Staff

Hello! This message pertains ONLY Windows + Kaspersky users. If you are a Kaspersky user and you're experiencing low performance and similar issues with any VPN connection (AirVPN or any other) please read here: https://airvpn.org/topic/22207-kaspersky-users-read-here Kind regards AirVPN Staff

EDIT: in light of the news about Kaspersky Patch D, this message can be ignored for the rest of the thread. It pertains to a different Kaspersky problem which causes similar symptoms, but that's nowadays probably totally unrelated to the problem discussed in this thread caused by Patch D of Kaspersky. The solution that's described below applies to markoomg and Gary Ashton's problem and probably not to the other users in this thread. Just for the readers' comfort, from the ticket we see that markoomg problems has been solved. It was caused by a Kaspersky feature, an injection of a javascript script in every web site page performed by Kaspersky itself. This potentially catastrophic security problem has been noted since 2015. See here for example: http://blog.oratronik.org/?p=457 https://www.reddit.com/r/privacy/comments/3frjqw/psa_kaspersky_injects_remote_javascript_into_all/ However, we ignore why only now this has become a problem in browsing. We have an abnormally high amount of tickets about the very same problem, all of them caused by Kaspersky, and all of them written in the last 24/48 hours (nothing before that, so the question is: did something change in Kaspersky default settings?). Kind regards

Then you would need a Master Password to decrypt the normal password, so what is the purpose? Just do not tick "Remember" and the password will not be written at all in the xml file fulfilling your request in an equivalent (or even better) way. A different approach would be encrypting the whole AirVPN.xml file, This could make some sense actually, probably we will discuss in the future about this option. Kind regards

Quite the opposite, it's a good idea. Without remote port forwarding your torrent software can't be contacted. It can only actively initiate connections toward some client which allows incoming connections, therefore performance is impaired and initial seeding is impossible. If all peers in a swarm did not accept incoming connections torrenting would not work at all in that swarm. Kind regards

Hello! We're very glad to inform you that a new Eddie Air client version has been released:2.12.4. Eddie 2.12 includes important bug fixes and many changes meeting users' requests and preferences. Furthermore, some parts have been rewritten to make handling of additional commodities more efficient. For example, curl is now used for any HTTP and HTTPS request, and stunnel "verify" parameter has been again set to 0, to increase likelihood to "bypass" restrictive proxy/firewalls in "OpenVPN over SSL" mode, referring the whole security layer to OpenVPN. 2.12 version is compatible with several Linux distributions. For very important notes about environments, please read here: https://airvpn.org/forum/35-client-software-platforms-environments Please read the changelog: https://airvpn.org/services/changelog.php?software=client&format=html Upgrade is strongly recommended. Just like previous versions, Eddie implements direct Tor support for OpenVPN over Tor connections. Eddie makes OpenVPN over Tor easily available to Linux and OS X users: no needs for Virtual Machines, middle boxes or other special configurations. Windows users will find a more friendly approach as well. This mode is not handled anymore as a generic connection to a socks proxy, but it is specifically designed for Tor and therefore solves multiple issues, especially in Linux and OS X, including the "infinite routing loop" problem (see for example http://tor.stackexchange.com/questions/1232/me-tor-vpn-how/1235#1235 ) As far as we know, Eddie is the first and currently the only OpenVPN wrapper/frontend that natively allows OpenVPN over Tor connections for multiple Operating Systems. https://airvpn.org/tor We recommend that you upgrade Eddie as soon as possible. Eddie 2.12 for GNU Linux can be downloaded here: https://airvpn.org/linux Eddie 2.12 for Windows can be downloaded here: https://airvpn.org/windows Eddie 2.12 for OS X Mavericks, Yosemite, El Capitan and macOS Sierra can be downloaded here: https://airvpn.org/macosx PLEASE NOTE: Eddie 2.12 package includes an OpenVPN version re-compiled by us from OpenVPN 2.4 source code with OpenSSL 1.0.2k for security reasons and to fix this bug: https://community.openvpn.net/openvpn/ticket/328 Eddie overview is available here: https://airvpn.org/software Eddie includes a Network Lock feature: https://airvpn.org/faq/software_lock Eddie 2.12.x is free and open source software released under GPLv3. GitHub repository https://github.com/AirVPN/airvpn-client Kind regards & datalove AirVPN Staff

Hello, watch out, your server is misconfigured, here: . 2017.03.13 15:47:36 - OpenVPN > Option 'explicit-exit-notify' in [PUSH-OPTIONS]:1 is ignored by previous blocks Here: . 2017.03.13 15:48:29 - OpenVPN > WARNING: INSECURE cipher with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC). and finally you are not authorized to access it: . 2017.03.13 15:48:37 - OpenVPN > AUTH: Received control message: AUTH_FAILED,LICENSE: Access Server license failure: maximum concurrent_connections exceeded (2) Kind regards

Actually not, the problem seems to lie with the tun/tap interface. Please follow LZ1 recommendations, including the suggestion to set the adapter to "Always connected", to fix and test again. Kind regards

Version 2.12.4 (Sun, 12 Mar 2017 19:39:02 +0000) [new] macOS - DMG disk installer flavor[change] Sorting by location now consider also the country[change] Linux - cacert.pem in /usr/share/AirVPN in .deb/.rpm edition[new] Automatically add OpenVPN generic provider if /ovpn directory exists[change] stunnel 'verify' new default value[new] CLI "--version" and "--version.short" commands[bugfix] macOS - Logging on file checkbox[bugfix] macOS - PKG installer version

Hello, fixed in 2.12. To download latest beta version please see here: https://airvpn.org/topic/22016-eddie-212beta-released/ Kind regards

Eddie has nothing to do with it. After having installed the tun/tap driver and checked that it's there, Eddie does not use it. The tun/tap interface is used by OpenVPN. Kind regards

Why do you think that a connection to a VPN should be hidden to a final service? A couple of thoughts to start an intriguing discussion, if you wish so. If a final service discriminates against Tor and "consumers VPN with a gateway to the Internet" it may mean that it has some interest in infringing human rights (privacy is one of the most fundamental rights) for some reason, for example exploiting you as a product by selling your personal data or even for more sinister aims. If the final service does that to mitigate frauds, it's its right, and it means that it considers you a criminal just because you care to effectively exercise your fundamental right. On top of all of the above, whatever the reason is, a service that acts like that is an active enemy of the Internet, because it happily violates the founding and critical end-to-end connectivity principle. Kind regards

OpenVPN can not be updated in the XP package, because it can't run anymore in Windows XP. We are dropping support to Windows XP which has been abandoned (lmainstream support ended in 2009, extended support ended in 2014). Kind regards

Hello, can you please check (just in case...) whether it starts minimized? Look for the tray icon (a tiny cloud in a circle) on the right side of your top Desktop bar. If it's there, Eddie is running, try to click the tray icon and select "Show Main Window" (i.e. just like you do to bring up a window of a minimized application). If it's not there, please try to run Eddie from a terminal ("sudo airvpn -cli") and report back the output at your convenience. See also https://airvpn.org/topic/11541-command-line-edition-and-syntax/ Kind regards

Hi! We're glad to know that the problem is solved. This is not an Eddie bug and never was in OS X or macOS. In Windows, Eddie 2.10.3 or older version had a bug for which the original DNS settings of a network interface missing one or both DNS settings could be not restored under certain circumstances, but it was fixed in 2.11. When the system is shut down without closing first Eddie, or in any case when Eddie is killed without grace, it can't of course restore settings, but this not a bug (no program can do anything when killed without grace). However Eddie keeps a safety backup and it will restore such settings at the next run/shut down cycle. Kind regards

Hello! We will be working on it, in the meantime follow the "News and Announcement" forum. An RSS feed is available. On that forum new topics are posted only by Air staff, so you can safely subscribe: the traffic is minimal. Kind regards

Hello! Of course, that's a very important feature of our servers monitor. Click on a server name and watch the various stats and graphs over time. Change the time resolution for every and each graph between 1 day, 1 week, 1 month and 1 year. Kind regards

Hello! Thank you, the feature you recommended will be available on the next (2.12.4) Eddie version. Kind regards

Hello! Let's underline that performance in the VPN has nothing to do with Eddie, while the handshake time is due to two factors: OpenVPN TLS handshake and key negotiation, and then Eddie testing routes and DNS. This second part has been greatly improved but it can actually be slower of some seconds. Since it is a procedure which occurs only once per connection it is inessential to discuss about it but you may disable both route and DNS check if you keep Network Lock enabled, because if the tunneling does not occur you will realize the issue anyway with Network Lock. Finally, a slightly lower TLS handshake speed can occur while we replace SHA1 signed certificates with SHA512 signed certificates, but this time difference is really minimal. Kind regard

Definitely, yes. Furthermore, in addition to the partition of trust (which by itself hugely strengthen the anonymity layer) Tor will not break a previous stream when establishing a new circuit, which makes the whole process "transparent" while each time you switch VPN server all the previous connections are lost, with a lot of inconveniences. Kind regards

Hi, what do you mean? Eddie talks with OpenVPN management. "killall openvpn" and Eddie will re-run OpenVPN and order it to connect to a server (in the white list if defined) in just a few seconds. However "killall openvpn" in your crontab every x minutes does not guarantee that Eddie will connect to a different server. Some custom directives are needed for this (remote-random and a series of remote entries in "AirVPN" > "Preferences" > "OVPN Directives"). About the original question @matrix_sec, you need to consider that every time you change VPN your connections will be reset. Kind regards

Hello! Top users speed range from 166 to 100 Mbit/s at the moment of this writing. Remember that guaranteed allocated bandwidth per client is 8 Mbit/s according to the Terms of Service and that 166 Mbit/s for the client translates into 166*2=332 Mbit/s on the server. Even 60 Mbit/s (i.e. 120 Mbit/s on the server) is a good performance in our infrastructure. We are very clear in our Terms of Service and in spite of them we provide great redundancy. We can't do anything else to make things clearer. Even if apparently you still fail to get it, we really can't do anything else to make things clearer. Kind regards

Version 2.12.3 (Sat, 04 Mar 2017 00:00:31 +0000) [bugfix] Windows - Error "Bad Access"[change] Windows - Better tooltip

Hello! All curl related errors seem to provide the same pattern: curl returns 'Bad Access' or 'Operation timed out after 10002 milliseconds with 0 bytes received'. This is not reproducible in any OS of our labs, we are still investigating the issue. In a Windows 10 machine with Comodo Firewall, Comodo prompts about allowing 'curl' process, and if we reply 'No' Eddie throws a similar error. In the meantime to those who have this kind of issue: please disable temporarily your firewall to understand at least if it's some packet filtering tool that blocks curl or it's a totally different issue. Kind regards

Eddie virtual RAM fingerprint is maximum 110 MB, not 5 GB (!). Please see and/or continue here https://airvpn.org/topic/21611-high-ram-usage-and-disk-io/ Kind regards