LZ1

If you need encrypted e-mail, use any client you want, but use GPG to encrypt the message. It is not hard, and if your recipient is half as smart as a potted plant, they can easily handle it. It does require a trivial bit of work initially to have each side make their own keys, and then to exchange public keys. But it is fully open sourced, and available on any platform I have heard of. And best of all, you can use this with a mail service that logs and offers zero encryption. It will still work just fine. And since the so called "intelligence" services around the world have been trying to break PGP for decades, I think you can rest assured that it is not going to break anytime soon. (GPG is short for GNU Privacy Guard. It is the Open Sourced compile of PGP, and is fully free to use in any way you like.)

When I surf the internet with my VPN accounts  I use a Linux VM with LUKS and LVM.  VM is encrypted with the virtualiation application as well as restrictions enabled on the VM.  The VM has a base snapshot with all my applications configured for VPN.  When I'm finished with my session, I revert to the snap shot.  The VM and files are stored on an Aegis Padlock.  The Padlock has a built in brute force protection to securely delete the encryption keys after 20 unsuccessful password attempts.  I also have a secure wipe password that will securely delete the encryption keys if initiated.  The VM itself is configured to only send and receive traffic through the VPN tunnel and to drop all traffic if the VPN connection fails.
 
When transporting secure information, I use Aegis Secure Key's.  My personal Aegis key has a standard Veracrypt container and a hidden Veracrypt container.  Contents of the outer container have a scanned copy of my DL, Passport, and a contacts list.  My hidden vault has a digital copy of my birth certificate, ssl card, a couple of emergency bitcoin wallets, and AirVPN config files.  The container is synced to 2 cloud accounts on a monthly basis.
 
As far as communications, I use Signal, Telegram, and Whatsapp (all end to end encryption) for txting/SMS, protonmail for secure end to end encryption email. 
 
No Social Media Accounts.

That article says they did not defeat the encryption at all. I will quote the important part here.
"In fact, one recent investigation by Vice News claimed that Canada's federal police has had the firm's global encryption key since 2010."
 
So they never had to even try. They had the key since 2010.
 
I am not going to bit your head off. But since you may be a bit out of your depth, let me help educate you on the sorted history of PGP/GPG.
 
Phil Zimmermann made PGP back in 1991 when encryption was plainly pitiful. At the time, it was strictly forbidden to "export" encryption stronger than 40 bits, because that was the amount that could be broken in an actionable amount of time. In fact, it was at the time considered to be "munitions". (Meaning weapons and ammo and such.) So allowing the world to have it would have been treason.
 
A number of cases have been tried around the world that depended solely on evidence claimed to be in messages encrypted with PGP. To date, not one has been decrypted without the password. AirVPN uses 4096 bit RSA as part of the encryption for the VPN. It has never been broken either. I do not think even 1024 bit RSA has ever been broken, but it is not used anymore since it is too weak relative to the trivial amount of work to make and use a larger key.
 
So I have to argue that it is secure because it has never been cracked. If you encrypt your content and I ask you the passphrase and you give it to me, then I did not crack it. I may have defeated it, but not in any way that could not apply equally well to any encryption.
 
Please do not hesitate to ask any questions you think of. I may be a bit crazy, but I would be very pleased to help you learn.

I can elaborate on that, in the hope it's interesting to know.
 
Spoken for movies, in Germany there are companies holding the licensing rights for all or a selection of movies of a certain film studio "on german soil". I think that's how it is in other countries as well. They also hold the rights for german synchronization of those movies. These companies are working with a bunch of law offices, well known names when it comes to file sharing, who in turn work with (in my opinion) doubtful tech companies (names you'd never hear in the wild ) which have nothing better to do than crawling through torrent sites and using DHT crawlers to find german IP addresses actively participating in sharing movies of the film studios mentioned above. When they find one, they note down every piece of information that could make the file sharer in question to confess. They ask the law office to ask the ISPs for customer information (since it's a matter of piracy, they usually cooperate). The law firm gets the information and sends out cease and desist letters to hundreds of houses a day. They just reuse the same template. The letter basically says this: You pay a fixed fine and send over a declaration to cease and desist and you're out; if you don't, you get sued.
 
Now in Germany, sending these letters the way they do it is a legal grey area. They are compared to spam because they're sent out rapidly with a money request in order to scare people into paying and threatening them with legal consequences if they don't. They normally append a pre-written declaration to cease and desist so you can just sign it and "all is well". Truth is, it's written in legal language and phrases your immediate loss in any case to come. Whatever is written in this letter with your signature on it, it has legal validity while the fine has no validity at all. So in Germany, you usually write a modified dec to cease and desist, saying only that you're not going to ever touch a BitTorrent client again in the future or something like that (in legal terms, of course). You don't pay the fine, they're in no position to be able to require any form of payment without a lawsuit.
 
After that, one can only hope they overlook your case and don't decide to act. There's a statutory period of limitations, three years, in which they can "reactivate" the case and decide to file a lawsuit if they so desire. Given the fact they sent out hundreds of letters a day, therefore generating hundreds of cases a day, it's not that bad. With every lawsuit there are costs and the law office can't pay for a hundred lawsuits a day, so they more or less cherry-pick where they think they've got the highest chance of winning, or whatever name sounds funniest, I don't know.
 
Today, it's not so easy for them anymore because now there's a court decision basically saying it's a shady business and the german legislation does not like it. I think they already found a way to circumvent this, so beware, Germans.

Yep, blacken everything personal and upload it please
 
@OP: You're probably upset because you got a (maybe) threatening letter from your ISP. What's more you probably chose to pay for a VPN service exactly for this reason. Learning that your protective measures have not worked like they should have is disappointing, I can understand your anger. Nonetheless I have to second what has already been said. Use network lock and you can avoid such difficulties. Network lock writes some rules into the firewall that block all traffic as soon as the VPN tunnel is disconnected. But it only works if you use the built in Windows firewall or iptables (under Linux). If you use a third party firewall you have to write your own rules. Your fault is not having read the faqs provided by AirVPN because these problems are very well documented.
 
@giganerd: It could not hurt to be a bit less harsh and a bit more polite, even under the anonymity of the www. It's totally understandable for someone to get upset if he/ she receives a warning letter from the ISP. No matter what the OPs fault might be, a forum is primarily to help each other out, not to condemn. I assume you're neither a judge nor the almighty himself so who are you to decide who deserves what? Sorry but I just had to express the feelings I had while reading your post.
 
Or like the French saying: C'est le ton qui fait la musique.

Wait I just noticed that it's John Titor who wrote this. Wasn't this the guy who came back from the future? He might be referring to a future event wherein AirVPN is down!

lol
 
https://www.youtube.com/watch?v=QXPAZJvbH1s  

It's linux's way of rebelling over the fact that there's such a thing as a windows key.

Hello !
 
I wondered what you were talking about. I'm not sure if I'm more surprised their servers got seized or that they had real servers to begin with, lol. Where's the fake GeoIP & VPS stuff when you need it PIA? C'mon now...
 
Edit: By the way OP, did you mean to insinuate this being a feature of PIA? Considering the sub-forum of choice

Hello !
 
If you have Network Lock enabled, then it should.

Hey the already AirVPN funded Tor Project just changed their board of directors and one thing was especially interesting in an AirVPN context:

The new board members also include three women, including Cindy Cohn, the executive director of the Electronic Frontier FoundationThe EFF !

Sadly not quite the whole truth.
 
Edward Snowden revealed the world-wide spying conducted by many Western countries There's many ways to side-step any such rules, whether constitutional or not The FBI and other similar institutions have proven time and again that they're willing to spy on anyone and everything The problem is manifold. For instance, how do you hold an organisation accountable for its actions, if its actions are kept secret? Ah, you just make it mandatory to get a warrant, right?
Well, the FISA court solved that problem for a lot of cases; it's a rubber-stamp closed-court system, wherein virtually all warrants are granted. Nothing is turned down.
How do you prevent legal-loophooles and "whoopsie" mistakes? For instance, if the NSA collects data on you, it could simply say it was an accident; but how
can you be sure the data is deleted? And then there's other loopholes; what do you think "cooperation" means in an intelligence context for instance? Sharing of information.
In other words, one of their favoured ways of bypassing local restrictions on data-collection, is to simply have an agency from a different country and thus outside the local jurisdiction,
do the collecting. Then the collected information is simply shared. Both agencies can then claim they didn't collect information on their own citizens, while also claming they're working together with others.
 
In short, you don't have to commit crimes to be spied on. In fact, it's a bit of a catch 22. Because if you don't do anythig to resist, you can be sure you'll be spied on. While if you do do somethingto resist,
such as using a VPN, you could just as well be flagged as suspicious and thereby warranting even more surveillance. This is the whole problem: mass-surveillance. You spy on everybody in order to make
sure nothing slips through the net, but in doing so, you end up compromising essential human rights and democratic liberties, which SHOULD be protected. It's a huge problem. So please, don't have
the false sense of security that you're protected because of laws X, Y and Z

Hello !
 
zhang have you ever heard the joke: If you don't know your TLAs then you will be engaging in CLAs?
Aka, if you don't know your Three Letter Acronyms, you'll be engaging in Career Limiting Activities. Hahaha.
Thanks for the info zhang.
 
Thanks for the post OP - was a good doc.

I did not quite understand the question. Can you please form it according to some basic format i.e.
1) The symptom / the issue, as it see on your side - 1/2 lines.
2) The way you would like to have it set - 2/3 lines.
3) Some steps you tried to get this done - 1/2 lines.
 
 
Regarding how ISPs can tunnel into your network bypassing your VPN, is for example the DOCSIS protocol,
the only one that is used for cable modems all over the world. In this way, when your modem boots up, it
sends and receives information from your ISP on the coax interface, allowing them to SNMP to the device
as well, and many ISPs have their CMTS (big cable routers) SNMP to the subscriber modems once in a while
and check the settings. Mostly for debugging though, I cannot say it is done for the purpose to invade privacy.
They mostly check the uptime of the modem services, the signal strength, the firmware version, and in case
something is wrong the first step is usually sending a firmware upgrade package and a reboot, then calling up
a cable technician to your home.
 
If you ever had a call from your ISP, telling that a technician has to arrive and fix your line, that is probably an
automatic alert your modem sent, again over the DOCSIS protocol to your cable provider.
ADSL has something similar and it is called TR-069.
 
What you have to do in order to avoid this, is using your ISP CPE as a modem only, and connecting a separate
router to your devices, while using your modems LAN as a separate router's WAN.
There is no way for you to reliably disable DHCP on devices you don't fully control, and in fact are not truly yours,
as I believe you have to return this device if you plan to switch your ISP, so it's their right to do so.

Yeah, was on PIA for a month; they were pretty shit. Only managed to reach 80Mb/s of my 200Mb/s connection and that is if I was lucky.
 
AirVPN I get AT LEAST 120Mb/s on any Dutch VPN, right now at 6am I hit 199Mb/s on UDP Port 80 on Alshat. Also PIA's killswitch is a joke, it never worked and my IP leaked several times.

Well as it happens, there's so many loopholes. They don't, for instance, have to *collect* it themselves, if they merely let one of their "intelligence partners" - another country - do the hard work. Then they simply swap datasets and call it "cooperation". It's a nifty way of side-stepping the law. There's many others. Often "oversight", not so much law, is what is mentioned as the counter-balance to all this collection. However as has been proven, oversight is often lacking and even if and when it's not, it won't mean things won't go wrong. Edward Snowden for instance, tried to tell his superiors about how wrong all the collection of data really was and he was silenced in a variety of ways. So while I get what you mean about there being differences, I think those differences are only skin-deep.

Well one could be a bit cocky and cynical and perhaps say that "reason" isn't even a theme here, since if it was, there wouldn't be such laws to begin with. But you know, I imagine it's much like with when the NSA says they won't collect information on their own citizens. However if during the dragnet surveillance a couple of their own citizens do get their data swept up, that's an unfortunate accident.

Well to be fair, lots of countries, including not typically-villified ones like the UK either aren't much better or are heading in a direction which increasingly resembles Russia. So it's quite a tough deck of cards to be dealt. But naturally, it does follow that any VPN worth its salt keeps a close eye on not just the technical situation surrounding VPN-usage, but also the various legal realities of the host country and/or region. Other examples include France, wherein after the attacks, emergency laws were put in place pretty quickly:
So I think you're both right.

Hello !
 
Would AirVPN be interested in supporting the Electronic Frontier Foundation and/or the Free Software Foundation? No specific project or technology as such.
 
It seems a bit remiss of AirVPN to not support these, in my view .
 

About The EFF

The Electronic Frontier Foundation is the leading nonprofit organization defending civil liberties in the digital world. Founded in 1990, EFF champions user privacy, free expression, and innovation through impact litigation, policy analysis, grassroots activism, and technology development. We work to ensure that rights and freedoms are enhanced and protected as our use of technology grows.

Even in the fledgling days of the Internet, EFF understood that protecting access to developing technology was central to advancing freedom for all. In the years that followed, EFF used our fiercely independent voice to clear the way for open source software, encryption, security research, file sharing tools, and a world of emerging technologies.

Today, EFF uses the unique expertise of leading technologists, activists, and attorneys in our efforts to defend free speech online, fight illegal surveillance, advocate for users and innovators, and support freedom-enhancing technologies.

Together, we forged a vast network of concerned members and partner organizations spanning the globe. EFF advises policymakers and educates the press and the public through comprehensive analysis, educational guides, activist workshops, and more. EFF empowers hundreds of thousands of individuals through our Action Center and has become a leading voice in online rights debates.

EFF is a donor-funded US 501©(3) nonprofit organization that depends on your support to continue fighting for users. 

About The FSF

The Free Software Foundation (FSF) is a nonprofit with a worldwide mission to promote computer user freedom. We defend the rights of all software users.

As our society grows more dependent on computers, the software we run is of critical importance to securing the future of a free society. Free software is about having control over the technology we use in our homes, schools and businesses, where computers work for our individual and communal benefit, not for proprietary software companies or governments who might seek to restrict and monitor us. The Free Software Foundation exclusively uses free software to perform its work.

The Free Software Foundation is working to secure freedom for computer users by promoting the development and use of free (as in freedom) software and documentation—particularly the GNU operating system—and by campaigning against threats to computer user freedom like Digital Restrictions Management (DRM) and software patents. 
Why should AirVPN do it? Because:
Both organisations routinely make new technologies available which help to enhance peoples freedoms. Not just software-wise either, but hardware too. Both organisations comply with AirVPNs mission on multiple levels. Many kinds of freedom form the basis of free societies. Free speech, freedom of assembly, etc. So what about free software/privacy? The EFF fights the required legal battles that come before or after new technology or laws that limit, constrict and/or endanger us all in more ways than one. The FSF provides a completely different philosophy/approach to hardware and software; namely that it should be completely free. Not proprietary & closed. Eddie being open helps us all. Support will also mean even more support for software like HTTPS Everywhere, which both the EFF & The Tor Project made. AirVPN already supports The Tor Project, so why not add the EFF? Because the FSF is a hardcore supporter of free software & freedom of software provides a range of benefits for everyone:
As a software developer, free software lets you build and improve on the work of others, as part of a social community — built on the principles of sharing.
As an artist, you can do things with free software that proprietary software does not allow. All free software allows you to use it for any purpose.
As a user, free software removes you from the power struggle of proprietary software, where you are able to help yourself and are not dependent on a single developer or company to help you.
As a student, you can study and modify the software you use, learning from and enhancing the tools that you use for education.

I think it's one thing to support various technical means of opposing state & company control, closedness and censorship, but quite another thing to oppose these things through legal means.
Because while technical tools are great, one could argue that we shouldn't, in an ideal world, even need them. But we do, because various laws force us to, if we want to maintain
a shred of privacy and security. But whether or not these organisations do battle legally, they both still provide a wealth of different tools and technologies which help advance
AirVPNs mission. So in a sense, it's like a package deal !
 
Even the best VPN in the galaxy won't have much to say in the face of running on a compromised system.
Even the best combination of security practices, software & hardware can come under attack when governments give themselves permission to do things that are illegal & immoral for everyone else to do.
 
In addition, supporting organisations which fight the necessary legal battles, could perhaps have direct implications for AirVPNs server locations, as Air writes:


Of course there's many parameters to take into account when it comes to server locations; not least cost & infrastructure availability. But I'm sure we can agree that it's easier to set up a server in a
country that doesn't have laws or systems hostile to AirVPNs mission statement; perhaps one of the major reasons we haven't had many Iranian and Mainland Chinese servers, hmm?
For a primer on what the FSF is really about, you can watch this.
 
Thank you :]

Hello !
 
I wondered what you were talking about. I'm not sure if I'm more surprised their servers got seized or that they had real servers to begin with, lol. Where's the fake GeoIP & VPS stuff when you need it PIA? C'mon now...
 
Edit: By the way OP, did you mean to insinuate this being a feature of PIA? Considering the sub-forum of choice

Hello !
 
Eddie puts things back the way it was originally, when you ask it to, such as when you disable Network Lock. Which is one of the reasons Air Staff always give the most manly advice possible regarding life and death and Eddie: Always kill with grace - so that Eddie has time to finish putting things in order: firewall rules, eulogy, etc. etc.

They're working on those changes, since they're aware of the problem. The next version of Eddie is currently in Alpha.
However as the support staff have told me and which I certainly think is applicable to other parts of life too: "One must always kill with grace", referring to killing the program.

Well if you go to the top left corner, you'll find the About tab, which in turn holds links to both the Eddie software and "manual" online. This is in addition to all the help regular users like ourselves can offer via posts, guides written by some of said users and staff, as well as a dedicated contact form to ask AirVPN support staff directly. This, coupled with the innate "help" the client provides in the form of the "logs" tab, makes for quite a bit of different kinds of help, to be honest. I understand that it's annoying when stuff doesn't work; it really does get on your nerves. Yet at the same time, this is also one of the more technical VPNs and while that level of technicality can be an obstruction at times, it is also the very thing which makes this service so worth it to begin with. It's not always possible to make software do everything you want, because users have different configurations - but updates are always underway as well. Eddie already takes care of a huge amount of things which are otherwise quite complicated; especially for the unitiated. But even if Eddie took care of everything, you still need to have the right sort of mindset; which at present, I don't think you currently have, respectfully.
 
You getting a letter from your ISP is very unfortunate. But you've also got to realize that even with the best of software, you yourself need to take sufficient responsibility for your setup working as intended. AirVPN would never claim the software to be foolproof, because honestly, if the person operating the software is a fool, then the software won't matter anyway. You're always welcome to post on the forums, provided you do so in a respectful, orderly and constructive way. Then it should go without saying that the community will help you out as much as possible; as evident by many of the replies you've received in this thread and the other one you made. In the end, Eddie appears to work for the vast majority of both Windows users and users of other operating systems. So if anything, the problem is perhaps more unique to you. I encourage you to keep using it however, since VPNs and related technologies are becoming more and more necessary in order to have a shred of privacy and security online. Perhaps the latest suggestions by quindecim will work for you, perhaps not. There's only one way to find out.

By the way I noticed that in your OP you said you changed DNS to obtain automatically. But it seems you didn't do so for IP.
You perhaps also didn't do it on both or all adapters: both the TAP adapter and your regular one.
Anyhow, I still think it's strange to quit an entire technology. I mean, logically speaking, you should be quitting Windows, if anything. Not VPNs. Take care.

Hello LZ1,
many thanks for the answer. Unfortunately I cannot test the problem anymore since my streaming possibility expired (temporary ticket).
However, I remember trying from several different servers from Germany, Netherlands, Switzerland and even Sweden (I didn't write down their names - sorry about that).
I checked the routing before and seemed ok too. The thing is, the access was not locked down, but the streaming reproducibly interrupted after exactly 60 seconds every time.
Talking to other vpn users (not Air though), we found out that Sky Italia is locking down access for VPN users, (SkyGo is also not working anymore) so I suppose there is not much to do about it.
Many thanks anyway for the help,
Cheers,
Sandro