Staff

Hello and thank you! That's correct, since leaks prevention in desktop and mobile systems are deeply different. Using the same definition might cause confusion. In desktop systems you can modify the packet filtering table which provides a 100% effective leak prevention as long as some administrator modifies the filtering table itself. In Android you don't have administrator access to the system so we can talk only about a best effort leaks prevention. The leaks prevention method by Eddie is not and can not be as effective and safe as the desktop "Network Lock" is. The method can prevent leaks after a first connection to some VPN has been established and a tunnel is created, while the desktop "Network Lock" can of course act even in absence of a tunnel, as it is a set of filtering rules. Anyway, Eddie for Android features an exclusive traffic leaks prevention system, which is superior to anything seen so far in any other OpenVPN based application Kind regards

Hello! We're glad to inform you that Eddie for Android and Android TV version 2.1 has been released! You can download Eddie from the Google Play Store: https://play.google.com/store/apps/details?id=org.airvpn.eddie You can also download Eddie Android 2.1 apk directly from our repository: https://eddie.website/repository/eddie/android/2.1/org.airvpn.eddie.apk At the moment Amazon Appstore still features Eddie 2.0.1 but the approval process for version 2.1 should be completed soon, at least according to what Amazon claims. The application is fully localized. Current implemented languages: Chinese (simplified), Chinese (traditional), Danish, Dutch, English, French, German, Italian, Portuguese, Spanish, Russian, Turkish. Eddie for Android 2.1 is a major refinement of version 2.0.1 and implements several features which were suggested by the community. It also underwent a deep re-engineering of some architectural components which translates into higher stability, correct co-existence with other VPN and non-VPN applications and in general improved events handling. Eddie for Android is free and open source software released under GPLv3. We invite you to check from independent 3rd parties the lack of trackers code signatures, for example here: https://reports.exodus-privacy.eu.org/en/reports/search/org.airvpn.eddie Source code is available on GitLab: https://gitlab.com/AirVPN/EddieAndroid Main features: Free and open source OpenVPN GUI based on OpenVPN 3The only Android application officially developed by AirVPNRobust, best effort prevention of traffic leaks outside the VPN tunnelBattery-conscious applicationLow RAM footprintErgonomic and friendly interfaceAbility to start and connect the application at device bootOption to define which apps must have traffic inside or outside the VPN tunnel through white and black listLocalization in traditional and simplified Chinese, Danish, Dutch, English, French, German, Italian, Portuguese, Russian, Spanish, TurkishFull integration with AirVPNEnhanced security thanks to locally stored encrypted data through master passwordQuick one-tap connection and smart, fully automated server selectionSmart server selection with custom settingsManual server selectionSmart attempts to bypass OpenVPN blocks featuring protocol and server fail-overFull Android TV compatibility including D-Pad support. Mouse emulation is not required.Enhancements aimed to increase accessibility and comfort to visually impaired personsAirVPN servers sorting optionsCustomizable "Favorite" and "Forbidden" servers and countriesOpenVPN mimetype support to import profiles from external applicationsNEW: Eddie for Android 2.1 - Release notes Multiple OpenVPN profile support. The app now imports and manages multiple OpenVPN profilesSupport for custom bootstrap serversSupport for favorite and forbidden countriesAirVPN broadcast messages supportUser's subscription expiration date is now shown in login/connection informationThe app is now aware of concurrent VPN use. In case another app is granted VPN access, Eddie acts accordingly and releases VPN resourcesOptional local networks access. In such case, local network devices are exempted from the VPN and can be accessed within the local devicesLocalization override. The user can now choose the default language and localization from one of the available onesFavorite and forbidden lists can now be emptied with a single tapVPN Lock can now be disabled or enabled from settingsVPN reconnection in case of unexpected OpenVPN disconnection. (It requires VPN Lock to be disabled)User can now generate an OpenVPN profile for any AirVPN server or country and save it in OpenVPN profile managerDanish, Dutch, simplified Chinese and traditional Chinese localizationNew server scoring algorithm implementing the latest AirVPN balancing factors in order to determine the best server for quick connectionNetwork name and extra information are now shown along with network typeBetter device network status managementBug fixes Changelog: Changelog 2.1 (VC 18) - Release date: 13 March 2019 by ProMIND - [ProMIND] Production release Changelog 2.1 RC 1 (VC 17) - Release date: 8 March 2019 by ProMIND - [NEgiXr] Added Simplified Chinese localization - [NEgiXr] Added Traditional Chinese localization - [anonymous] Added Dutch localization - [ProMIND] Native Library: updated openvpn3, mbedtls, asio, lz4 and boost 1.69.0 from their respective repositories - [ProMIND] Native Library: fine tuning of compilation options in order to avoid TCP crash in arm32 architecture - [ProMIND] Updated default manifest.xml CountryContinent.java - [ProMIND] CountryContinent(): Added support for simplified and traditional chinese EddieApplication.java - [ProMIND] onCreate(): BuildConfig.VERSION_CODE and BuildConfig.VERSION_NAME are now sent to the Log VPNManager.java - [ProMIND] The status of VPN Lock and LAN exclusion are now reported to the log at connection - [ProMIND] In case network connection is MOBILE, LAN exclusion is ignored and forced into the tunnel LogActivity.java - [ProMIND] onCreate(): BuildConfig.VERSION_CODE and BuildConfig.VERSION_NAME are now exported to the Log header - [ProMIND] onCreate(): Settings dump is now exported to the log file MainActivity.java - [ProMIND] It now signals whether the app is in foreground by using SupportTools.setAppIsVisible() NetworkStatusReceiver.java - [ProMIND] Added NetworkType enum - [ProMIND] Added getConnectionType() method to properly determine connection type according to NetworkType enum - [ProMIND] Added a more accurate control in order to avoid duplicate events from BroadcastReceiver PackageChooserActivity.java - [ProMIND] ApplicationListLoader class: Package list is now loaded in a UI Thread SettingsManager.java - [ProMIND] Added dump() method. Returns a complete dump of the current settings SupportTools.java - [ProMIND] Added methods setAppIsVisible() and isAppIsVisible() - [ProMIND] All information dialogs are now shown only in case the app is in foreground Changelog 2.1 beta 2 (VC 16) - Release date: 25 February 2019 by ProMIND NetworkStatusReceiver.java - [ProMIND] networkDescription(): Fixed Android 9 compatibility Eddie for Android 2.1 beta 1 - ChangeLog Changelog 2.1 (VC 15) - Release date: 22 February 2019 by ProMIND - [ProMIND] Fixed minor bugs reported in crash reports - [ProMIND] Added country_menu, whitelist_country_menu and blacklist_country_menu menu resource files - [ProMIND] Added new class OpenVPNProfileDatabase for storing and managing multiple OpenVPN profiles - [staff] Added Danish localization AirVPNServerProvider.java - [ProMIND] getFilteredServerList() now filters server list according to white and black listed countries AirVPNManifest.java - [ProMIND] Added private properties load_factor and users_factor to conform to new manifest.xml layout - [ProMIND] Property speedFactor datatype changed to double - [ProMIND] Added class Message representing Manifest's messages to be shown to the user AirVPNServer.java - [ProMIND] computeServerScore(): score is now computed according to new AirVPNManifest's speedFactor, loadFactor and userFactor - [ProMIND] getOpenVPNProfile() can now generate country profiles AirVPNUser.java - [ProMIND] Added daysToExpiration property to reflect the number of days to AirVPN subscription expiration according to expirationDate property BootVPNActivity.java - [ProMIND] Added new class which replaced and superseeded the old one. It takes care of launching the last connected OpenVPN profile at boot time client.cpp (native library) - [ProMIND] Client::Impl::socket_protect() updated interface according to new OpenVPN3 interface ConnectAirVPNServerFragment.java - [ProMIND] Long press on "favorite" and "forbidden" lists now enables "empty list" context menu - [ProMIND] AirVPN subscription expiration is now shown in network/vpn status dialog box - [ProMIND] AirVPN user name is now shown in network/vpn status dialog box - [ProMIND] CreateGroupList() added support for favorite and forbidden countries management - [ProMIND] Added methods addCountryToFavorites(), removeCountryFromFavorites(), addCountryToForbidden() and removeCountryFromForbidden() - [ProMIND] AirVPNServerExpandableListAdapter class: added support for showing and managing countries views as child items in favorite and forbidden groups - [ProMIND] Added OnItemLongClickListener() to ListView in order to show a message in case item long press and user not logged in to AirVPN - [ProMIND] Added exportToOpenVPNProfiles() for exporting AirVPN OpenVPN profiles in user's profile list ConnectionInfoFragment.java - [ProMIND] Removed showErrorMessage() method. VPN errors are now displayed to txtVpnStatus TextView - [ProMIND] Removed connection error layout. All VPN errors are now sent to the log and displayed to txtVpnStatus TextView - [ProMIND] Class now implements EddieEventListener in order to manage VPN events on its own - [ProMIND] Connection info box now shows OpenVPN profile name in OpenVPN profile connection mode ConnectOpenVpnProfileFragment.java - [ProMIND] Added ListView for stored OpenVPN profiles and made it fully Android TV compliant for dpad navigation - [ProMIND] Added connectDatabaseOpenVPNProfile() for connecting a stored OpenVPN profile connection_sequence.csv - [ProMIND] Set a new connection sequence: second attempt is now TCP,443 instead of UDP,53 (which is now third) CountryContinent.java - [ProMIND] Load country list according to user locale setting EddieBroadcastReceiver.java - [ProMIND] Removed tryRestoreLastProfile(). To start the VPN at boot, this class now starts an intent of BootVPNActivity class EddieEvent.java - [ProMIND] Better concurrency support: events are now synchronized and use a local clone of EddieEventListener ArrayList LogActivity.java - [ProMIND] Added Android Fingerprint to log MainActivity.java - [ProMIND] updateConnectionStatus does not longer propagate VPNManager's events. VPNManager events are now properly managed by EddieEvent class - [ProMIND] Implemented onSaveInstanceState() to save fragments' state - [ProMIND] Implemented onRestoreInstanceState() to restore fragments' state - [ProMIND] onAirVPNManifestChanged() check for manifest's broadcast messages and shows them to the user - [ProMIND] Added setVpnManager() method in order to set vpnManager object in case the VPN is started by an external event, such as BootVPNActivity class - [ProMIND] In case of unexpected OpenVPN disconnection, it retries to reconnect to the VPN when the user has set "VPN reconnection" in settings NetworkStatusReceiver.java - [ProMIND] Added ExtraInfo and SubtypeName to network description OpenVPNTunnel.java - [ProMIND] Changed networkStatusChanged() return type to void - [ProMIND] VPN Lock is now engaged according to "VPN Lock" setting QuickConnectFragment.java - [ProMIND] AirVPN subscription expiration is now shown in network/vpn status box SettingsActivity.java - [ProMIND] Added VPN Lock setting - [ProMIND] Added VPN reconnection setting - [ProMIND] Added custom bootstrap setting - [ProMIND] Added language selection setting - [ProMIND] Added exclude local networks setting SettingsManager.java - [ProMIND] Added methods getAirVPNCountryWhitelist(), setAirVPNCountryWhitelist(), isAirVPNCountryWhitelisted(), getAirVPNCountryBlacklist(), setAirVPNCountryBlacklist(), isAirVPNCountryBlacklisted() - [ProMIND] Added methods isVPNLockEnabled(), setVPNLock() - [ProMIND] Added methods getSystemApplicationLanguage(), setSystemApplicationLanguage() - [ProMIND] Added methods areLocalNetworksExcluded(), setExcludeLocalNetwork() SupportTools.java - [ProMIND] Added method runOnUiActivity() - [ProMIND] Added methods saveXmlDocumentToFile() and loadXmlFileToDocument() to write and read plain XML files - [ProMIND] Added method setLocale() - [ProMIND] RequestAirVPNDocument(): add custom bootstrap servers to the top of server list in case user has set them in settings - [ProMIND] Added methods for IP convertion: IPToLong() and longToIP() VPN.java - [ProMIND] Added CONNECTION_REVOKED_BY_SYSTEM status VPNContext.java - [ProMIND] ensureRoutes(): default routing is now added in case user has not selected local network exclusion VPNManager.java - [ProMIND] onStatusChanged() now conforms to EddieEvent class - [ProMIND] unbindService() does not change VPN status anymore (managed by VPNService) - [ProMIND] start() now checks for network connection and, in case it is not available, activates a pending connection status to be resumed as soon as the network connection becomes available. - [ProMIND] createProfileBundle(): add proper route to OpenVPN profile for local network exclusion VPNManagerListener.java - [ProMIND] Class deleted. Event moved to EddieEvent.java VPNService.java - [ProMIND] Added MSG_REVOKE property to notify client (VPNMaganer) in case of system revocation - [ProMIND] Removed Status enumerator. The class now conforms to VPN.Status enumerator - [ProMIND] Removed redundant members vpnStatus and vpnLastError as they are managed by VPN class For Changelog of older versions, please consult the proper announcement or check directly GitLab. Kind regards and datalove AirVPN Staff

Hello and thank you! Not reproducible. We have intensified our tests to check, still it's not reproducible. If something relevant comes out we will of course act accordingly to fix it. In the meantime, you might like to send us your Eddie log showing the issue. Again not reproducible. Same as above, and we will also make more thorough tests. Waiting for your log as well, as usual, when you have time to send them. Again not reproducible, if you catch it again... log! We can't see wtf.jpg, can you please check and re-post please? Not reproducible in OpenVPN for Android, but it's not relevant as it is not into our scope, so let's discard it in this thread. The Master Password has the purpose to encrypt your sensitive data locally. Nothing on the web site can accomplish the same purpose. It's a precise design choice, according to which security of your keys and login credentials has the priority on a mobile device. Then it would not be useful anymore and not a Master Password. This is a problem which affects Eddie desktop editions, but a desktop system is less likely to be stolen or forgotten somewhere (although laptops might). Anyway, adding security to Eddie desktop edition is a priority as well: we are working with such aim in mind. About Eddie Android edition, the alternative would be simply offering the option to disable the Master Password. We must think carefully about it because we could cause a storm of negative feedbacks, given the requirements of Air VPN users who are security minded. Anyway, please consider that if you want to clone OpenVPN for Android behavior with profiles and keep them unencrypted you can do that with Eddie. You can even generate a profile from the settings, without the Configuration Generator, when you use Eddie with AirVPN. In this way you will have your local data exposed in clear text according to your wishes. Kind regards

Hello! You can safely ignore the warning at the moment. The transition between "comp-lzo" and "compress" is not trivial since the directives (if nothing changes in OpenVPN design) will be mutually incompatible between different OpenVPN versions. Please check here: https://airvpn.org/topic/26051-config-generator-using-deprecated-openvpn-commands/ Kind regards

Hello! Wireguard currently supports only UDP so it's a no go at the moment, at least on those networks which severely shape or block UDP. (common practice in China as well as on many mobile providers all over the world). Since 2010 OpenVPN over SSL to port 443 and more recently OpenVPN with tls-crypt in TCP (OpenVPN 2.4 or higher version is required) are the best ways to bypass blocks. Kind regards

Thanks for the response, hopefully the update solves it. I presume I have to sideload this version onto the firestick? Hello! Yes, we're sorry. Unlike Google Play Store, Amazon Appstore does not have a beta testing program/section for the apps. Kind regards

Hello! Please see here, so you can have a complete overview: https://airvpn.org/topic/14378-how-can-i-get-vpn-servers-entry-ip-addresses Kind regards

Hello! We're very glad to inform you that a new 1 Gbit/s server located in Manchester, UK, is available: Westerlund. The AirVPN client will show automatically the new server. If you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP. Just like every other "second generation" Air server, Wsterlund supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the server status as usual in our real time servers monitor: https://airvpn.org/servers/westerlund Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

Hello! 91.207.102.162 is Alamak entry-IP address 1. 91.207.102.165 is Alamak entry-IP address 3. Entry-IP address 3 enforces tls-crypt and TLS 1.2 and is the favorite choice of Eddie when it can count on OpenVPN 2.4 or higher version. If Eddie can count on OpenVPN versions older than 2.4 (which do not support tls-crypt) then it will pick entry-IP address 1 to keep compatibility. Kind regards

Hello! We have detected a problem between our compilation optimizations of the asio library and ARM 32 bit based systems which may lead to crashes. Your Firestick is based on an ARM 32 bit processor. While applications forced kill is unavoidable (forced by Android) when memory is insufficient, you can test Eddie 2.1 RC 1, which fixes the issue with 32 bit systems. So, you should test Eddie 2.1 RC 1, and at the same time you need to make sure to not run out of memory. Check here: https://airvpn.org/topic/32237-eddie-android-edition-21-beta-released Please keep us posted. Kind regards

Hello! Eddie 2.1 RC 1 is now out. Please check the first post in this thread for full information. https://airvpn.org/topic/32237-eddie-android-edition-21-beta-released Please do not hesitate to send us your feedback. Kind regards

Hello! Yes, that's totally correct. Please note that it's not OpenVPN fault, but Office's. There's really no logic in the world to declare that there's no Internet connection and refuse to proceed sending/receiving data when any virtual network interface does not include a gateway which is superfluous. On top of that, it's a system task, not an application job, and actually the system exchanges data to/from the VPN with no issues. It can be considered an Office 365 critical bug. Kind regards

Hello! Can you please send us Eddie log entries reporting system information (first entries on the top)? Kind regards @amazake and all the readers: We managed to isolate the problems. It is caused by optimizations of the asio library during compilation of the software. The optimizations cause crashes in systems based on ARM 32 bit processors when OpenVPN works in TCP. A fix has been implemented and you will be able to see it in Eddie 2.1 beta 3, whose release is imminent. Users with ARM 64 bit systems are not affected. Kind regards

Hello! Currently it's not planned, we're sorry, because we can't rely on ICMP on mobile networks. Even when ICMP is not blocked the round trip time may be too high on 3G and 4G networks. Considering 100 ms (which is optimistic in mobility on average) and only two pings per server, a full computation would take 45 seconds. By considering 300 ms (not uncommon in 2G and some 3G networks) the total time skyrockets to 2 minutes and 15 seconds, making Eddie usage very uncomfortable. On top of that, only two pings in mobile networks may provide biased outcome. Additionally, ICMP may be de-prioritized on mobile networks when a big amount of pings are sent out by a single node in a short time frame, making this method even more unreliable. And when ICMP is blocked, waiting for the timeouts would make Eddie usage prohibitive. Thanks to ipleak.net and close relationship between countries connectivity, Eddie for Android provides a very robust and more reliable alternative to help you pick a good server. Kind regards

Hello! Netflix access (for streaming purposes) requires IP addresses assigned to residential ISPs of that country. At the moment we can use IP addresses belonging to residential ISPs only in the USA. Anyway the USA catalog is the richest one, and you can access your country content in your favorite language even in Netflix USA. Kind regards

Hello! Can you please send us Eddie log entries reporting system information (first entries on the top)? Kind regards

Hello! Can you please send us Eddie log taken just after the problem has occurred? In the "Log" view you have a "share" icon. You can send the log on a ticket. Thank you! Kind regards

Hello! That means that Android restarts the app. It is possible that the issue is related to ARM32, we are investigating, but for sure we have detected problems between asio library and ARM32 processors. Can you confirm that your device is based on some ARM 32 bit processor? Kind regards

Hello!To allow access to Prime Video from any Air VPN server (same thing for Netflix USA and Hulu). Your packets are hopped to nodes with IP addresses belonging to residential US ISPs. We are investigating. First step, we need to reproduce the problem. Currently we are unable to do it. Can you reproduce the issue regularly on specific servers? Kind regards

Hello! It's an old golden rule to make correlated wiretapping more difficult. The idea is that a criminal organization, or even some governmental agency, need more work to simultaneously wiretap your line and a node you connect to, when your line and the node are in different countries and different jurisdictions. Quite obvious if you start thinking about it. Kind regards

@NetShadow Hello! With BSD or Linux you can achieve the same purposes with more efficiency (theoretically, without graphic overehead, 512 MB are enough) and you stay in a more secure environment which you really control. Think about it. Being worried about NSA willing to make us incredibly rich while you use Windows is somehow hilarious. We wrote that Windows does not support multiple routing tables, which is a quite different thing. We don't know whether something changed in "Server" editions, but this shameful limitation (as incredible as it may sound) persists in desktop editions. It is different than handling multiple network interfaces, which is a feature supported by most systems since the 70ies, or multiple gateways, which is a common feature since when TCP/IP started to spread out. We don't agree and we want to make clear, for the readers, that we consider such claims very dangerous as well as misleading. Claiming any "awesome security" based on anything coming from a closed source system which has undocumented parts and which has proved in history to be developed over a questionable design must be avoided. Kind regards

Hello! As Windows does not support multiple routing tables, there is no trivial method to have multiple VPN connections in a way that each one is unique to each user, we are sorry. You have a global routing table which must be shared by all users and even if you consider to have multiple tun interfaces and multiple gateways (possible with Windows), you will need to face a lot of problems. If some advanced user can see a solution, any feedback will be welcome. Kind regards

Hello! Eddie Android edition is an original project by AirVPN, currently developed by ProMIND. In the "Information" > "Libraries" view, you find the various libraries which Eddie relies on: OpenVPN, mbed TLS, LZO, LZ4, boost, asio and breakpad. You don't need to update anything but Eddie itself. Kind regards

Hello! Have you also tested connections to port 443 of entry-IP address 3, in TCP? If so, can you please report back? Connections to entry-IP address 3 feature "tls-crypt", which encrypts the whole OpenVPN Control Channel, making OpenVPN fingerprint no more detectable (not even by DPI). OpenVPN 2.4 or higher version is required. Kind regards

Hello! A plausible explanation is that some AOL IP address "geo-location" database has been compiled to wrongly have Gliese exit-IP address in Germany. Kind regards