is a bidding war between which company pays more. Here's my (salty) opinion. Although he uses a fixed script for each review and assigns points fairly, no matter which VPN he reviews he mentions his top scorers at least once per video. I have a feeling that the point of every non "S tier" review is to redirect customers, like "hey you know AirVPN is cool and has some promising features but check this two VPNs I'm affiliated with, they're the best". The review script is odd. He values <1h customer support response higher than all the privacy points combined. Speed test results may depend on the time of day, location and server load, so one day the score may be 50 and another 40 points or lower. A bit off-topic: There was a civil war/drama between some VPNs, mainly *cough*Windscribe*cough* and him. I was following their discord channel some time ago. Previously he was promoting them as one of the best VPNs, but when they announced shutdown of affiliate program he started throwing blames (telling a company that they should keep it - continue paying him). Since then he moved them to the bottom of the tier list .
  28. 3 points
    pj

    AirVPN not acknowledged on EFF's donation page?

    Hi, I worked for free on the 1st, 2nd and 3rd reading of the Telecoms Package for a grassroots organization in close contact and co-operation with several other organizations including La Quadrature du Net, EDRi, the Swedish Pirate Party and EFF Europe with Eddan Katz (International Affairs Director). I also worked against ACTA (the Anti Counterfeiting Trade Agreement) with Katz and several activists since when the very first secret discussion paper was published by Wikileaks in 2008 and up to the final and total "victory" with ACTA's rejection by the European Parliament in 2012. My main activities were legislative analysis, giving lectures in Brussels at the Commission and the Parliament sites, as well as around Europe, or having discussions with MEPs and when possible Commission personnel to defend and explain grassroots movements point of view. In 2010 I co-founded AirVPN and when it had so much success I moved to a more "fundamental", technical activism, and finally left the public activism with direct lobbying. soon after 2013, when AirVPN took 100% of my work time. Currently my activism is reflected by AirVPN activities, technical infrastructure, donations etc. Kind regards
  29. 3 points
    Staff

    New technical specifications

    Hello! VPN DNS and "Assigned IP address" technical specifications just changed. All the changes have been reported in the https://airvpn.org/specs page. The changed section is: Assigned IP Servers support both IPv4 and IPv6 tunnels and are reachable over IPv4 and IPv6 on entry-IP addresses. DNS server address is the same as gateway, in both IPv4 and IPv6 layer. Chosen IPv4 Local Address OpenVPN: 10.{daemon}.*.*, Subnet-Mask: 255.255.255.0 WireGuard: 10.128.0.0/10 Chosen IPv6 Unique Local Address (ULA) OpenVPN: fde6:7a:7d20:{daemon}::/48 WireGuard: fd7d:76ee:e68f:a993::/64 The new sections are: DoH, DoT Every gateway/daemon assigned to you acts as a DNS (port 53), DoH (dns-over-http, port 443), DoT (dns-over-tls, port 853). DoH and DoT don't add any actual benefit, because plain DNS requests are encrypted inside our tunnel anyway. However, users might need it for special configurations. In such cases, use dns.airservers.org (automatically resolved into VPN gateway address). Our DNS returns a NXDOMAIN for "use-application-dns.net", for compatibility reasons. Special resolutions check.airservers.org - Gateway IPv4 and IPv6 addresses exit.airservers.org - Exit-IPv4 and exit-IPv6 addresses use-application-dns.net - NXDOMAIN, for DoH compatibility, ensuring Air DNS will be used (for anti-geolocation features) Special URLs https://check.airservers.org - Info about connected server https://check.airservers.org/api/ - Same as above, in JSON Use https://ipv4.airservers.org or https://ipv6.airservers.org - Same as above, specific IP layer Kind regards and datalove AirVPN Staff
  30. 3 points
    Staff

    Server replacement (UK)

    Hello! We inform you that all of our VPN servers in Maidenhead will cease operations on 03 September 2021. They will be replaced by servers in London featuring more modern hardware. Unfortunately, both technical and non-technical reasons force us to leave the current dc in Maidenhead. Servers in London are anyway located just 40 Km from Maidenhead and they will be announced and available in the next days. The new machines will keep the same names in order to support the old FQDN used by OpenVPN client profiles. Since the datacenter seems to have put offline already a server before the natural expiration date, we could put the new servers online before the mentioned 03 September date. When new servers are turned on, older ones with the same name will be disconnected from the infrastructure. This thread will be updated, if necessary, accordingly. The replacement servers are five, while the replaced ones are six. That's because we might be adding in the future another datacenter in UK in a different location. Kind regards AirVPN Staff
  31. 3 points
    It would be great if the next beta updated Wintun to a newer version than 0.8. There has been significant improvements to it since then but the non standard install method makes it difficult to update independently of Eddie.
  32. 3 points
    Clodo

    Eddie Desktop 2.21 beta released

    After the testing, our Config Generator will be able to create WireGuard .conf file, usable without Eddie (wg / wg-quick or any official WireGuard app).
  33. 3 points
    I sampled about 6 different VPN's when I started a Soulseek server. I needed a VPN that supported Port Forwarding. I went with AirVPN because of it's reliability, and have not regretted it yet. Very very rarely has Eddie had issues connecting....maybe 2 time a year it gets hung up and I have to restart it. But otherwise it stays connected and people download from me 24/7.
  34. 3 points
    cambell

    AirVPN 11th birthday celebrations

    I am good, no need to buy. Happy b day.Your subscription will expirein 4182 days (ma. 8 nov. 2032 11:58
  35. 3 points
    AIRVPN DOES NOT RECOGNIZE ANYMORE VERISIGN, AFILIAS AND ICANN AUTHORITY. OUR COMMITMENT AGAINST UNITED STATES OF AMERICA UNFAIR AND ILLEGAL DOMAIN NAMES SEIZURES. The United States of America authorities have been performing domain names seizures since the end of 2010. The seizures have been performed against perfectly legal web-sites and/or against web-sites outside US jurisdiction. Administrators of some of those web-sites had been previously acquitted of any charge by courts in the European Union. The domain name seizures affect the world wide web in its entirety since they are performed bypassing the original registrar and forcing VeriSign and Afilias (american companies which administer TLDs like .org, .net, .info and .com) to transfer the domain name to USA authorities property. No proper judicial overview is guaranteed during the seizure. Given all of the above, we repute that these acts: - are a violation of EU citizens fundamental rights, as enshrined in the European Convention on Human Rights; - are an attack against the Internet infrastructure and the cyberspace; - are a strong hint which shows that decision capacities of USA Department of Justice and ICE are severely impaired; and therefore from now on AirVPN does not recognize VeriSign, Afilias and/or ICANN authority over domain names. AirVPN refuses to resolve "seized" domain names to the IP address designated by USA authorities, allowing normal access to the original servers' websites / legitimate Ip addresses. In order to fulfil the objective, we have put in place an experimental service which is already working fine. If you find anomalies, please let us know, the system will surely improve in time. Kind regards AirVPN admins
  36. 3 points
    Staff

    Wireguard plans

    @Flx The first message was approved by some moderator in the wrong thread, not a big deal. Then we moved the message on its own thread, this one. Then user "wireguard" posted more messages which were all approved by some moderator. @Brainbleach Of course. We were replying to "wireguard" who invites surreptitiously to punish AirVPN because AirVPN uses and develops actively OpenVPN: "Needless to say, investing in AirVPN means investing in OpenVPN, and that's not acceptable to me at this point," . He/she also kept claiming that "it's time to retire OpenVPN" (sic), that OpenVPN is a "truly disgusting hack" (sic) and so on,. showing his/her embarrassing ignorance and lack of good faith. Nothing to do with your messages. Funny how bogus account writers are so eager to become from time to time AirVPN software lead developers, general managers for AirVPN strategies, marketing directors and more. 😀 We wanted to prove beyond any reasonable doubt that his/her claim are unreasonable and based on wrong assumptions and terrible omissions, showing how Wireguard can not replace OpenVPN for a significant percentage of our customers and how our OpenVPN development has been beneficial for many users around the world. That said, we claimed that Wireguard needed to be developed and tested further years ago, so at the time our claim was totally reasonable. We also claimed years ago that the problem was not with CHACHA20 which to the best of nowadays knowledge is a very robust and secure cipher. Now the problems are different because Wireguard is asked to offer something which it was not designed for, i.e. providing some kind of anonymity layer. Such problems include lack of DNS push, lack of dynamic IP address assignment (with subsequent problems with client key-private address static correspondence, a very tough legal problem for us but above all for our customers), need of keeping client real IP address stored in a file. We have resolved them one by one with external software and internal work around. Once the problems are resolved in a robust way, which means testing thoroughly the adopted work-around, we can offer Wireguard, not earlier. Kind regards
  37. 3 points
    OpenSourcerer

    Wireguard

    I can confirm it is coming. Even though wg matured a bit, it's still got technical and privacy caveats Staff will make very clear when the first experimental servers hit the scene. However, I cannot say when. Stay tuned for more info on the Announcements forum.
  38. 3 points
    Staff

    VPNs - Caught in Lying!?!

    @arteryshelby We do not log and/or inspect our customers' traffic. Since 2010 you can't produce any single case, and not even the slightest clue, in which the identity of an AirVPN customer has been disclosed through traffic log and/or inspection and/or any other invasive method. It means a lot, given that various younger VPN services have been caught lying (ascertained court cases) and that AirVPN is now the oldest still active VPN service, with the exception of a minor service which anyway changed ownership twice in the last 12 years. By the way we have never asked our customers to blindly believe in our words. We do not block Tor and we even integrate its usage in our software, so you can be even safer if you can't afford to trust us OR some datacenter. For example you can use Tor over OpenVPN, to hide Tor usage to your country and ISP, and at the same time hide your traffic real origin, destination, protocol etc. to us and the datacenter the server is connected into. Last but not least, we invest a lo of money in Tor infrastructure and in 2017, 2018 and 2019 more than 2.5% of global world Tor network traffic transited on Tor exit-nodes paid by AirVPN. It is an important achievement we're proud of, and it hints to good faith. Kind regards
  39. 2 points
    Karmatron

    DNS stops working

    I am experiencing intermitting DNS problems, where noting gets resolved anymore. I am using Eddie 2.21.3beta and Wireguard. I have to connect to another server for DNS to work again. Which server doesn'tmatter, as after some time to problem reoccurs and I have to connect to yet another server to get it working again for some time. Rinse and repeat so to say. I have no idea if it is either Eddie, Wireguard or something else related.
  40. 2 points
    That's very true. I don't have any problem with M247 as a company, it's just that it would be nice to support AS diversity to help get around blocks. AS 9009 is commonly blocked due to the abuse that often comes from it.
  41. 2 points
    @ciudad Hello! It's not planned at the moment because it's more comfortable for us the current single tls-crypt key. tls-crypt 2 doesn't change anything for the client, while on the server side, in our specific case, it would be useless because we maintain tls-auth for backward compatibility,. Any denial attempt would remain potentially possible via tls-auth, hence we would have a complication for nothing. However when we drop tls-auth (we're afraid not in the near future because of the amount of old OpenVPN versions connecting to our service) then tls-crypt-2 will become attractive indeed.. Kind regards
  42. 2 points
    Staff

    New feature: DNS block lists

    Thank you for your great feedback and the head up. Lists should have been updated every 24 hours but the procedure started failing recently. We are working on it to detect the problem and restore the normal update every 24 hours. EDIT: problem detected and fixed. Kind regards
  43. 2 points
    yoyall

    New feature: DNS block lists

    @blueport26 I don't know if there's a quicker way to identify which domains need to be whitelisted, but here's what I did. Using Firefox I right-clicked and "inspected" the page. Then, I clicked network and refreshed the page. You should then see which domains don't resolve. Again, I'm sure there's a better way but that's how I did it. Hope that helps. I too noticed that changes don't take effect until I disconnect and reconnect Eddie. @Staff Well done AirVPN - really like this new feature! 👍🙏
  44. 2 points
    Thu Oct 7 07:49:32 BST 2021 @Clodo > If you have this issue, please try to download this file: https://airvpn.org/static/keys/ca512.crt and replace CA crt in "OpenVPN for Android" config. Have verified the new signature: Signature Algorithm: sha512WithRSAEncryption however, still getting the error: OpenSSL: error:0A00018E:SSL routines::ca md too weak It appears that this is being generated from the embedded client cert: Signature Algorithm: sha1WithRSAEncryption Ref: https://github.com/schwabe/ics-openvpn/issues/1374#issuecomment-935944072 Update: from schwabe: "As for the CA. OpenSSL might also be upset by the CA sent by the server and not just the one used in the profile itself."
  45. 2 points
    Thanks for posting about this. I never did get a response from the AirVPN staff about it.
  46. 2 points
    @airvpnforumuser Hello! No, never, because the investigations follow a different path. However, we received request for information several times. Such requests relied exclusively on data retention which we do not perform according to the legal framework of countries the servers are located in and/or according the decisions of the CJEU on blanket data retention. We do not inspect or log traffic content or metadata. No, we never received gag orders outside the scope of the aforementioned requests, i.e. prohibition to inform the final user that an investigation is ongoing about him or her in case we could identify the user, which never happened for the same reasons above. You don't, as we never publish private communications regardless of the entity or person sending them, no matter who they are. Kind regards
  47. 2 points
    blueport26

    Server replacement (UK)

    The problem with M247 is that they are the most widely used server provider across VPNs (and probably one of the cheapest), they have POPs in many cities. Some sites already block access solely on IP ranges used by M247. I suspect that it's really hard to find a new hosting/datacenter that will match all the security criteria and be traffic neutral (because of torrent seeding - DMCAs). From time to time I've used the servers that are in replacement now, and they gave me good speeds. Let's hope the new ones will be as good as old ones Regarding the content blocking. I've tested some other VPNs and found one that is doing something innovative in this regard. From what I could find they are somehow faking the IP address when I visit sites like ipinfo.io (which provide API for blockers). I think that allows them to bypass many restrictions while still hosting their servers at M247. Still I don't think we'll ever have a 100% working solution. Once workaround is found a new mechanism will be implemented by sites like netflix etc.
  48. 2 points
    @ProphetPX Hello! The "graduated response" in the United States (aka "three strikes") was a voluntary agreement between ISPs and copyright holders to terminate the line of an alleged copyright infringer for several months or one year, without court order and inaudita altera parte (no right to defense ex ante) and put him/her in a black list so that he/she can't re-connect to the Internet with any other provider while he/she serves his/her sentence for the alleged, unproven behavior. The agreement was followed by most if not all ISPs from 2011 to 2017, causing tens of thousand of controversial disconnections. However, it had no impact at all on on the amount of copyright infringements and it was abandoned in 2017. Sony attempt might aim at transforming the abandoned voluntary agreement into an obligation by law as it is in France, New Zealand and South Korea for example, by eroding, through a legal precedent, the safe harbor liability exemptions in the USA for ISPs. The graduated response is totally ineffective against those who protect their traffic behind serious VPN services. https://en.wikipedia.org/wiki/Graduated_response https://en.wikipedia.org/wiki/Online_Copyright_Infringement_Liability_Limitation_Act Kind regards
  49. 2 points
    OpenSourcerer

    ANSWERED Strange Server Load

    What you see as this bar is the cumulative usage of the Gbit link, download and upload. A full duplex link is 1 Gbit/s down and up at the same time, though, so the graphs are more correct on what is being used, which is, for that server at peak times, 900 Mbit/s down and 900 Mbit/s up, represented as a peak 1800 Mbit/s on the bar. Thus, the capacity is in reality 90% saturated. So if you download a Linux ISO with 100 Mbit/s (12.5 MB/s), it will be represented as 200 Mbit/s in the bar, but in reality the AirVPN server downloads the ISO with 100 Mbit/s and at the same time uploads it to you with 100 Mbit/s. As a side note: It is important to note that this does not apply to the Top Users overview. If you download the ISO with 100 Mbit/s, this is what gets ranked, not the double of it.
  50. 2 points
    Heads up: Last I heard, Apple robbed the system interfaces Little Snitch uses of its teeth. Some Apple services, including telemetry, are unblockable with this on Big Sur and up.
×
×
  • Create New...