Jump to content
Not connected, Your IP: 18.206.14.36

Leaderboard


Popular Content

Showing content with the highest reputation since 06/28/21 in all areas

  1. 13 points
    Hello! We're very glad to announce that, in compliance with its mission, AirVPN proudly supports WikiLeaks https://wikileaks.org in 2021 too, with a 0.32577602 BTC donation, around 20,000 USD at the moment of the transaction. WikiLeaks is an international non-profit organization that publishes news leaks and classified media provided by anonymous sources. Since 2006, the group has released a huge amount of documents of paramount importance and public interest, with an outstanding 100% accuracy so far, which deeply changed our vision and knowledge of the world. https://www.blockchain.com/btc/tx/527abecb9e8959556fd01cba66b45890a71f643eddff3cb1d6f9d4ffd39dc15b AirVPN's mission: https://airvpn.org/mission Kind regards & datalove AirVPN Staff
  2. 12 points
    Staff

    New feature: DNS block lists

    Hello! We're glad to introduce a new feature in AirVPN infrastructure: DNS block lists. By default, AirVPN DNS remains neutral in accordance with our mission. However, from now on you have the option to enforce block lists which poison our DNS, in order, for example, to block known sources of ads, spam, malware and so on. You can manage your preferences in your account Client Area ⇨ DNS panel https://airvpn.org/dns/. We offer only lists released with licenses which grant re-distribution for business purposes too. The system is very flexible and offers some exclusive features never seen before in other VPN services: You can activate or de-activate, anytime, any combination of lists. You can add customized exceptions and/or additional blocks. Any specified domain which must be blocked includes all of its subdomains too. Lists which can return custom A,AAAA,CNAME,TXT records are supported. You can define any combination of block lists and/or exceptions and/or additions for your whole account or only for specific certificate/key pairs of your account (Client Area ⇨ Devices ⇨ Details ⇨ DNS) Different matching methods are available for your additions and exceptions: Exact (exact FQDN), Domain (domain and its subdomains), Wildcard (with * and ? as wildcards), Contain, Start with, End with. An API to fetch every and each list in different formats (see Client Area ⇨ API ⇨ dns_lists service) is active Any change in your selected list(s), any added exception and any added block is enforced very quickly, within few tens of seconds. You don't need to disconnect and re-connect your account. You can define your own lists and discuss lists and anything related in the community forum here Essential requisite to enjoy the service is, of course, querying AirVPN DNS while your system is connected to some VPN server, which is by the way a default setup if you run any of our software. Kind regards & datalove AirVPN Staff
  3. 12 points
    Staff

    Ukraine Server Future?

    Hello! Unfortunately there's nothing we can do during these grim and tragic days. Russians are actively destroying various infrastructural resources and might enter Kyiv any time. Our deepest sorrow is caused by the uncertain fate of the Ukrainian people. Who cares about a single server, but we will keep operating it, even as a symbol, as long as the infrastructure works, and it will remain displayed in the servers status page with the Ukraine flag. Kind regards
  4. 10 points
    Staff

    AirVPN 12th birthday celebrations

    Hello! Today we're starting AirVPN twelfth birthday celebrations offering special, strong discounts on longer term plans. From a two servers service located in a single country providing a handful of Mbit/s, the baby has grown up to a wide infrastructure in 23 countries in four continents, providing now 240,000+ Mbit/s to tens of thousands of people around the world. We still define it as a "baby", but AirVPN is now the oldest VPN in the market which never changed ownership, and it's one of the last that still puts ethics well over profit, a philosophy which has been rewarded by customers and users. During the last year, AirVPN added important features, even according to customers requests: integrated and full WireGuard support on all VPN servers optional lists selection to block spam, ads, trackers and other malicious sources, featuring a unique and fine grained customization which is exclusive on the nowadays market improved inbound remote port forwarding interface and implementation The infrastructure saw a robust power up in Tokyo, where we have now 14000 Mbit/s available (7000 Mbit/s full duplex), with more powerful hardware, and a small addition in Ireland. The VPN servers and the back service ones have had some minor security improvements as well as ordinary system updates as usual. Optimized software, and also WireGuard implementation, allowed our server to deliver high performance more smoothly, thanks to the improved balancing between threads and of course the good WireGuard scalability. On the software side, all AirVPN applications and libraries are still free and open source software released under GPLv3. WirteGuard has been fully integrated in the Desktop edition of Eddie, while Eddie Android edition will support it in the next version which is imminent (a public alpha release will be ready in June). All the applications are continuously developed and updated to provide an even better experience and performance. Kind regards and datalove AirVPN Staff 
  5. 8 points
    Staff

    New 1 Gbit/s server available (IE)

    Hello! We're very glad to inform you that a new 1 Gbit/s full duplex server located in Dublin, Ireland, is available: Minchir. The AirVPN client will show automatically the new server; if you use any other OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637 UDP for WireGuard. Minchir supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/minchir Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team
  6. 8 points
    Staff

    AirVPN vs ProtonVPN.

    With all due respect for an old time customer like you, comparing AirVPN with ExpressVPN is an insult we can't accept. ExpressVPN has always been perfectly aware that one of its executives was an American intelligence operative who helped UAE human rights hostile government in cracking operations. We do agree with Edward Snowden when he says that you must not use ExpressVPN. Incidentally, ExpressVPN is now part of a big group that, throughout the past decade, was an adware based business with shady privacy practices. Please check: https://www.vice.com/en/article/3aq9p5/expressvpn-uae-hacking-project-raven-daniel-gericke https://twitter.com/josephfcox/status/1438127822883729412 https://twitter.com/Snowden/status/1438291654239215619 https://www.theregister.com/2021/09/14/expressvpn_bought_kape/ Kind regards
  7. 7 points
    Staff

    No log4j vulnerability here

    Hello! We would like to inform you that we have never used the Apache Logging Services and/or Java in general, so any Log4j vulnerability, CVE-2021-44228 included (overall CVSS score 10.0 - critical) doesn't affect AirVPN web site or anything related to AirVPN. https://nvd.nist.gov/vuln/detail/CVE-2021-44228 Kind regards and datalove AirVPN Staff
  8. 6 points
    Staff

    Eddie Desktop Edition 2.21.6 released

    Eddie 2.21.6 Desktop Edition released Hello! We're very glad to inform you that a new stable release of Eddie is now available for Linux (various ARM based architectures included, making it compatible with several Raspberry Pi systems), Mac, Windows. Special thanks to all the beta testers, whose invaluable contributions and suggestions in the last 9 months have helped developers fix several bugs and improve the overall stability of the software. Eddie is a free and open source (GPLv3) OpenVPN GUI and CLI by AirVPN with many additional features such as: traffic leaks prevention via packet filtering rules DNS handling optional connections over Tor or a generic proxy customizable events traffic splitting on a destination IP address or host name basis complete and swift integration with AirVPN infrastructure with OpenVPN and WireGuard white and black lists of VPN servers ability to support IPv4, IPv6 and IPv6 over IPv4 What's new in Eddie 2.21.6 WireGuard support including thorough and swift integration with AirVPN enhanced wintun support in Windows, resolving TAP driver adapter issues and boosting performance, and now set by default as a replacement of TAP driver (which remains optionally available) updated Hummingbird 1.2.0 support in Linux and macOS for increased performance (up to 120% boost in macOS i7 and M1 systems when compared against OpenVPN 2) new ping engine updated Portable and AppImage bundles for improved Linux distributions compatibility constant monitoring of resolv.conf in Linux to mitigate and resolve DNS interference refined network interface management and driver detection in Windows bootstrap servers IPv6 address support unquoted service fix aimed at security hardening in Windows updates of all underlying linked libraries as well as dynamic link against some libraries providing enhanced robustness resolution of memory leaks in Windows starting to occur after numerous usage hours several bug fixes Operating and architectural notes Eddie GUI and CLI run with normal user privileges, while a "backend" binary, which communicates to the user interface with authentication, gains root/administrator privileges, with important security safeguards in place: strict parsing is enforced before passing a profile to OpenVPN in order to block insecure OpenVPN directives external system binaries which need superuser privileges (examples: openvpn, iptables, hummingbird) will not be launched if they do not belong to a superuser Eddie events are not run with superuser privileges: instead of trusting blindly user's responsibility and care when dealing with events, the user is required to explicitly operate to run something with high privileges, if strictly necessary Backend binary is written in C++ on all systems (Windows included), making the whole application faster. Settings, certificates and keys of your account stored on your mass storage can optionally be encrypted on all systems either with a Master Password or in a system key-chain if available. Download Eddie 2.21.6 Eddie 2.21.6 can be downloaded here: https://airvpn.org/linux - Linux version (several architectures and various distribution specific packages for easier installation) https://airvpn.org/macos - Mac version https://airvpn.org/windows - Windows version Eddie is free and open source software released under GPLv3. Source code is available on GitHub: https://github.com/AirVPN/Eddie Complete changelog can be found here. Kind regards & datalove AirVPN Staff
  9. 6 points
    UPDATE 2022-05-02 BETA TESTING HAS BEEN COMPLETED. WIREGUARD ACCESS IS NOW AVAILABLE TO ANYONE AND CONSIDERED STABLE IN AIRVPN INFRASTRUCTURE Hello! We're glad to announce the beginning of WireGuard beta testing in AirPVN infrastructure. In order to test WireGuard, go to Client Area ⇨ Preferences and activate Access to BETA Features. This will allow you to see specific guides and options pertaining to WireGuard. About privacy concerns, we wrote a FAQ answer here . Please make sure to read it. WireGuard with Eddie If you want to use Eddie, go to download page of your OS, and click Other versions ⇨ Experimental in Eddie download pages. Linux note: Eddie doesn't recognize WireGuard until it is present at kernel level. Use cat /sys/module/wireguard/version to check your WireGuard kernel module. Wireguard will be available in Preferences > Protocols window (logout and login from Eddie's main window might be necessary). WireGuard without Eddie Otherwise, for official WireGuard app/binaries, see the guides below: Windows - with official WireGuard app (GUI) ⇨ https://airvpn.org/windows/wireguard/gui/ macOS - with official WireGuard app from App Store (GUI) ⇨ https://airvpn.org/macos/wireguard/appstore/ macOS - with Homebrew, terminal ⇨ https://airvpn.org/macos/wireguard/homebrew/ Linux - with official WireGuard from your distro, terminal ⇨ https://airvpn.org/linux/wireguard/terminal/ iOS - with official WireGuard app from App Store (GUI) ⇨ https://airvpn.org/ios/wireguard/appstore/ Android - with official WireGuard app from Play Store (GUI) ⇨ https://airvpn.org/android/wireguard/playstore/ The guides above will be also shown in Download section when Beta Features option is checked. Notes: We will add other connection ports, suggestions are welcome. We automatically generate WireGuard keypair (and preshared-key), and assigned IPv4/IPv6 addresses, for any device, no action required. Kind regards & datalove AirVPN Staff
  10. 6 points
    Staff

    Spooky Halloween 2021 deals

    Hello! We reluctantly have to announce gloomy news to you all: Spooky Halloween Deals are now available in AirVPN... Save up to 74% on AirVPN longer plans (*) (*) When compared to 1 month plan price Check all plans and discounts here: https://airvpn.org/plans If you're already our customer and you wish to jump aboard for a longer period any additional plan will be added on top of already existing subscriptions and you will not lose any day. Every plan gives you all the features that made AirVPN a nightmare for snoopers and a scary service for competitors: a clear mission without compromises https://airvpn.org/mission active OpenVPN 3 open source development WireGuard support exclusive and very flexible, opt-in block lists against malware and other hostile entities. Pick pre-defined lists, add exceptions or additional blocks, or just use our totally neutral DNS by default ChaCha20 cipher on OpenVPN Data Channel for higher performance and longer battery life on tablets and smart phones IPv6 support, including IPv6 over IPv4 configurable remote port forwarding refined load balancing to squeeze every last bit per second from VPN servers free and open source software for Android, Linux, Mac and Windows easy "Configuration Generator" web interface for access through third party software guaranteed minimum bandwidth allocation GDPR compliance and very high standards for privacy protection no log and/or inspection of clients' traffic effective traffic leaks prevention by AirVPN software Tor support via AirVPN software on Linux, Mac and Windows various cryptocurrencies accepted without any intermediary no obligation to use our free and open source software to enter AirVPN infrastructure. Interoperability is an AirVPN priority. perfectly clear and easy to read Privacy Notice and Terms https://airvpn.org/privacy No tricks, only treats! Grim regards & datathrills AirVPN Staff
  11. 6 points
    Hello! The current state of play as well as important clarifications. The issue occurs only in those OpenVPN clients linked against OpenSSL 3 and only to some of our users, see below Since 2017, our system generates CRT signed with SHA512 algorithm. Previously they were signed with SHA1. Regeneration of old CRT is not triggered and forced by us automatically, because it would invalidate any previous OVPN configuration file out there and lock out the user who does not follow our forum, notification e-mails etc. @rprimus you have a client CRT (user.crt) dated 2015. You and anybody else using pre-2017 user certificates: please go to your "Client Area" > "Devices" menu, renew your cert/key pair, re-download your OVPN configuration files from the Configuration Generator, use them and you will be fine. (*) The problem has never been caused by the CA certificate. Replacing the CA.crt is not mandatory, it just avoids warning message (that you can safely ignore and has nothing to do with the main issue of this thread) you may meet in Eddie Android edition, Hummingbird and Bluetit. Anyway, now even ca.crt is SHA512 signed, so you will not get anymore the mentioned warning (*) Yellow rows show certificates which use a signature based on a deprecated for security reasons hash algorithm (SHA1). They are still here to ensure backward compatibility, because we can't know whether you still use them in generated profiles. However, future OpenVPN versions might not allow them anymore. Click 'Renew' or 'Delete' to resolve the issue. After that, re-generate profile(s) with our Configuration Generator. If you run our client software Eddie, you just need to log your account out and in again from the main window. Kind regards
  12. 5 points
    wunderbar

    RT blocked from some EU servers

    Hello. Absolutely not. Censorship of any legal free speech is totally unacceptable and must be completely rejected in all cases. If you prevent other people from speaking, you are no better than the ones you claim to be protecting other people from.
  13. 5 points
    Staff

    Two new 1 Gbit/s servers available (JP)

    Hello! We're very glad to inform you that two new 1 Gbit/s full duplex servers located in Tokyo, Japan, are available: Albaldah and Bharani. The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and port 1637 UDP for WireGuard. Albaldah and Bahrani support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check servers status as usual in our real time servers monitor: https://airvpn.org/servers/albaldah https://airvpn.org/servers/bharani Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team
  14. 5 points
    Staff

    Black Friday Sale 2021

    Hello! We're very glad to inform you that the Black Friday week has just begun in AirVPN! Save up to 74% when compared to one month plan price Check all plans and discounts here: https://airvpn.org/buy If you're already our customer and you wish to jump aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. AirVPN is one of the oldest and most experienced consumer VPN on the market, operating since 2010. It never changed ownership, it was never sold out to data harvesting or malware specialized companies as it regrettably happened to most competitors. AirVPN does not inspect and/or log client traffic, and offers: five simultaneous connections per account IPv6 full support AES-GCM and ChaCha20 OpenVPN ciphers on all servers WireGuard support on all servers Perfect Forward Secrecy with unique per-server 4096 bit Diffie-Hellman keys active daemons load balancing for unmatched high performance - current 'all time high' on client side is 730 Mbit/s with OpenVPN and 1046 Mbit/s with WireGuard even more, exclusive features, such as DNS customizable and flexible block lists to neutralize sources of ads, spam, trackers etc. AirVPN is the only VPN provider which is actively developing OpenVPN 3 library with a fork that's currently 113 commits ahead of OpenVPN master and adds key features and bug fixes for a much more comfortable and reliable experience: AirVPN, in accordance with its mission, develops only free and open source software for many platforms, including Android, Linux (both x86 and ARM based systems), macOS and Windows. Kind regards & datalove AirVPN Staff
  15. 5 points
    spinmaster

    [Proposal] [Implemented] OISD

    I'd like to propose adding the (very popular) OISD Blocklist. This list is also used by other free DNS "Adblock" services like Adhole.org, AhaDNS.com, etc. OISD (https://oisd.nl/) OISD is a pre-filtered blocklist consisting of lots of other popular blocklists. Domains which do not resolve from these blocklists are filtered out on a daily basis. OISD is focusing on functionality and not overblocking. License: ? I couldn't find any licensing information on the website. Raw URL: https://dbl.oisd.nl/ or (alternatively) https://hosts.oisd.nl/
  16. 4 points
    Staff

    Server replacement (LV)

    Hello! We inform you that the following servers in Latvia: Meissa Phact Schedir Shaula have become suddenly nonoperational because the upstream of our provider blocked all traffic. They should come back online within a couple of days, due to new deals with a new transit provider. However, all IP addresses will change. We have decided that this is a good moment to switch to new lines and servers: we are changing the previous 100 Mbit/s lines with 1 Gbit/s lines and ports, and replacing the hardware with more powerful CPU. The four 100 Mbit/s servers will be replaced by three 1 Gbit/s servers. Location will not change, the new servers will be in Riga. We should be able to announce the new servers in the next days. EDIT 2022/02/02: replacement has been completed. Kind regards and datalove AirVPN Staff
  17. 4 points
    Clodo

    [Proposal] [Implemented] OISD

    Thanks, Basic and Extra will be included as soon as possible. "Full" is huge (>300k entries the wildcard version), we need to perform some stress test (ensure that it doesn't slow down resolution) before inclusion.
  18. 4 points
    Hello, Recently I have noticed that it looks like the Phoenix AirVPN servers (Bootes, Chalawan, Indus, Phoenix, Virgo) , Berlin AirVPN Server (Cujam) , and Barcelona AirVPN server (Eridanus) are not actually located where M247 claims they are located, and it appears M247 is misrepresenting the locations of these servers If you go to the status page of any "Phoenix" server for example https://airvpn.org/servers/Bootes/ you will see the latencies to other cities where AirVPN has servers, and it shows 0ms to Los Angeles, that wouldn't be physically possible if the Phoenix servers were truly located in Phoenix. This points to the Phoenix servers truly being hosted in Los Angeles Additionally, on a personal VPS server of mine which is located in Los Angeles, I get less than 1ms latency between my VPS in Los Angeles to the AirVPN "Phoenix" servers, which, again, points to the Phoenix servers truly being in Los Angeles, because this 1ms latency would not be physically possible between Los Angeles and Phoenix And if you go to the status page of the "Berlin" server https://airvpn.org/servers/Cujam/ It shows 0ms latency to Frankfurt, also not physically possible This points to the Berlin servers really being in Frankfurt And if you go to the status page of the "Barcelona" server https://airvpn.org/servers/Eridanus/ It shows 0ms latency to Madrid, again, not physically possible! This points to the Barcelona servers truly being hosted in Madrid M247 may say that if you do a WHOIS lookup on their Phoenix IP block, the description is "M247 Phoenix" but honestly this is not proof at all, as the network admins can set whatever netname and description they want when they're creating the inetnum object in their RIR's database. For additional proof other than the "Berlin" , "Barcelona", and "Phoenix" that Air has from M247, Here is M247's full list of locations according to their website You can see that neither Berlin, Phoenix, or Barcelona is on this list. https://m247.com/services/host/dedicated-servers/ From the website, their locations: Europe: Amsterdam, NL Belgrade, RS Brussels, BE Bucharest, RO Budapest, HU Copenhagen, DK Dublin, IE Frankfurt, DE London, UK Manchester, UK Madrid, ES Milan, IT Oslo, NO Paris, FR Prague, CZ Sofia, BG Stockholm, SE Warsaw, PL Vienna, AT Zurich, CH North America: Dallas, TX, USA Los Angeles, CA, USA Miami, FL, USA New York Metro Area, USA (Secaucus, NJ) Montreal, QC, CA Asia and Middle East: Dubai, UAE Hong Kong, HK Singapore, SG Tokyo, JP Oceania: Sydney, AU Based on this information it is clear to see that M247 is misrepresenting the locations of AirVPN's Phoenix, Berlin, and Barcelona servers, From being a customer of Air for as long as I have, I can tell that the Air staff are honest and they have provided and continue to provide a great and true service, this is extremely evident for example by looking at how AirVPN left France because of the concerning legal framework there, and why AirVPN does not operate in Poland or Italy for similar reasons, even though other VPNs gladly operate services in those countries. It's clear as day to see that AirVPN is not deceptive or untruthful at all, so I am absolutely not accusing Air at all of participating in this misrepresentation, it just seems to me like Air was duped by M247 into buying these servers that are reported to be in a different location than the one they are truly in. So given that the 5 Phoenix AirVPN servers , the 1 Berlin server, and 1 Barcelona server are falsely geolocated, it would be good idea for Staff to replace those servers with ones that are actually in the reported locations, or just change the reported location of those servers in Eddie to reflect the true locations.
  19. 4 points
    Stalinium

    Happy AirVPN power user

    I don't know what to write about... Everything's fine and I love AirVPN. Sounds cheesy but it is what it is. I've been using AirVPN for half a year. Many servers to choose from, very transparent from the user's point of view - something I value. Transparency about server status and an API (admittedly I haven't used it much). From reading the forums I grasped that AirVPN has very strict (legal) criteria for choosing server locations (countries), an approach that is unique across all providers I've seen so far. Yea placing servers in China wouldn't be the best idea or many other more "democratic" as a matter of fact which were ruled out. The config generator is awesome if you're not using their open source client Eddie (bonus points again!) - plenty of flexibility. Configs? Afaik there're some providers out there who still have user/password prompt on each connection, laughable. AirVPN not only properly makes use of certificates (that's how the server knows you are you without asking for credentials) and on top of that allows you to properly distribute different access keys across your devices (in case of theft etc). Lost a device? Revoke access to that single one and done! Port-forwarding support ALONG WITH Dynamic DNS is unparalleled. Sure an advanced user probably could create an ad-hoc DDNS solution for themself, but offering it along the VPN is ingenius. The servers are very stable, the stats currently show a user has been connected since January. I've read comments where other VPNs often force reconnects etc, that just sounds wild to me. Before AirVPN I've been on a private VPN server with 24/7 uptime and that's the quality of service I got used to and wouldn't want to downgrade from (looking at those other VPN providers) The AirVPN forums are a great source of information. The staff cannot be commended enough for responding to concerns and generally being here for discussion. @OpenSourcerer is a damn community hero, this place is unimaginable without him! I myself have contributed in one form or another and will continue to. As a side note to forums: AirVPN appears to have customized the forum software for privacy. I can't assess how far it goes (hopefully "enough"), and it's a far better choice than those completely relying on Reddit - undoubtedly a useful puppet of/for the certain government. The only problem I've had was with initial payment. I bought the 1 month plan and found no clear indications it was still active (because it is a PayPal recurring payment), so before the month expired I bought the 1 year plan. I was quite surprised to see a few days later my access days to have been extended by +31d - the automatic Paypal payment kicked in and I paid a single month extra. Though I like the service so much I decided not to bother with a refund (consider it a donation hehe). You need to login in Paypal to cancel those, I wish this was made clear/er. What's unclear to me was whether/how much info is retained on payment after all the transactions... but to grossly paraphrase an official response: use crypto. Just make sure your mug shot (photo) isn't connected to the coin wallet Roses are red, AirVPN's great.
  20. 4 points
    AIRVPN DOES NOT RECOGNIZE ANYMORE VERISIGN, AFILIAS AND ICANN AUTHORITY. OUR COMMITMENT AGAINST UNITED STATES OF AMERICA UNFAIR AND ILLEGAL DOMAIN NAMES SEIZURES. The United States of America authorities have been performing domain names seizures since the end of 2010. The seizures have been performed against perfectly legal web-sites and/or against web-sites outside US jurisdiction. Administrators of some of those web-sites had been previously acquitted of any charge by courts in the European Union. The domain name seizures affect the world wide web in its entirety since they are performed bypassing the original registrar and forcing VeriSign and Afilias (american companies which administer TLDs like .org, .net, .info and .com) to transfer the domain name to USA authorities property. No proper judicial overview is guaranteed during the seizure. Given all of the above, we repute that these acts: - are a violation of EU citizens fundamental rights, as enshrined in the European Convention on Human Rights; - are an attack against the Internet infrastructure and the cyberspace; - are a strong hint which shows that decision capacities of USA Department of Justice and ICE are severely impaired; and therefore from now on AirVPN does not recognize VeriSign, Afilias and/or ICANN authority over domain names. AirVPN refuses to resolve "seized" domain names to the IP address designated by USA authorities, allowing normal access to the original servers' websites / legitimate Ip addresses. In order to fulfil the objective, we have put in place an experimental service which is already working fine. If you find anomalies, please let us know, the system will surely improve in time. Kind regards AirVPN admins
  21. 4 points
    Staff

    ANSWERED CBS Broadcasting Inc. (CBS)

    Website: http://www.cbs.com Watch CBS television online. Find CBS primetime, daytime, late night, and classic tv episodes, videos, and information. Status: OK Native: no servers Routing: all servers Updated: 03-Aug-18
  22. 3 points
    Whipshock

    ANSWERED Server issue?

    I am seeing very slow DNS resolution on Lich (US) while Haedus and Iklil are solid and quick. I am using Wireguard in Eddie 2.21.6. The server page for Lich shows nothing amiss so not sure.
  23. 3 points
    This guide will explain how to setup OpenVPN in a way such that only select programs will be able to use the VPN connection while all other life continues as usual. Please read this notice before applying the guide Advantages: fail-free "kill switch" functionality (actually better than 98% of VPNs out there) continue using another VPN as primary or don't reroute any other traffic at all nobody, not even peers on LAN, will be able to connect to your torrent client (the only way: through the VPN connection) - eliminating unintended leaks Disadvantage: the apps will still use your default DNS for hostname lookups (secure your DNS separately!) See two more drawings at the end. The guide is applicable to all VPN providers who don't restrict their users to use the OpenVPN client. The method however is universally applicable. It was made with examples from Windows, but with Linux/BSD you will only need little tweaking to do. Specifically, net_gateway placeholder may not available and that's all there is to it. Android clients are probably too limited for this task and lack options we need. - Since there'll be a lot of text, sections titled in (parantheses) are entirely optional to read. The other guide by NaDre is old (2013), hard to read and pursues a slightly different approach. A Staff member actually posted a good first comment there, that's what we're gonna do. (Preface) The BitTorrent as a network is entirely public. Through the decentralized technology called DHT, everyone in the world can find out what torrents you are presumably participating in (this does not apply to private trackers who disable DHT). Clearly this creates an unhealthy atmosphere for privacy of users, e.g. one could find out the OS distribution one is using for a more targetted attack etc. Sometimes the ISPs are outright hostile to peer-to-peer technologies due to the traffic and bandwidth these are consuming. Instead of upgrading dated infrastructure, they cripple their users instead. There are many reasons to use a VPN, that was but a limited selection. ("Split-tunneling") This has become somewhat a marketing term nowadays, but actually explains the nature of the traffic flow well. In this guide only the programs set to use the VPN connection will use it, nothing else. All your traffic goes past the VPN while torrent client traffic (or any other selected program) uses only the VPN connection. ("Kill switch") We'll literally nail it using software settings of your program (the torrent client). This is a marketing-loaded name. In short: if the VPN connection is not available, no traffic ought to be sent bypassing it. In most cases where you have a VPN redirect all your system traffic - you should not rely on it as a feature. The OpenVPN software on Windows is not 100% proof, based on empirical evidence (reconnects and startup/shutdown phases) and some other VPN providers do no better (based on comments and stories). The only bulletproof solution: the VPN tunnel is set up on an intermediary device your PC is connected to - your end device (the PC) has no chance whatsoever to bypass the tunnel in that case. If the VPN provider uses a firewall under the hood, that's good too but with this guide you will not need a firewall nor rely on the VPN software. ("Dual-hop") With the knowledge and methods from this guide you will be able to daisy-chain multiple VPN servers. In essence, your traffic passes PC->VPN1->VPN2->Destination. This was not intended for this guide nor with AirVPN, it's finicky and I wouldn't recommend it myself without a real need and skills to automate the setup and configuration. How it will work Many users (aka mostly idiots on Reddit) are running in circles like qBittorrent is the only client (or probably the only application in the universe, unconfirmed) that can be set to use a certain VPN. Here's the technicality: this is called 'binding' - you can 'bind to IP' which will force the app to use a specific IP address and nothing else. If it cannot use the IP (when VPN is disconnected) then it will not be able to do any networking at all. The OS will deny any communication with the internet: boom! Here's your praised 'kill switch' and 'split-tunneling', 2-in-1. This is the next best bulletproof solution (the only better alternative is to use an intermediary VPN device, as any software could choose a different interface now to communicate with the internet). In a broader sense, you want to 'bind to a network interface' - your client will use any available IPs from the VPN interface - making it ready for IPv4 and IPv6. Oh and you don't need to change the IP once the VPN connection changes to another server. The OS handles the rest. Examples of programs that can bind to user-defined addresses include: (Windows) ping, tracert (IPv6-only, WTF?), curl and wget, and many others, including your favorite torrent client You will find guides online how to do that in your client or just look in settings. (Linux-specific differences of the guide) If you are a Linux/*nix user, there're some minor changes to the quick guide below: * Create custom VPN interface: Create with ip tuntap command. The below line will create 5 interfaces "tun-air1" etc. for YOUR user. Specifying your user allows OpenVPN to drop root rights after connection and run under your user (security). AirVPN allows up to 5 connections. If you have no use for this, create only one. user="$(whoami)"; for i in {1..5}; do sudo ip tuntap add dev "tun-airvpn$i" mode tun user "$user" group "$user"; done Check their existance with ip -d a -- the interfaces will not be shown under /dev/tun* ALTERNATIVE: openvpn --mktap/--mktun. See manual with man openvpn * Select custom VPN interface: This config part differs from Windows, very confusing. Steps: 1. Replace "dev-node" in config with "dev" 2. Add "dev-type tun" or "tap". Example of config: # if you have these defined multiple times, last entries override previous entries dev tun-airvpn1 # previously dev-node dev-type tun # previously "dev tun" on Windows There're no more differences. In-depth explanation: If you try to use dev-node like for Windows, you will see: OpenVPN log: ERROR: Cannot open TUN/TAP dev /dev/tun-airvpn1: No such file or directory (errno=2) Example strace of error: openat(AT_FDCWD, "/dev/tun-airvpn1", O_RDWR) = -1 ENOENT (No such file or directory) OpenVPN cannot find the TUN/TAP with the name? No, on Linux/*nix/*BSD dev-node has a totally different meaning. Dev-node specifies where the control interface with the kernel is located. On Linux it's usually /dev/node/tun, for the "mknode" command. If OpenVPN can't detect it for some reason, then you'd need to use dev-node. Finally you can start OpenVPN from terminal: sudo openvpn --config 'path/to/config.ovpn' --user mysystemusername --group mysystemusergroup Windows Quick Guide Go to the folder where you installed OpenVPN and its exe files: 'C:\Program Files\OpenVPN\' Open CMD inside the 'bin' folder: Hold Shift + Right Click the 'bin' folder -> 'Open Command Window here' We will use tapctl.exe to create a new VPN network interface solely for use with AirVPN (to look around: run "tapctl.exe" or "tapctl.exe help") C:\Program Files\OpenVPN\bin>tapctl create --name AirVPN-TAP {FDA13378-69B9-9000-8FFE-C52DEADBEEF0} C:\Program Files\OpenVPN\bin> A TAP interface is created by default. I have not played enough with Wireguard's TUN to recommend it. You can check it out, it will be under adapters in your Windows network settings Important: Configure your app/torrent client to use this 'AirVPN-TAP' interface. This is what ensures your traffic never leaks. It may appear under a different name, in such case find out which one it is in the output of 'ipconfig /all' (enter this into CMD) If your client does not allow to bind to a general interface but a specific IP (poor decision) then connect to the VPN first to find out the local IP within the VPN network. In this case with AirVPN you may only use one single server or you'll have to constantly change the IP in settings. Generate AirVPN configs where you connect to the server via IPv4! This is important Add these to the .ovpn config files (either under 'Advanced' on the config generator page or manually to each config file) # NOPULL START route-nopull # IF YOU DO NOT USE ANOTHER VPN THAT TAKES OVER ALL YOUR TRAFFIC, USE "net_gateway" (just copy-paste all of this) # net_gateway WILL BE AUTOMATICALLY DETERMINED AND WILL WORK IF YOU CONNECT THROUGH OTHER NETWORKS LIKE A PUBLIC WIFI # personally, due to a second VPN, I had to specify my router IP explicitly instead of net_gateway: 192.168.69.1 # "default"/"vpn_gateway"/"remote_host"/"net_gateway" are allowed placeholders for IPv4 route remote_host 255.255.255.255 net_gateway route 10.0.0.0 255.0.0.0 vpn_gateway route 0.0.0.0 0.0.0.0 default 666 route-ipv6 ::/0 default 666 dev-node AirVPN-TAP # END OF NOPULL Test if the configuration works. Full tests, don't leave it up to chance. In-depth explanation of the OpenVPN config route-nopull rejects any networking routes pushed to you by the server, we will write our own route remote_host 255.255.255.255 <router IP> we tell our system that, to reach remote_host (the AirVPN server IP), it must send traffic to <router IP>. The subnet mask 255.255.255.255 says that this only applies to this single IP set <router IP> to be net_gateway (only for Windows users, check availability on other platforms) <router IP> may be any of the OpenVPN placeholders too, for example "net_gateway" should work universally (you avoid hard-coding the router IP and if it ever changes: wondering years later why the config no longer works) <router IP> is "192.168.1.1" in my case, for my home router that connects me to the internet. route 10.0.0.0 255.0.0.0 vpn_gateway we tell our system that all 10.x.x.x traffic will be sent to the AirVPN server the internal VPN network with AirVPN is always on the 10.0.0.0 - 10.255.255.255 network range. The subnet mask reflects that. However this may interfere with other VPNs if you ever need to be connected to both at once. I will not go into detail on this. What you need to do is to be more specific with 10.x.x.x routes in this config, i.e. instead of /8 subnet, only route the specific /24 subnet of the current VPN server (AirVPN uses a /24 subnet for your connections on each VPN server -> 10.a.b.0 255.255.255.0) vpn_gateway is one of OpenVPN placeholders route 0.0.0.0 0.0.0.0 default 666 allow routing of ANY traffic via the VPN we set the metric to 666, metric defined as path cost (historically) so setting it to a high value will make sure no normal connection runs through it, unless specifically bound to the VPN IP. route-ipv6 ::/0 default 666 same for IPv6. How many can claim they have working VPN IPv6 setup? Welcome in the future. IPv6 is over 20 years old at this point anyhow. dev-node AirVPN-TAP (Windows-only) tell OpenVPN to ONLY use this network interface to create the VPN tunnel on. Nothing should interfere with our setup now That's all, folks! Note: Somehow on Windows my AirVPN connection receives a wrong internal IP that doesn't enable networking at first. In my case I need to wait 1-3 minutes until OpenVPN reconnects itself based on ping timeout: after the reconnect I receive another IP and everything starts to work. I do not know whether it's an OpenVPN or a Windows bug. One last note: using multiple VPNs Actually this will work, that's how I roll. As long as both VPNs don't clash by using the same 10.0.0.0/8 subnet. If this happens, you will need to change Line 5 to point to a more specific (aka smaller) subnet tailored to your AirVPN server. Specifying a 10.x.x.0/24 subnet for routing will surely do (subnet mask: 255.255.255.0). Just be aware that you cannot practically use the same IP range in both networks at the same time (well, you'd need to bind the application you are using to either interface, which you cannot do with a browser or the printing service in case of internal resources). (The story of broken net_gateway) For this placeholder, OpenVPN attempts to determine your 'default gateway', i.e. the router all your internet traffic passes through. It normally works, but may not be supported on other platforms (Linux, sigh). However it has one unintended side-effect: if you already have a VPN that reroutes all your traffic, net_gateway will make all AirVPN traffic go through the first VPN: Your traffic -> VPN1 -> Internet Torrent traffic -> VPN1 -> AirVPN -> Internet That's the unintended dual-hop. Surely you can extend that scheme to 3,4,n-hops if you fiddle enough with routing, subnet masks and correct order. I'm not responsible for headaches We avoid that behavior with Line 4 from our config - the remote_host line forces the AirVPN traffic to go straight to the internet (through your LAN router). One more thing: net_gateway is not available for IPv6 routes in OpenVPN. That's why it currently only works with a IPv4 connection to the VPN server. (Crash course: Subnet masks) You've seen the weird number 255.0.0.0 above. You should refer to other pages for a proper explanation, but basically this is a very simple way for computers to determine the range of IP addresses that are part of a network (a subnet). What's simple for computers is very hard to grasp for us humans. 255 means there are NO changes allowed to the first set of IP numbers. I.e. the 10 in 10.0.0.0 always stays a 10. 0 means all numbers can be used. I.e. the zeroes in 10.0.0.0 can be (0-255), lowest address is 10.0.0.1 and the last address is 10.255.255.254 (technically, 10.0.0.0 is the first and the last 10.255.255.255 is reserved for 'broadcast') Any number in between denotes ... a range in between. 2^(32-prefix)=number. Number is the amount of available addresses and prefix is called the subnet prefix. Both are meant to describe the same thing. For 10.0.0.0/26 or 10.0.0.0 with subnet mask of 255.255.255.192 you get addresses in range 10.0.0.0-10.0.0.64 -- 2^(32-26) = 64. Similarly you can convert the subnet mask into the prefix number and work from there; or eyeball it: 256-192 = 64. (Two ways to accomplish routing) If you have two equal routes, e.g. 0.0.0.0 goes through VPN with metric 666 0.0.0.0 goes through LAN router with metric 10 then obviously the default route for a packet will travel through (2) - because it's a cheaper path. Unless an application specifies to talk only on the VPN interface. However a different rule applies whenever a more specific route exists 0.0.0.0/0 goes through VPN2 with metric 666 0.0.0.0/0 goes through LAN router with metric 10 0.0.0.0/1 goes through VPN1 with metric 30 128.0.0.0/1 goes through VPN1 with metric 30 Here the routes (3) and (4) cover the entire addressing space, just like 0.0.0.0/0. However because they are more specific, they'll be preferred for all traffic because these routes are more selective. This is how OpenVPN does override system routing with VPN routing by default. This is also what the other guide attempted as well, by pushing four {0,64,128,192}.0.0.0/2 routes. Since that was more specific, it would in return override the 0,128 routes and so on. We can calculate how many multi-hops we would be able to do with this method: IPv4 has 32 bits, we will not touch the last 8 bits of the subnets. That leaves us then with 24 bits or 24 maximum amount of hops. Theoretically. The routing table would be outright f---- to look at. This method is a bit more 'secure' in a way because you don't need to rely on overriding a certain metric value, you just slap a more specific route on top and it's automatically made default. Also you don't need to override the default gateway (router) and all that junk. However with my preferred method (first) you can quite easily do DIY dual-hop routing: 0.0.0.0/0 goes through VPN2 with metric 666 0.0.0.0/0 goes through LAN router with metric 10 0.0.0.0/1 goes through VPN1 with metric 30 128.0.0.0/1 goes through VPN1 with metric 30 <VPN2-IP>/32 goes through VPN1 with metric (any) Such a setup will make sure that all traffic destined for the internet (hits 3 and 4) will go through VPN1. If a program specifies the VPN2 network interface, then VPN2 will be reached via VPN1 first (you->VPN1->VPN2). This is quite 'quizzacious' to set up/control. Not part of this guide. As a part of this guide we told the system to route VPN2 via router on LAN. Yet you could indeed chain multiple VPNs this way and force the VPN1 to not only catch all traffic but also be chained via multiple VPNs itself so you would not need to manually set programs. I've seen scripts online for that purpose. Although be aware of MTU issues due to encapsulation. Troubleshooting tips TEST. SERIOUSLY, TEST YOUR SETUP BEFORE ENGAGING YOUR DATA CANNONS! A couple hours now are infinitely many times more worth than a 'leaked' mistake and headaches later on. https://ipleak.net/ - tests your client's default connection route. It would not tell you if your client is alternatively available on LAN for example. If you followed this guide and set up your client correctly, it will not be available on LAN etc. See the images below: 'without interface binding' (most newbie users) and 'with interface binding' (this guide) Wireshark to inspect how the traffic is actually flowing. Follow online tutorials, you only need to select the right network interfaces and filter traffic by port/IP (tcp/udp and your local or VPN IP) curl to send network requests. Like ifconfig.co / ifconfig.io will respond with the IP address it sees you as: curl --interface <your computer IP> http://ifconfig.co curl --interface 192.168.1.42 http://ifconfig.co # for IPv4 or IPv6, default route curl -4 http://ifconfig.co curl -6 http://ifconfig.co > route -4 print and > route -6 print on Windows. To compare the outputs, you can use Notepad++ with the compare plugin (you need two documents open, one in left and another in right pane before comparing). PS: AirVPN configuration generator does not support #comment lines. Please fix. Sorry Linux users, maybe another time I will write something tailored to you. But I believe you are smart cookies and will adapt the OS-specific steps to fulfill this guide's goal.
  24. 3 points
    tray-icon under Linux will be reactivated at the next release (experimental), under testing, expected next week. Please have patience.
  25. 3 points
    Staff

    Eddie Desktop 2.21 beta released

    Hello! We're very glad to inform you that a new Eddie Air client version has been released: 2.21 beta. It is ready for public beta testing. How to test our experimental release: Go to download page of your OS Click on Other versions Click on Experimental Look at the changelog if you wish Download and install Please see the changelog: https://eddie.website/changelog/?software=client&format=html This version contains an almost completely rewritten code for routes management, DNS and more, so please report any difference from the latest stable release 2.20. This version implements WireGuard support. AirVPN servers will offer it, during an opt-in beta-testing phase, within September. WireGuard support is expected to work out-of-the-box (no need to install anything else but Eddie) in Windows and macOS. In Linux it works if kernel supports it (WG support by kernel is required). PLEASE CONSIDER THIS AS A BETA VERSION. Don't use it for real connections it's only for those who want to collaborate to the project as beta-testers.
  26. 3 points
    FezzyWig

    RT blocked from some EU servers

    As someone who has worked internationally, I get my news from multiple sources: DW(Germany), The National(UAE), Global Times (China), Citizens Free Press (US), along with several others. THEY ALL HAVE PROPAGANDA. So what's important to me is to "triangulate" on the truth as much as possible. It's pretty easy to detect most of the bulls$^&t, but there is some sneaky stuff out there that no one will know unless you're on the inside. Anyway, the point is that there's no single source of "truth". It's best to gather as many of what appears to be the facts, and make your own mind up. All of that said, I had rt.com as one of my news sources too, so I'm bummed I can't see it now.
  27. 3 points
    OpenSourcerer

    Does VPN node country matter?

    There's no limitation on which servers are "allowed" to be torrented over, something I didn't quite understand with other competitors. Just pick one, everyone works.
  28. 3 points
    Hello! We're very glad to inform you that Eddie Android edition 2.5 alpha beta is available. UPDATE 2021-09-14: Alpha 2 is now available. UPDATE 2021-11-10: Alpha 3 is now available. UPDATE 2021-12-10: Beta 1 is now available. UPDATE 2021-12-17: Release Candidate 1 is now available. UPDATE 2021.-12-24: 2.5 has been released. Topic locked, let's move to # sha256sum org.airvpn.eddie-2.5-RC1-Unsigned.apk 2133a81c584ca7a20c930824b5823d1c882492a0bc23e22cd64c8f44ce839d1c org.airvpn.eddie-2.5-RC1-Unsigned.apk What's new in Eddie 2.5 RC 1 updated to the latest OpenVPN3-AirVPN and asio libraries extensive native library rewrite and revision for higher efficiency improved VPN concurrency management global objects enhanced instance handling linked against OpenSSL 1.1.1l (*) full integration with VPN traffic leaks prevention by system in Android 7 or higher version full compatibility with Android 10, 11 and 12, including ability to start and connect from a profile during device bootstrap ability to start and connect during bootstrap (if Master Password is disabled) according to a priority list which includes automatic choice, your defined country and your defined server ability to select directly an area (country, continent, planet) to connect to on the fly language change allowing to switch language without re-starting application unification of connection parameters between settings and server settings: changes on one side are mirrored to the other so that no discrepancy occurs anymore improved login credentials prompt: if wrong credentials are entered, the prompt is proposed again even when "Remember me" is selected VPN lock option off by default Opt-in Master Password which remains off by default TLS minimum required version set to 1.2 by default option to select an OpenVPN boot profile in Android 7 or higher version VPN lock is forced to off and cannot be activated if "Block connection without VPN" is enabled in Android 8 or higher version system settings connection restore now allows re-connection during the device bootstrap from the last active or default OpenVPN profile. It requires "VPN Always On" system setting active and Android 7 or higher version Force AES-CBC suite option has been removed compatibility with Android 5.1 and higher version has been maintained bug fixes solving various issues, including the crash occurring on specific devices when some contextual menu item to connect was selected new option to skip a single promotional message ("Do not show anymore") has been implemented, without prejudice to future promotional messages manifest permissions modified in order to populate correctly app black and white lists in Android 11 and 12 check the changelog at the end of the message (*) Eddie 2.4 was linked against mbedTLS library. Such a major change has been adopted to offer TLS 1.3 and slightly higher performance both with AES and CHACHA20 cipher suites. Please do not hesitate to report any variation in battery life and performance in your device compared to Eddie 2.4. Important note for Android TV users. In Android 10, 11 and 12, a VPN application can start and connect during the device bootstrap if and only if "Always on VPN" option is active. Unfortunately the option is not available in Android TV 10, 11 and 12. Therefore the ability to start at boot is lost. OpenVPN for Android and openvpn-connect applications are affected by the same constraint. For a complete list of Eddie Android edition features please see here: https://gitlab.com/AirVPN/EddieAndroid Special thanks in advance to all users who will test Eddie Android edition 2.5 alpha and beta versions! Changelog 2.5 RC 1 (VC 26) - Release date: 17 December 2021 by ProMIND - [ProMIND] Added "QUERY_ALL_PACKAGES" permission to the manifest - [ProMIND] Minimum TLS level now defaults to 1.2 - [ProMIND] VPN Lock is now off by default - [ProMIND] Removed force aes-cbc suite option - [ProMIND] Native library updated to the latest dependencies - [ProMIND] "AirVPN profile" has been renamed to "AirVPN Key" - [ProMIND] All android devices having at least API level 24 (Android 7) are now fully managed by Android system VPN facilities (including "VPN Always On" and "Block Connections without VPN") - [ProMIND] In case a connected OpenVPN profile is about an AirVPN server, the name is shown across the whole app instead if the IP - [ProMIND] Compression is now off by default - [ProMIND] Language override is now immediate and does not need app restart anymore Native Library - [ProMIND] Updated to OpenVPN3 3.7.1 AirVPN - [ProMIND] Moved to version 1.4 (Complete revision of code, structure and naming scheme) - [ProMIND] Moved all header files in eddie directory into include directory - [ProMIND] Renamed several 1.0 classes and members to more solid names - [ProMIND] Removed all references to boost library functions and switched to standard C++ equivalents api.cpp - [ProMIND] Added sslLibraryVersion() function api.hpp - [ProMIND] Added sslLibraryVersion() function client.cpp (Native library) - [ProMIND] Implemented private method releaseJniCallbackObject() - [ProMIND] Switched to instance model management for JNI callback object - [ProMIND] removed tun_builder_set_block_ipv6() function - [ProMIND] added tun_builder_set_allow_family() function client.hpp (Native library) - [ProMIND] Added private method releaseJniCallbackObject() - [ProMIND] removed tun_builder_set_block_ipv6() function - [ProMIND] added tun_builder_set_allow_family() function common.h (Native library) - [ProMIND] New file. It defines all common macros and includes constants.cpp (Native library) - [ProMIND] removed file constants.h (Native library) - [ProMIND] removed file macros.h (Native library) - [ProMIND] removed file stdafx.h (Native library) - [ProMIND] removed file types.h (Native library) - [ProMIND] removed file utils.cpp (Native library) - [ProMIND] Removed all C function and reimplemented as relative class methods - [ProMIND] Most of methods and functions have been rewritten from scratch - [ProMIND] Removed all references to boost library functions and switched to standard C++ equivalents AirVPNManifest.java - [ProMIND] Added method getServerByIP() - [ProMIND] Added method getFullServerDescription(String name) - [ProMIND] Added method getFullServerDescriptionByIP(String ip) - [ProMIND] Added method isEncrypted() - [ProMIND] Added Continent stats - [ProMIND] Added "Do not show again" methods for manifest messages AirVPNUser.java - [ProMIND] Added method isEncrypted() - [ProMIND] private class getUserLocation is now aware of current local country setting - [ProMIND] Added method reloadUserLocation() AirVPNServerProvider.java - [ProMIND] added "DEFAULT" case to getUserConnectionPriority() method AirVPNServerSettingsActivity.java - [ProMIND] TLS, Protocol, Port and IP Version are now linked to their relative default options BootVPNActivity.java - [ProMIND] Revamped VPN connection boot logics. It now supports AirVPN best server, AirVPN default server and AirVPN default country and improved management of default OpenVPN profile and last active connection ConnectAirVPNServerFragment.java - [ProMIND] Added default AirVPN items management - [ProMIND] Added direct connection to country's best server via context menu - [ProMIND] Added direct connection to continent and world best servers - [ProMIND] exportOpenVPNProfile() now exports profiles both to internal databse and external file - [ProMIND] Added export continent, country and server profile to file ConnectOpenVpnProfileFragment.java - [ProMIND] Added "set" and "unset" boot in context menu for OpenVPN profiles CountryContinent.java - [ProMIND] Added methods getTreeMapCountry and countryCount() - [ProMIND] Added methods getTreeMaoContinent() and continentCount() EddieApplication.java - [ProMIND] Initialization log messages are now sent once at the first run of the app instance - [ProMIND] Classes SettingsManager, EddieLogger, SupportTools, VPNManager, MainActivity, CountryContinent, AirVPNManifest, AirVPNUser and NetworkStatusReceiver are now instantiated here and the unique instance is used all over the app - [ProMIND] Checks whether manifest and user's data files are encrypted and sets "Enable Master Password" setting accordingly - [ProMIND] Added method isVisible() returning whether the app is in foreground or visible EddieEvent.java - [ProMIND] Removed generic onAirVPNIgnoredDocumentRequest - [ProMIND] Added onAirVPNIgnoredManifestDocumentRequest and onAirVPNIgnoredUserDocumentRequest - [ProMIND] Added onAirVPNRequestError event EddieEventListener.java - [ProMIND] Removed generic onAirVPNIgnoredDocumentRequest - [ProMIND] Added onAirVPNIgnoredManifestDocumentRequest and onAirVPNIgnoredUserDocumentRequest - [ProMIND] Added onAirVPNRequestError event EddieLogger.java - [ProMIND] Added instance and context support in order to keep the log across multiple runs belonging to the same app instance LogActivity.java - [ProMIND] Added "Clear log" button MainActivity.java - [ProMIND] At startup check whether system's "Block connections without VPN" setting is enable, if so VPN Lock is disabled and show a dialog - [ProMIND] Added new VPN Statuses management - [ProMIND] AirVPN Manifest messages are now shown only in case they have the "do not show again" flag turned off - [ProMIND] Max reconnection retries now supports infinite OpenVPNProfileDatabase.java - [ProMIND] Added "boot" element and relative methods - [ProMIND] Added "airVPNServerName" element and relative methods - [ProMIND] Added "airVPNServerLocation" element and relative methods - [ProMIND] Added "airVPNServerCountry" element and relative methods SettingsActivity.java - [ProMIND] In case system's "Block connections without VPN" setting is enable, VPN Lock is disabled and hidden - [ProMIND] Added controls for new settings - [ProMIND] Revised language change setting and adapted to new Android levels. The change is now immediate and does not require restart anymore - [ProMIND] Added infinite to max reconnection retries setting SettingsManager.java - [ProMIND] Added SYSTEM_IS_ALWAYS_ON_VPN and SYSTEM_VPN_LOCKOWN internal settings and relative get/set methods - [ProMIND] Added AIRVPN_CURRENT_LOCAL_COUNTRY and AIRVPN_CURRENT_LOCAL_COUNTRY_DEFAULT internal settings and relative get/set methods - [ProMIND] Added AIRVPN_DO_NOT_SHOW_AGAIN_MESSAGES and AIRVPN_DO_NOT_SHOW_AGAIN_MESSAGES_DEFAULT internal settings and relative get/set methods VPN.java - [ProMIND] Added CONNECTION_CANCELED to Status enum VPNManager.java - [ProMIND] Improved VPN concurrency management VPNService.java - [ProMIND] Check "VPN Always On" and "Block connections without VPN" system options and set Eddie's internal options accordingly WebViewerActivity.java - [ProMIND] http: and https: links are now opened by invoking the external browser - [ProMIND] Added bottom "Do not show again" layout bar - [ProMIND] Restore language/locale to the app setting and reverts Chrome/WebView default locale override Kind regards and datalove AirVPN Staff
  29. 3 points
    pmik76

    DNS Filtering

    Thank you for this amazing feature!
  30. 3 points
    blueport26

    Tom Spark review

    I like and use AirVPN but I don't trust him/his reviews. It's not hidden knowledge that the whole VPN review market is a bidding war between which company pays more. Here's my (salty) opinion. Although he uses a fixed script for each review and assigns points fairly, no matter which VPN he reviews he mentions his top scorers at least once per video. I have a feeling that the point of every non "S tier" review is to redirect customers, like "hey you know AirVPN is cool and has some promising features but check this two VPNs I'm affiliated with, they're the best". The review script is odd. He values <1h customer support response higher than all the privacy points combined. Speed test results may depend on the time of day, location and server load, so one day the score may be 50 and another 40 points or lower. A bit off-topic: There was a civil war/drama between some VPNs, mainly *cough*Windscribe*cough* and him. I was following their discord channel some time ago. Previously he was promoting them as one of the best VPNs, but when they announced shutdown of affiliate program he started throwing blames (telling a company that they should keep it - continue paying him). Since then he moved them to the bottom of the tier list .
  31. 3 points
    pj

    AirVPN not acknowledged on EFF's donation page?

    Hi, I worked for free on the 1st, 2nd and 3rd reading of the Telecoms Package for a grassroots organization in close contact and co-operation with several other organizations including La Quadrature du Net, EDRi, the Swedish Pirate Party and EFF Europe with Eddan Katz (International Affairs Director). I also worked against ACTA (the Anti Counterfeiting Trade Agreement) with Katz and several activists since when the very first secret discussion paper was published by Wikileaks in 2008 and up to the final and total "victory" with ACTA's rejection by the European Parliament in 2012. My main activities were legislative analysis, giving lectures in Brussels at the Commission and the Parliament sites, as well as around Europe, or having discussions with MEPs and when possible Commission personnel to defend and explain grassroots movements point of view. In 2010 I co-founded AirVPN and when it had so much success I moved to a more "fundamental", technical activism, and finally left the public activism with direct lobbying. soon after 2013, when AirVPN took 100% of my work time. Currently my activism is reflected by AirVPN activities, technical infrastructure, donations etc. Kind regards
  32. 3 points
    Staff

    New technical specifications

    Hello! VPN DNS and "Assigned IP address" technical specifications just changed. All the changes have been reported in the https://airvpn.org/specs page. The changed section is: Assigned IP Servers support both IPv4 and IPv6 tunnels and are reachable over IPv4 and IPv6 on entry-IP addresses. DNS server address is the same as gateway, in both IPv4 and IPv6 layer. Chosen IPv4 Local Address OpenVPN: 10.{daemon}.*.*, Subnet-Mask: 255.255.255.0 WireGuard: 10.128.0.0/10 Chosen IPv6 Unique Local Address (ULA) OpenVPN: fde6:7a:7d20:{daemon}::/48 WireGuard: fd7d:76ee:e68f:a993::/64 The new sections are: DoH, DoT Every gateway/daemon assigned to you acts as a DNS (port 53), DoH (dns-over-http, port 443), DoT (dns-over-tls, port 853). DoH and DoT don't add any actual benefit, because plain DNS requests are encrypted inside our tunnel anyway. However, users might need it for special configurations. In such cases, use dns.airservers.org (automatically resolved into VPN gateway address). Our DNS returns a NXDOMAIN for "use-application-dns.net", for compatibility reasons. Special resolutions check.airservers.org - Gateway IPv4 and IPv6 addresses exit.airservers.org - Exit-IPv4 and exit-IPv6 addresses use-application-dns.net - NXDOMAIN, for DoH compatibility, ensuring Air DNS will be used (for anti-geolocation features) Special URLs https://check.airservers.org - Info about connected server https://check.airservers.org/api/ - Same as above, in JSON Use https://ipv4.airservers.org or https://ipv6.airservers.org - Same as above, specific IP layer Kind regards and datalove AirVPN Staff
  33. 3 points
    Hi there, I really love your service and will renew with the next big sale event. Being able to pay with crypto currencies is a must in the industry nowadays I find. I am glad you accept a variety of different currencies, especially Monero. Bitcoin payments are oftentimes prohibitively expensive due to high mining fees to get into the next block. Also they can take a long time if the mempool is overflowing with unprocessed transactions. It would be great if you could also accept payments over the lightning network which makes transactions instant and final for you, basically free for me to send and my service can be instantly activated instead of having to wait a certain amount for blocks to be mined. Integrating lightning payments is easy, free and secure. And even comes with some privacy improvements over regular Bitcoin transactions, so that nobody knows who paid you. please consider adding lightning support to make paying with Bitcoin cheaper, faster and more private while also reducing the load on the main blockchain. Resources like BTCpay Server make it easy to accept lightning payments along regular on-chain transactions all without a third party. Thank you so much, I am looking forward to opening a channel to you ! ☺️
  34. 3 points
    Staff

    Server replacement (UK)

    Hello! We inform you that all of our VPN servers in Maidenhead will cease operations on 03 September 2021. They will be replaced by servers in London featuring more modern hardware. Unfortunately, both technical and non-technical reasons force us to leave the current dc in Maidenhead. Servers in London are anyway located just 40 Km from Maidenhead and they will be announced and available in the next days. The new machines will keep the same names in order to support the old FQDN used by OpenVPN client profiles. Since the datacenter seems to have put offline already a server before the natural expiration date, we could put the new servers online before the mentioned 03 September date. When new servers are turned on, older ones with the same name will be disconnected from the infrastructure. This thread will be updated, if necessary, accordingly. The replacement servers are five, while the replaced ones are six. That's because we might be adding in the future another datacenter in UK in a different location. Kind regards AirVPN Staff
  35. 3 points
    It would be great if the next beta updated Wintun to a newer version than 0.8. There has been significant improvements to it since then but the non standard install method makes it difficult to update independently of Eddie.
  36. 3 points
    Clodo

    Eddie Desktop 2.21 beta released

    After the testing, our Config Generator will be able to create WireGuard .conf file, usable without Eddie (wg / wg-quick or any official WireGuard app).
  37. 3 points
    Staff

    VPNs - Caught in Lying!?!

    @arteryshelby We do not log and/or inspect our customers' traffic. Since 2010 you can't produce any single case, and not even the slightest clue, in which the identity of an AirVPN customer has been disclosed through traffic log and/or inspection and/or any other invasive method. It means a lot, given that various younger VPN services have been caught lying (ascertained court cases) and that AirVPN is now the oldest still active VPN service, with the exception of a minor service which anyway changed ownership twice in the last 12 years. By the way we have never asked our customers to blindly believe in our words. We do not block Tor and we even integrate its usage in our software, so you can be even safer if you can't afford to trust us OR some datacenter. For example you can use Tor over OpenVPN, to hide Tor usage to your country and ISP, and at the same time hide your traffic real origin, destination, protocol etc. to us and the datacenter the server is connected into. Last but not least, we invest a lo of money in Tor infrastructure and in 2017, 2018 and 2019 more than 2.5% of global world Tor network traffic transited on Tor exit-nodes paid by AirVPN. It is an important achievement we're proud of, and it hints to good faith. Kind regards
  38. 2 points
    Hello. Just to let know that with Eddie 2.21.18 I can run Hummingbird from within Eddie in OSX High Sierra, and it is working fine. For me it was a long waited feature, so thanks AirVPN team and developers. Happy birthday!!
  39. 2 points
    Staff

    Eddie Android edition 2.5 released

    Hello! We're very glad to inform you that Eddie Android edition 2.5 has been released. The new release achieves full compatibility with Android versions 10, 11 and 12. It also maintains compatibility with Android 5.1. Many parts have been thoroughly rewritten to obtain better performance and efficiency. Ability to start and connect during device bootstrap is no more limited to a specific profile: it has been extended to a variety of choices, such as quick auto connection or user defined servers or countries, according to a customizable priority list. Master Password is now optional and VPN concurrency management has been improved. SSL/TLS library is OpenSSL, since it can provide, nowadays, slightly better performance than mbedTLS library on several processors. TLS 1.3 is supported as well. Eddie for Android is free and open source software released under GPLv3. We invite you to check from independent 3rd parties lack of trackers code signatures, for example here: https://reports.exodus-privacy.eu.org/en/reports/search/org.airvpn.eddie You can download Eddie Android 2.5 APK directly from our repository: https://airvpn.org/forums/topic/29660-using-airvpn-with-eddie-client-for-android/ You can also download it from the Google Play Store: https://play.google.com/store/apps/details?id=org.airvpn.eddie and from Amazon Appstore: https://www.amazon.com/Eddie-AirVPN-official-OpenVPN-GUI/dp/B07KTD6DH9/ Source code (and of course changelog) is available in GitLab: https://gitlab.com/AirVPN/EddieAndroid/ Main features (new features in bold): Free and open source OpenVPN GUI based on "OpenVPN 3.7.1 AirVPN" (free and open source software library by AirVPN) ChaCha20-Poly1305, AES-CBC and AES-GCM support on both OpenVPN Control and Data channel Robust, best effort prevention of traffic leaks outside the VPN tunnel Battery-conscious application Low RAM footprint Ergonomic and friendly interface Ability to start and connect the application at device boot Option to define which apps must have traffic inside or outside the VPN tunnel through white and black list Localization in simplified and traditional Chinese, Danish, English, French, German, Italian, Portuguese, Russian, Spanish, Turkish Full integration with AirVPN Enhanced security thanks to locally stored encrypted data through optional master password Quick one-tap connection and smart, fully automated server selection Smart server selection with custom settings Manual server selection Ability to start and connect during device startup according to a priority list which includes automatic choice, your defined country and your defined AirVPN server Smart attempts to bypass OpenVPN blocks featuring protocol and server fail-over Full Android TV compatibility including D-Pad support. Mouse emulation is not required. Enhancements aimed at increasing accessibility and comfort to visually impaired persons AirVPN servers sorting options Customizable "Default", "Favorite" and "Forbidden" servers and countries OpenVPN mimetype support to import profiles from external applications Multiple OpenVPN profile support. The app now imports and manages multiple OpenVPN profiles Support for custom bootstrap servers Support for favorite and forbidden countries AirVPN broadcast messages support User's subscription expiration date is shown in login/connection information The app is aware of concurrent VPN use. In case another app is granted VPN access, Eddie acts accordingly and releases VPN resources Optional local networks access. In such case, local network devices are exempted from the VPN and can be accessed within the local devices Localization override. User can choose the default language and localization from one of the available ones Favorite and forbidden lists can be emptied with a single tap Ability to directly select an AirVPN area (country, continent, planet) to connect to VPN reconnection in case of unexpected OpenVPN disconnection. (It requires VPN Lock to be disabled) VPN concurrency management Full integration with VPN traffic leaks prevention by system in Android 7 or higher version Full compatibility with Android 10, 11 and 12 User can generate or save an OpenVPN profile for any AirVPN server or country and save it in the internal OpenVPN profile manager or export it On the fly language change allowing to switch language without re-starting application Exclusive optional VPN lock in case the device cannot take advantage of Android's VPN direct management (Android 5 and 6) Server scoring algorithm implementing the latest AirVPN balancing factors in order to determine the best server for quick connection Network name and extra information are shown along with network type Device network status management Fully compatible with Android TV 5.1 and higher versions bug fixes Kind regards & datalove AirVPN Staff
  40. 2 points
    That's exactly the reason I simply don't install NoScript any more. It got old trying to find out which script sources provide functionality and which ones provide analytics. Sometimes one doesn't work without the other, that's where uMatrix usually came in handy, but that's an even bigger source of work. And I don't want to work, I want to surf the web. So my current approach is to simply let them eat cake. Use Librewolf with a slightly different policy config, periodically purge website data and cookies, things like that. Don't know about "essential" but if you're all about sending as little data as possible: uBlock Origin as your AdBlock Plus-compatible, open source request blocker. Obviously. uMatrix if you want absolute and unyielding control of all requests. Keep in mind, this is work everytime you visit a website. CanvasBlocker, so you can enjoy Canvas without having a unique signature. Sends a random one everytime it's used. Some may suggest Decentraleyes or similar so you don't use Google APIs everytime a website needs jQuery or such. Caused more problems than it solved for me. SmartReferer which lets you define global and per-site rules which referer is sent to websites (aka where you came from). Some websites need you to come from the same site, like driver downloads from AMD, they prevent direct linking to the files with that. Privacy Redirect, to use Invidious for YouTube, Nitter for Twitter, Bibliogram for Instagram and other substitutes. Only ever worked with YouTube and Twitter for me, almost all Bibliogram instances are permablocked by Instagram. SkipRedirect, maybe. Some websites direct you to an intermediate page before directing you to your actual destination (I'm also looking at you, AirVPN). This addon skips this. It's possible because most intermediate pages are like "https://my.page/intermediate.php?url=https://the.actual.page/destination.php". Addon extracts the url= parameter and connects you there instead. NeatURL, which removes common (and your custom) URL parameters like campaign trackers (utm_* and others) before the request is sent. Hundreds more, probably.
  41. 2 points
    That's very true. I don't have any problem with M247 as a company, it's just that it would be nice to support AS diversity to help get around blocks. AS 9009 is commonly blocked due to the abuse that often comes from it.
  42. 2 points
    If you youtube 'Christian Mcdonald', he explains everything in his series of videos. He's also overseeing the wireguard package for netgate, and talks about the whole process and where he wants to take it in the future. Hello! Speaking of netgate.com, we found this article on it which looks good: https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-client.html In order to fit it to AirVPN, please generate a configuration file for WireGuard and the server or country you wish from the Configuration Generator. It's a text file inside which you can find the settings/values you need. Kind regards
  43. 2 points
    Would the use of a VPN, such as AirVPN or ProtonVPN (in this case, I believe the users did not use the bundled service) or TOR prevent this situation? In the transparency report; the state over 700 cases of this nature out of 3000+ Legal orders. In which ProtonMail's parent corporation representation states they fought and denied hundreds more improper orders sent on by the Swiss authorities. Interestingly, most do not understand email is not a secure service by default, and ProtonMail's whole thing is encryption, because ultimately such as any VPN or service will know the originating IP of a user. The company was required to log, after legal request, which from a financial point of view, I believe is true because it costs money to data mine without any benefit, unlike Google for example. Also, when does an IP equal an individual? There must be more to the story. More reasons to use AirVPN imo, vs protonvpn because: no ZenDesk, no outsourced customer service, no outsourced payment processors, no parent company holdings as far as I know. Also I love the openess of your code, and willing to work with outsiders, such as the CLI wrapper. The activism also I agree with. So important: I created this account with the ability to use no linking information to anything, including a random string with @ and .com
  44. 2 points
    @airvpnforumuser Hello! No, never, because the investigations follow a different path. However, we received request for information several times. Such requests relied exclusively on data retention which we do not perform according to the legal framework of countries the servers are located in and/or according the decisions of the CJEU on blanket data retention. We do not inspect or log traffic content or metadata. No, we never received gag orders outside the scope of the aforementioned requests, i.e. prohibition to inform the final user that an investigation is ongoing about him or her in case we could identify the user, which never happened for the same reasons above. You don't, as we never publish private communications regardless of the entity or person sending them, no matter who they are. Kind regards
  45. 2 points
    @blueport26 Hello! First and foremost we must say that we have not updated our knowledge on Poland data retention legal framework. Our old information tells us that it's NOT compliant with the latest decisions of the CJEU which forbid Member States to put any obligation on any provider of service in the information society for pre-emptive, blanket, indiscriminate data retention. All that follows is therefore based on our not up-to-date knowledge. Feel free to point us to the relevant laws if we base our decision on no more valid knowledge. Now, we can actually ignore the EU Member States legal frameworks on data retention where they clearly infringe the EU Court of Justice legally binding decisions, because in a casus belli we can challenge, or defend against, the rogue Member State with high likelihood of winning. At the same time, we must carefully decide which legal battle fronts we want to open, because legal costs for cases which must be brought up to the highest courts may easily become very high. We are already challenging Spain legal framework on Data Retention, and, given AirVPN size, it's not wise to challenge multiple Member States simultaneously. That's the main reason we do not operate VPN servers in France and Italy, other Member States whose data retention framework is in flagrant violation of the legally binding decisions of the CJEU. We're not like those marketing fluff based VPNs which lie to you and in reality perform Data Retention in the countries where it is mandatory: you have plenty of examples from the press to prove what we claim here, when VPN customers identities and activities have been disclosed because of that very same data retention the VPN providers claimed not to perform. When we say we do not retain data and metadata of your traffic we really do it, that's why we must carefully evaluate the countries legal framework we plan to operate servers within. Kind regards P.S. Ukraine does not oblige dacenters and VPN providers to any data retention.
  46. 2 points
    Staff

    PIA's dedicated IP feature

    @Maggie144 Hello! That's out of AirVPN mission scope as it would crumble the anonymity layer. Moreover it would put some additional legal duties on AirVPN as a hosting provider, so it's even outside AirVPN core business. We are perfectly aware that we could be offering valid VPS with one dedicated IPv4 address for less than 5 EUR per month (in an hyper-inflated business segment), but again that would be best accomplished by some partner company ad hoc created, in order not to mix different businesses with mutually incompatible purposes which, on the long run, would undoubtedly damage AirVPN good reputation as a privacy protector and a service capable to provide an anonymity layer of a significant degree. While competition increases, simply for the incredible amount of VPN services for consumers which are born every other day, in a world facing an economic crisis due to the pandemic and slowly progressing shortage of energy resources, it's somehow normal that each company tries to survive by innovating, or by adding different services, or sometimes, unfortunately, by betting on marketing fluff. Remember that when PIA controlling company was acquired by Kape, it had accumulated more than 32'000'000 USD debt which had to be covered by Kape itself, so it's normal that new services are added to increase much needed revenues in an attempt to make PIA profitable again, or anyway more profitable. https://www.techradar.com/uk/news/cyberghost-owner-buys-pia-for-dollar955m-to-create-vpn-giant In this specific case we underline once again that the service you mention is really incompatible with AirVPN Terms of Service and general mission, so you could find it only by some other company controlled by us and not in AirVPN infrastructure. Kind regards
  47. 2 points
    frisbee

    Eddie Will Not Turn Off

    For anyone still experiencing the issue that Eddie freezes/is unresponsive, a workaround is to NOT minimize Eddie. It seems to crash only when minimized. The Airvpn support team has been advised and should investigate further.
  48. 2 points
    Staff

    FreeBSD setup guide

    @m1ster Hello! You can't build Hummingbird or the AirPVN Suite in FreeBSD because OpenVPN3 AirVPN library needs various modification for FreeBSD, you will not be able to even compile it at the moment. We have plans to port the AirVPN Suite to FreeBSD later this year, but first we need to adapt the library, which might be or not a trivial task, and we must release a new Eddie Android edition version before the summer is over. At the moment you only have the Linux binary compatibility mode option (try with Hummingbird, as Eddie will have too many complications due to Mono), and of course OpenVPN 2.5.2. Hummingbird and the Suite support and have always supported pf, the default FreeBSD firewall, but different directory tree and some other issue may cause trouble. https://docs.freebsd.org/en/books/handbook/linuxemu/ Anyway we assure you that FreeBSD support improvement with native applications remains our goal for 2021. Our FreeBSD users are many (25% of our Windows customers, and 20% of our Linux customers, who are currently the absolute majority), not to mention the system outstanding superiority, so stay tuned. Kind regards
  49. 2 points
    They also reserve the right to kill anyone with a drone strike at the push of a button. No trial needed.
  50. 2 points
    Not only the internet. They give themselves the right to invade any country in the world who doesn't play under their rules.
×
×
  • Create New...