Staff

Hello!
 
We're glad to inform you that from now on:
 
every account can establish 3 simultaneous connections to DIFFERENT AirVPN servers
 
EDIT 29-Nov-17. This thread is obsolete, now limit of concurrent connections is FIVE. Please see https://airvpn.org/topic/24167-five-simultaneous-connections-per-account/
 
 
No impact on quality of service will occur: the guaranteed allocated bandwidth pertains to accounts, regardless of the number of established connections. If you establish 2 or 3 connections with the same account, we guarantee the SAME allocated bandwidth as before, NOT the double or the triple of it.
 
No price increase has been planned for this new feature.
 
As specified above, you can NOT connect the same account twice or thrice to the same AirVPN server. Each connection must go to a different AirVPN server.
 
We're confident that allowing 3 connections per account at the same price will meet fully the requirements expressed by several customers.
 
Please do not hesitate to contact us for any further information.
 
Kind regards & datalove
AirVPN Staff

Hello!
 
We're glad to inform you that in a short time we'll release an Air client version supporting connections of OpenVPN over SSL/SSH.
 
Kind regards

Hello!
 
We're glad to inform you that from now on:
 
every account can establish 3 simultaneous connections to DIFFERENT AirVPN servers
 
EDIT 29-Nov-17. This thread is obsolete, now limit of concurrent connections is FIVE. Please see https://airvpn.org/topic/24167-five-simultaneous-connections-per-account/
 
 
No impact on quality of service will occur: the guaranteed allocated bandwidth pertains to accounts, regardless of the number of established connections. If you establish 2 or 3 connections with the same account, we guarantee the SAME allocated bandwidth as before, NOT the double or the triple of it.
 
No price increase has been planned for this new feature.
 
As specified above, you can NOT connect the same account twice or thrice to the same AirVPN server. Each connection must go to a different AirVPN server.
 
We're confident that allowing 3 connections per account at the same price will meet fully the requirements expressed by several customers.
 
Please do not hesitate to contact us for any further information.
 
Kind regards & datalove
AirVPN Staff

Hello!
 
We're glad to inform you that upgrade completed successfully!
 
Kind regards

Hello!
 
We're glad to inform you that from now on:
 
every account can establish 3 simultaneous connections to DIFFERENT AirVPN servers
 
EDIT 29-Nov-17. This thread is obsolete, now limit of concurrent connections is FIVE. Please see https://airvpn.org/topic/24167-five-simultaneous-connections-per-account/
 
 
No impact on quality of service will occur: the guaranteed allocated bandwidth pertains to accounts, regardless of the number of established connections. If you establish 2 or 3 connections with the same account, we guarantee the SAME allocated bandwidth as before, NOT the double or the triple of it.
 
No price increase has been planned for this new feature.
 
As specified above, you can NOT connect the same account twice or thrice to the same AirVPN server. Each connection must go to a different AirVPN server.
 
We're confident that allowing 3 connections per account at the same price will meet fully the requirements expressed by several customers.
 
Please do not hesitate to contact us for any further information.
 
Kind regards & datalove
AirVPN Staff

Hello!
 
We're glad to inform you that from now on:
 
every account can establish 3 simultaneous connections to DIFFERENT AirVPN servers
 
EDIT 29-Nov-17. This thread is obsolete, now limit of concurrent connections is FIVE. Please see https://airvpn.org/topic/24167-five-simultaneous-connections-per-account/
 
 
No impact on quality of service will occur: the guaranteed allocated bandwidth pertains to accounts, regardless of the number of established connections. If you establish 2 or 3 connections with the same account, we guarantee the SAME allocated bandwidth as before, NOT the double or the triple of it.
 
No price increase has been planned for this new feature.
 
As specified above, you can NOT connect the same account twice or thrice to the same AirVPN server. Each connection must go to a different AirVPN server.
 
We're confident that allowing 3 connections per account at the same price will meet fully the requirements expressed by several customers.
 
Please do not hesitate to contact us for any further information.
 
Kind regards & datalove
AirVPN Staff

Hello!
 
We're glad to inform you that upgrade completed successfully!
 
Kind regards

UPGRADE COMPLETED SUCCESSFULLY
 
Hello!

We're glad to inform you that a major system upgrade will take place during Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC
This upgrade has a triple, important purpose: close any possible exploitation chance, regardless of how unlikely it could be, deriving from past "Heartbleed" vulnerability, bring AirVPN in an even higher security environment and open the road for an important new feature of the service: 3 simultaneous connections per account on different servers (details will be provided soon after the major upgrade which takes precedence).

The upgrade in details
switch to 4096 bit size RSA and DH keys implementation of additional OpenVPN TLS-Auth layer re-generation of certificates and keys general optimization During the upgrade all the VPN clients will be forcefully disconnected and will not be able to reconnect. The upgrade will take approximately 30 minutes.

Disconnections will occur on all servers from-to:
Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC

that is:

Sunday, 13 April 2014, 14:00:00 - Sunday, 13 April 2014, 15:00:00 PDT
Sunday, 13 April 2014, 16:00:00 - Sunday, 13 April 2014, 17:00:00 CDT
Sunday, 13 April 2014, 17:00:00 - Sunday, 13 April 2014, 18:00:00 EDT
Sunday, 13 April 2014, 23:00:00 - Monday, 14 April 2014, 00:00:00 CEST
Monday, 14 April 2014, 06:00:00 - Monday, 14 April 2014, 07:00:00 JST

Click here to find your town: http://www.timeanddate.com/worldclock/fixedtime.html?msg=Switch+to+4096+bit+size+keys&iso=20140413T23&p1=215&ah=1

Mandatory actions

After the upgrade, customers running the Air client for Windows will need to shut down and restart the Air client. It is assumed that customers have already downloaded the new package for Windows which includes OpenVPN with non-vulnerable OpenSSL, available here https://airvpn.org/windows and installed the new OpenVPN version.

Customers running any other OpenVPN wrapper or OpenVPN will need to re-download configuration, certificates and keys files.

Additional information for customers running manually configured wrappers:
the "TLS-Cipher" or equivalent name in your configuration becomes: TLS-DHE-RSA-WITH-AES-256-CBC-SHA in Tomato, DD-WRT, pfSense, Fritz!Box etc., the client certificate, the server certificate, the client key and the TLS key must be pasted again (after they have been generated and downloaded from the Configuration Generator as usual) in the appropriate fields of your configuration Please do not hesitate to contact us for any further information.

Kind regards
AirVPN Staff

UPGRADE COMPLETED SUCCESSFULLY
 
Hello!

We're glad to inform you that a major system upgrade will take place during Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC
This upgrade has a triple, important purpose: close any possible exploitation chance, regardless of how unlikely it could be, deriving from past "Heartbleed" vulnerability, bring AirVPN in an even higher security environment and open the road for an important new feature of the service: 3 simultaneous connections per account on different servers (details will be provided soon after the major upgrade which takes precedence).

The upgrade in details
switch to 4096 bit size RSA and DH keys implementation of additional OpenVPN TLS-Auth layer re-generation of certificates and keys general optimization During the upgrade all the VPN clients will be forcefully disconnected and will not be able to reconnect. The upgrade will take approximately 30 minutes.

Disconnections will occur on all servers from-to:
Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC

that is:

Sunday, 13 April 2014, 14:00:00 - Sunday, 13 April 2014, 15:00:00 PDT
Sunday, 13 April 2014, 16:00:00 - Sunday, 13 April 2014, 17:00:00 CDT
Sunday, 13 April 2014, 17:00:00 - Sunday, 13 April 2014, 18:00:00 EDT
Sunday, 13 April 2014, 23:00:00 - Monday, 14 April 2014, 00:00:00 CEST
Monday, 14 April 2014, 06:00:00 - Monday, 14 April 2014, 07:00:00 JST

Click here to find your town: http://www.timeanddate.com/worldclock/fixedtime.html?msg=Switch+to+4096+bit+size+keys&iso=20140413T23&p1=215&ah=1

Mandatory actions

After the upgrade, customers running the Air client for Windows will need to shut down and restart the Air client. It is assumed that customers have already downloaded the new package for Windows which includes OpenVPN with non-vulnerable OpenSSL, available here https://airvpn.org/windows and installed the new OpenVPN version.

Customers running any other OpenVPN wrapper or OpenVPN will need to re-download configuration, certificates and keys files.

Additional information for customers running manually configured wrappers:
the "TLS-Cipher" or equivalent name in your configuration becomes: TLS-DHE-RSA-WITH-AES-256-CBC-SHA in Tomato, DD-WRT, pfSense, Fritz!Box etc., the client certificate, the server certificate, the client key and the TLS key must be pasted again (after they have been generated and downloaded from the Configuration Generator as usual) in the appropriate fields of your configuration Please do not hesitate to contact us for any further information.

Kind regards
AirVPN Staff

UPGRADE COMPLETED SUCCESSFULLY
 
Hello!

We're glad to inform you that a major system upgrade will take place during Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC
This upgrade has a triple, important purpose: close any possible exploitation chance, regardless of how unlikely it could be, deriving from past "Heartbleed" vulnerability, bring AirVPN in an even higher security environment and open the road for an important new feature of the service: 3 simultaneous connections per account on different servers (details will be provided soon after the major upgrade which takes precedence).

The upgrade in details
switch to 4096 bit size RSA and DH keys implementation of additional OpenVPN TLS-Auth layer re-generation of certificates and keys general optimization During the upgrade all the VPN clients will be forcefully disconnected and will not be able to reconnect. The upgrade will take approximately 30 minutes.

Disconnections will occur on all servers from-to:
Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC

that is:

Sunday, 13 April 2014, 14:00:00 - Sunday, 13 April 2014, 15:00:00 PDT
Sunday, 13 April 2014, 16:00:00 - Sunday, 13 April 2014, 17:00:00 CDT
Sunday, 13 April 2014, 17:00:00 - Sunday, 13 April 2014, 18:00:00 EDT
Sunday, 13 April 2014, 23:00:00 - Monday, 14 April 2014, 00:00:00 CEST
Monday, 14 April 2014, 06:00:00 - Monday, 14 April 2014, 07:00:00 JST

Click here to find your town: http://www.timeanddate.com/worldclock/fixedtime.html?msg=Switch+to+4096+bit+size+keys&iso=20140413T23&p1=215&ah=1

Mandatory actions

After the upgrade, customers running the Air client for Windows will need to shut down and restart the Air client. It is assumed that customers have already downloaded the new package for Windows which includes OpenVPN with non-vulnerable OpenSSL, available here https://airvpn.org/windows and installed the new OpenVPN version.

Customers running any other OpenVPN wrapper or OpenVPN will need to re-download configuration, certificates and keys files.

Additional information for customers running manually configured wrappers:
the "TLS-Cipher" or equivalent name in your configuration becomes: TLS-DHE-RSA-WITH-AES-256-CBC-SHA in Tomato, DD-WRT, pfSense, Fritz!Box etc., the client certificate, the server certificate, the client key and the TLS key must be pasted again (after they have been generated and downloaded from the Configuration Generator as usual) in the appropriate fields of your configuration Please do not hesitate to contact us for any further information.

Kind regards
AirVPN Staff

UPGRADE COMPLETED SUCCESSFULLY
 
Hello!

We're glad to inform you that a major system upgrade will take place during Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC
This upgrade has a triple, important purpose: close any possible exploitation chance, regardless of how unlikely it could be, deriving from past "Heartbleed" vulnerability, bring AirVPN in an even higher security environment and open the road for an important new feature of the service: 3 simultaneous connections per account on different servers (details will be provided soon after the major upgrade which takes precedence).

The upgrade in details
switch to 4096 bit size RSA and DH keys implementation of additional OpenVPN TLS-Auth layer re-generation of certificates and keys general optimization During the upgrade all the VPN clients will be forcefully disconnected and will not be able to reconnect. The upgrade will take approximately 30 minutes.

Disconnections will occur on all servers from-to:
Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC

that is:

Sunday, 13 April 2014, 14:00:00 - Sunday, 13 April 2014, 15:00:00 PDT
Sunday, 13 April 2014, 16:00:00 - Sunday, 13 April 2014, 17:00:00 CDT
Sunday, 13 April 2014, 17:00:00 - Sunday, 13 April 2014, 18:00:00 EDT
Sunday, 13 April 2014, 23:00:00 - Monday, 14 April 2014, 00:00:00 CEST
Monday, 14 April 2014, 06:00:00 - Monday, 14 April 2014, 07:00:00 JST

Click here to find your town: http://www.timeanddate.com/worldclock/fixedtime.html?msg=Switch+to+4096+bit+size+keys&iso=20140413T23&p1=215&ah=1

Mandatory actions

After the upgrade, customers running the Air client for Windows will need to shut down and restart the Air client. It is assumed that customers have already downloaded the new package for Windows which includes OpenVPN with non-vulnerable OpenSSL, available here https://airvpn.org/windows and installed the new OpenVPN version.

Customers running any other OpenVPN wrapper or OpenVPN will need to re-download configuration, certificates and keys files.

Additional information for customers running manually configured wrappers:
the "TLS-Cipher" or equivalent name in your configuration becomes: TLS-DHE-RSA-WITH-AES-256-CBC-SHA in Tomato, DD-WRT, pfSense, Fritz!Box etc., the client certificate, the server certificate, the client key and the TLS key must be pasted again (after they have been generated and downloaded from the Configuration Generator as usual) in the appropriate fields of your configuration Please do not hesitate to contact us for any further information.

Kind regards
AirVPN Staff

Hello!
 
2048 bit keys, currently.
 
 
 
So what...? The Control Channel cipher is HMAC SHA1, not SHA1. SHA1 is the underlying hash verification. Deprecation has nothing to do with it. It is well known that SHA1 should never be used as a security cipher and OpenVPN does not use it. In HMAC SHA1 we don't even have to care at all about SHA1 hash collisions. In order to inject forged packets in your traffic flow, an attacker should first break every single upper layer, starting from HMAC which is extremely robust, and THEN try hash collisions.
 
Kind regards

UPGRADE COMPLETED SUCCESSFULLY
 
Hello!

We're glad to inform you that a major system upgrade will take place during Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC
This upgrade has a triple, important purpose: close any possible exploitation chance, regardless of how unlikely it could be, deriving from past "Heartbleed" vulnerability, bring AirVPN in an even higher security environment and open the road for an important new feature of the service: 3 simultaneous connections per account on different servers (details will be provided soon after the major upgrade which takes precedence).

The upgrade in details
switch to 4096 bit size RSA and DH keys implementation of additional OpenVPN TLS-Auth layer re-generation of certificates and keys general optimization During the upgrade all the VPN clients will be forcefully disconnected and will not be able to reconnect. The upgrade will take approximately 30 minutes.

Disconnections will occur on all servers from-to:
Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC

that is:

Sunday, 13 April 2014, 14:00:00 - Sunday, 13 April 2014, 15:00:00 PDT
Sunday, 13 April 2014, 16:00:00 - Sunday, 13 April 2014, 17:00:00 CDT
Sunday, 13 April 2014, 17:00:00 - Sunday, 13 April 2014, 18:00:00 EDT
Sunday, 13 April 2014, 23:00:00 - Monday, 14 April 2014, 00:00:00 CEST
Monday, 14 April 2014, 06:00:00 - Monday, 14 April 2014, 07:00:00 JST

Click here to find your town: http://www.timeanddate.com/worldclock/fixedtime.html?msg=Switch+to+4096+bit+size+keys&iso=20140413T23&p1=215&ah=1

Mandatory actions

After the upgrade, customers running the Air client for Windows will need to shut down and restart the Air client. It is assumed that customers have already downloaded the new package for Windows which includes OpenVPN with non-vulnerable OpenSSL, available here https://airvpn.org/windows and installed the new OpenVPN version.

Customers running any other OpenVPN wrapper or OpenVPN will need to re-download configuration, certificates and keys files.

Additional information for customers running manually configured wrappers:
the "TLS-Cipher" or equivalent name in your configuration becomes: TLS-DHE-RSA-WITH-AES-256-CBC-SHA in Tomato, DD-WRT, pfSense, Fritz!Box etc., the client certificate, the server certificate, the client key and the TLS key must be pasted again (after they have been generated and downloaded from the Configuration Generator as usual) in the appropriate fields of your configuration Please do not hesitate to contact us for any further information.

Kind regards
AirVPN Staff

UPGRADE COMPLETED SUCCESSFULLY
 
Hello!

We're glad to inform you that a major system upgrade will take place during Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC
This upgrade has a triple, important purpose: close any possible exploitation chance, regardless of how unlikely it could be, deriving from past "Heartbleed" vulnerability, bring AirVPN in an even higher security environment and open the road for an important new feature of the service: 3 simultaneous connections per account on different servers (details will be provided soon after the major upgrade which takes precedence).

The upgrade in details
switch to 4096 bit size RSA and DH keys implementation of additional OpenVPN TLS-Auth layer re-generation of certificates and keys general optimization During the upgrade all the VPN clients will be forcefully disconnected and will not be able to reconnect. The upgrade will take approximately 30 minutes.

Disconnections will occur on all servers from-to:
Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC

that is:

Sunday, 13 April 2014, 14:00:00 - Sunday, 13 April 2014, 15:00:00 PDT
Sunday, 13 April 2014, 16:00:00 - Sunday, 13 April 2014, 17:00:00 CDT
Sunday, 13 April 2014, 17:00:00 - Sunday, 13 April 2014, 18:00:00 EDT
Sunday, 13 April 2014, 23:00:00 - Monday, 14 April 2014, 00:00:00 CEST
Monday, 14 April 2014, 06:00:00 - Monday, 14 April 2014, 07:00:00 JST

Click here to find your town: http://www.timeanddate.com/worldclock/fixedtime.html?msg=Switch+to+4096+bit+size+keys&iso=20140413T23&p1=215&ah=1

Mandatory actions

After the upgrade, customers running the Air client for Windows will need to shut down and restart the Air client. It is assumed that customers have already downloaded the new package for Windows which includes OpenVPN with non-vulnerable OpenSSL, available here https://airvpn.org/windows and installed the new OpenVPN version.

Customers running any other OpenVPN wrapper or OpenVPN will need to re-download configuration, certificates and keys files.

Additional information for customers running manually configured wrappers:
the "TLS-Cipher" or equivalent name in your configuration becomes: TLS-DHE-RSA-WITH-AES-256-CBC-SHA in Tomato, DD-WRT, pfSense, Fritz!Box etc., the client certificate, the server certificate, the client key and the TLS key must be pasted again (after they have been generated and downloaded from the Configuration Generator as usual) in the appropriate fields of your configuration Please do not hesitate to contact us for any further information.

Kind regards
AirVPN Staff

UPGRADE COMPLETED SUCCESSFULLY
 
Hello!

We're glad to inform you that a major system upgrade will take place during Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC
This upgrade has a triple, important purpose: close any possible exploitation chance, regardless of how unlikely it could be, deriving from past "Heartbleed" vulnerability, bring AirVPN in an even higher security environment and open the road for an important new feature of the service: 3 simultaneous connections per account on different servers (details will be provided soon after the major upgrade which takes precedence).

The upgrade in details
switch to 4096 bit size RSA and DH keys implementation of additional OpenVPN TLS-Auth layer re-generation of certificates and keys general optimization During the upgrade all the VPN clients will be forcefully disconnected and will not be able to reconnect. The upgrade will take approximately 30 minutes.

Disconnections will occur on all servers from-to:
Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC

that is:

Sunday, 13 April 2014, 14:00:00 - Sunday, 13 April 2014, 15:00:00 PDT
Sunday, 13 April 2014, 16:00:00 - Sunday, 13 April 2014, 17:00:00 CDT
Sunday, 13 April 2014, 17:00:00 - Sunday, 13 April 2014, 18:00:00 EDT
Sunday, 13 April 2014, 23:00:00 - Monday, 14 April 2014, 00:00:00 CEST
Monday, 14 April 2014, 06:00:00 - Monday, 14 April 2014, 07:00:00 JST

Click here to find your town: http://www.timeanddate.com/worldclock/fixedtime.html?msg=Switch+to+4096+bit+size+keys&iso=20140413T23&p1=215&ah=1

Mandatory actions

After the upgrade, customers running the Air client for Windows will need to shut down and restart the Air client. It is assumed that customers have already downloaded the new package for Windows which includes OpenVPN with non-vulnerable OpenSSL, available here https://airvpn.org/windows and installed the new OpenVPN version.

Customers running any other OpenVPN wrapper or OpenVPN will need to re-download configuration, certificates and keys files.

Additional information for customers running manually configured wrappers:
the "TLS-Cipher" or equivalent name in your configuration becomes: TLS-DHE-RSA-WITH-AES-256-CBC-SHA in Tomato, DD-WRT, pfSense, Fritz!Box etc., the client certificate, the server certificate, the client key and the TLS key must be pasted again (after they have been generated and downloaded from the Configuration Generator as usual) in the appropriate fields of your configuration Please do not hesitate to contact us for any further information.

Kind regards
AirVPN Staff

UPGRADE COMPLETED SUCCESSFULLY
 
Hello!

We're glad to inform you that a major system upgrade will take place during Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC
This upgrade has a triple, important purpose: close any possible exploitation chance, regardless of how unlikely it could be, deriving from past "Heartbleed" vulnerability, bring AirVPN in an even higher security environment and open the road for an important new feature of the service: 3 simultaneous connections per account on different servers (details will be provided soon after the major upgrade which takes precedence).

The upgrade in details
switch to 4096 bit size RSA and DH keys implementation of additional OpenVPN TLS-Auth layer re-generation of certificates and keys general optimization During the upgrade all the VPN clients will be forcefully disconnected and will not be able to reconnect. The upgrade will take approximately 30 minutes.

Disconnections will occur on all servers from-to:
Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC

that is:

Sunday, 13 April 2014, 14:00:00 - Sunday, 13 April 2014, 15:00:00 PDT
Sunday, 13 April 2014, 16:00:00 - Sunday, 13 April 2014, 17:00:00 CDT
Sunday, 13 April 2014, 17:00:00 - Sunday, 13 April 2014, 18:00:00 EDT
Sunday, 13 April 2014, 23:00:00 - Monday, 14 April 2014, 00:00:00 CEST
Monday, 14 April 2014, 06:00:00 - Monday, 14 April 2014, 07:00:00 JST

Click here to find your town: http://www.timeanddate.com/worldclock/fixedtime.html?msg=Switch+to+4096+bit+size+keys&iso=20140413T23&p1=215&ah=1

Mandatory actions

After the upgrade, customers running the Air client for Windows will need to shut down and restart the Air client. It is assumed that customers have already downloaded the new package for Windows which includes OpenVPN with non-vulnerable OpenSSL, available here https://airvpn.org/windows and installed the new OpenVPN version.

Customers running any other OpenVPN wrapper or OpenVPN will need to re-download configuration, certificates and keys files.

Additional information for customers running manually configured wrappers:
the "TLS-Cipher" or equivalent name in your configuration becomes: TLS-DHE-RSA-WITH-AES-256-CBC-SHA in Tomato, DD-WRT, pfSense, Fritz!Box etc., the client certificate, the server certificate, the client key and the TLS key must be pasted again (after they have been generated and downloaded from the Configuration Generator as usual) in the appropriate fields of your configuration Please do not hesitate to contact us for any further information.

Kind regards
AirVPN Staff

UPGRADE COMPLETED SUCCESSFULLY
 
Hello!

We're glad to inform you that a major system upgrade will take place during Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC
This upgrade has a triple, important purpose: close any possible exploitation chance, regardless of how unlikely it could be, deriving from past "Heartbleed" vulnerability, bring AirVPN in an even higher security environment and open the road for an important new feature of the service: 3 simultaneous connections per account on different servers (details will be provided soon after the major upgrade which takes precedence).

The upgrade in details
switch to 4096 bit size RSA and DH keys implementation of additional OpenVPN TLS-Auth layer re-generation of certificates and keys general optimization During the upgrade all the VPN clients will be forcefully disconnected and will not be able to reconnect. The upgrade will take approximately 30 minutes.

Disconnections will occur on all servers from-to:
Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC

that is:

Sunday, 13 April 2014, 14:00:00 - Sunday, 13 April 2014, 15:00:00 PDT
Sunday, 13 April 2014, 16:00:00 - Sunday, 13 April 2014, 17:00:00 CDT
Sunday, 13 April 2014, 17:00:00 - Sunday, 13 April 2014, 18:00:00 EDT
Sunday, 13 April 2014, 23:00:00 - Monday, 14 April 2014, 00:00:00 CEST
Monday, 14 April 2014, 06:00:00 - Monday, 14 April 2014, 07:00:00 JST

Click here to find your town: http://www.timeanddate.com/worldclock/fixedtime.html?msg=Switch+to+4096+bit+size+keys&iso=20140413T23&p1=215&ah=1

Mandatory actions

After the upgrade, customers running the Air client for Windows will need to shut down and restart the Air client. It is assumed that customers have already downloaded the new package for Windows which includes OpenVPN with non-vulnerable OpenSSL, available here https://airvpn.org/windows and installed the new OpenVPN version.

Customers running any other OpenVPN wrapper or OpenVPN will need to re-download configuration, certificates and keys files.

Additional information for customers running manually configured wrappers:
the "TLS-Cipher" or equivalent name in your configuration becomes: TLS-DHE-RSA-WITH-AES-256-CBC-SHA in Tomato, DD-WRT, pfSense, Fritz!Box etc., the client certificate, the server certificate, the client key and the TLS key must be pasted again (after they have been generated and downloaded from the Configuration Generator as usual) in the appropriate fields of your configuration Please do not hesitate to contact us for any further information.

Kind regards
AirVPN Staff

UPGRADE COMPLETED SUCCESSFULLY
 
Hello!

We're glad to inform you that a major system upgrade will take place during Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC
This upgrade has a triple, important purpose: close any possible exploitation chance, regardless of how unlikely it could be, deriving from past "Heartbleed" vulnerability, bring AirVPN in an even higher security environment and open the road for an important new feature of the service: 3 simultaneous connections per account on different servers (details will be provided soon after the major upgrade which takes precedence).

The upgrade in details
switch to 4096 bit size RSA and DH keys implementation of additional OpenVPN TLS-Auth layer re-generation of certificates and keys general optimization During the upgrade all the VPN clients will be forcefully disconnected and will not be able to reconnect. The upgrade will take approximately 30 minutes.

Disconnections will occur on all servers from-to:
Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC

that is:

Sunday, 13 April 2014, 14:00:00 - Sunday, 13 April 2014, 15:00:00 PDT
Sunday, 13 April 2014, 16:00:00 - Sunday, 13 April 2014, 17:00:00 CDT
Sunday, 13 April 2014, 17:00:00 - Sunday, 13 April 2014, 18:00:00 EDT
Sunday, 13 April 2014, 23:00:00 - Monday, 14 April 2014, 00:00:00 CEST
Monday, 14 April 2014, 06:00:00 - Monday, 14 April 2014, 07:00:00 JST

Click here to find your town: http://www.timeanddate.com/worldclock/fixedtime.html?msg=Switch+to+4096+bit+size+keys&iso=20140413T23&p1=215&ah=1

Mandatory actions

After the upgrade, customers running the Air client for Windows will need to shut down and restart the Air client. It is assumed that customers have already downloaded the new package for Windows which includes OpenVPN with non-vulnerable OpenSSL, available here https://airvpn.org/windows and installed the new OpenVPN version.

Customers running any other OpenVPN wrapper or OpenVPN will need to re-download configuration, certificates and keys files.

Additional information for customers running manually configured wrappers:
the "TLS-Cipher" or equivalent name in your configuration becomes: TLS-DHE-RSA-WITH-AES-256-CBC-SHA in Tomato, DD-WRT, pfSense, Fritz!Box etc., the client certificate, the server certificate, the client key and the TLS key must be pasted again (after they have been generated and downloaded from the Configuration Generator as usual) in the appropriate fields of your configuration Please do not hesitate to contact us for any further information.

Kind regards
AirVPN Staff

UPGRADE COMPLETED SUCCESSFULLY
 
Hello!

We're glad to inform you that a major system upgrade will take place during Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC
This upgrade has a triple, important purpose: close any possible exploitation chance, regardless of how unlikely it could be, deriving from past "Heartbleed" vulnerability, bring AirVPN in an even higher security environment and open the road for an important new feature of the service: 3 simultaneous connections per account on different servers (details will be provided soon after the major upgrade which takes precedence).

The upgrade in details
switch to 4096 bit size RSA and DH keys implementation of additional OpenVPN TLS-Auth layer re-generation of certificates and keys general optimization During the upgrade all the VPN clients will be forcefully disconnected and will not be able to reconnect. The upgrade will take approximately 30 minutes.

Disconnections will occur on all servers from-to:
Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC

that is:

Sunday, 13 April 2014, 14:00:00 - Sunday, 13 April 2014, 15:00:00 PDT
Sunday, 13 April 2014, 16:00:00 - Sunday, 13 April 2014, 17:00:00 CDT
Sunday, 13 April 2014, 17:00:00 - Sunday, 13 April 2014, 18:00:00 EDT
Sunday, 13 April 2014, 23:00:00 - Monday, 14 April 2014, 00:00:00 CEST
Monday, 14 April 2014, 06:00:00 - Monday, 14 April 2014, 07:00:00 JST

Click here to find your town: http://www.timeanddate.com/worldclock/fixedtime.html?msg=Switch+to+4096+bit+size+keys&iso=20140413T23&p1=215&ah=1

Mandatory actions

After the upgrade, customers running the Air client for Windows will need to shut down and restart the Air client. It is assumed that customers have already downloaded the new package for Windows which includes OpenVPN with non-vulnerable OpenSSL, available here https://airvpn.org/windows and installed the new OpenVPN version.

Customers running any other OpenVPN wrapper or OpenVPN will need to re-download configuration, certificates and keys files.

Additional information for customers running manually configured wrappers:
the "TLS-Cipher" or equivalent name in your configuration becomes: TLS-DHE-RSA-WITH-AES-256-CBC-SHA in Tomato, DD-WRT, pfSense, Fritz!Box etc., the client certificate, the server certificate, the client key and the TLS key must be pasted again (after they have been generated and downloaded from the Configuration Generator as usual) in the appropriate fields of your configuration Please do not hesitate to contact us for any further information.

Kind regards
AirVPN Staff

Hello!

We're very glad to inform you that a new 1 Gbit/s server located in Canada is available: Lesath.

The AirVPN client will show automatically the new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").
 
The server accepts connections on ports 53, 80, 443, 2018 UDP and TCP.
 
Just like every other Air server, Lesath supports OpenVPN over SSL and OpenVPN over SSH.
 
As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team
 

UPGRADE COMPLETED SUCCESSFULLY
 
Hello!

We're glad to inform you that a major system upgrade will take place during Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC
This upgrade has a triple, important purpose: close any possible exploitation chance, regardless of how unlikely it could be, deriving from past "Heartbleed" vulnerability, bring AirVPN in an even higher security environment and open the road for an important new feature of the service: 3 simultaneous connections per account on different servers (details will be provided soon after the major upgrade which takes precedence).

The upgrade in details
switch to 4096 bit size RSA and DH keys implementation of additional OpenVPN TLS-Auth layer re-generation of certificates and keys general optimization During the upgrade all the VPN clients will be forcefully disconnected and will not be able to reconnect. The upgrade will take approximately 30 minutes.

Disconnections will occur on all servers from-to:
Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC

that is:

Sunday, 13 April 2014, 14:00:00 - Sunday, 13 April 2014, 15:00:00 PDT
Sunday, 13 April 2014, 16:00:00 - Sunday, 13 April 2014, 17:00:00 CDT
Sunday, 13 April 2014, 17:00:00 - Sunday, 13 April 2014, 18:00:00 EDT
Sunday, 13 April 2014, 23:00:00 - Monday, 14 April 2014, 00:00:00 CEST
Monday, 14 April 2014, 06:00:00 - Monday, 14 April 2014, 07:00:00 JST

Click here to find your town: http://www.timeanddate.com/worldclock/fixedtime.html?msg=Switch+to+4096+bit+size+keys&iso=20140413T23&p1=215&ah=1

Mandatory actions

After the upgrade, customers running the Air client for Windows will need to shut down and restart the Air client. It is assumed that customers have already downloaded the new package for Windows which includes OpenVPN with non-vulnerable OpenSSL, available here https://airvpn.org/windows and installed the new OpenVPN version.

Customers running any other OpenVPN wrapper or OpenVPN will need to re-download configuration, certificates and keys files.

Additional information for customers running manually configured wrappers:
the "TLS-Cipher" or equivalent name in your configuration becomes: TLS-DHE-RSA-WITH-AES-256-CBC-SHA in Tomato, DD-WRT, pfSense, Fritz!Box etc., the client certificate, the server certificate, the client key and the TLS key must be pasted again (after they have been generated and downloaded from the Configuration Generator as usual) in the appropriate fields of your configuration Please do not hesitate to contact us for any further information.

Kind regards
AirVPN Staff

UPGRADE COMPLETED SUCCESSFULLY
 
Hello!

We're glad to inform you that a major system upgrade will take place during Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC
This upgrade has a triple, important purpose: close any possible exploitation chance, regardless of how unlikely it could be, deriving from past "Heartbleed" vulnerability, bring AirVPN in an even higher security environment and open the road for an important new feature of the service: 3 simultaneous connections per account on different servers (details will be provided soon after the major upgrade which takes precedence).

The upgrade in details
switch to 4096 bit size RSA and DH keys implementation of additional OpenVPN TLS-Auth layer re-generation of certificates and keys general optimization During the upgrade all the VPN clients will be forcefully disconnected and will not be able to reconnect. The upgrade will take approximately 30 minutes.

Disconnections will occur on all servers from-to:
Sunday, 13 April 2014, 21:00:00 - Sunday, 13 April 2014, 22:00:00 UTC

that is:

Sunday, 13 April 2014, 14:00:00 - Sunday, 13 April 2014, 15:00:00 PDT
Sunday, 13 April 2014, 16:00:00 - Sunday, 13 April 2014, 17:00:00 CDT
Sunday, 13 April 2014, 17:00:00 - Sunday, 13 April 2014, 18:00:00 EDT
Sunday, 13 April 2014, 23:00:00 - Monday, 14 April 2014, 00:00:00 CEST
Monday, 14 April 2014, 06:00:00 - Monday, 14 April 2014, 07:00:00 JST

Click here to find your town: http://www.timeanddate.com/worldclock/fixedtime.html?msg=Switch+to+4096+bit+size+keys&iso=20140413T23&p1=215&ah=1

Mandatory actions

After the upgrade, customers running the Air client for Windows will need to shut down and restart the Air client. It is assumed that customers have already downloaded the new package for Windows which includes OpenVPN with non-vulnerable OpenSSL, available here https://airvpn.org/windows and installed the new OpenVPN version.

Customers running any other OpenVPN wrapper or OpenVPN will need to re-download configuration, certificates and keys files.

Additional information for customers running manually configured wrappers:
the "TLS-Cipher" or equivalent name in your configuration becomes: TLS-DHE-RSA-WITH-AES-256-CBC-SHA in Tomato, DD-WRT, pfSense, Fritz!Box etc., the client certificate, the server certificate, the client key and the TLS key must be pasted again (after they have been generated and downloaded from the Configuration Generator as usual) in the appropriate fields of your configuration Please do not hesitate to contact us for any further information.

Kind regards
AirVPN Staff

Hello!

Warning: this document could be updated by the technical staff if necessary. Please consult it again in the near future.

After a deeper analysis we would like to inform you about problems, solutions, what we did and what you need to do, in compliance with our transparency policy. The OpenSSL 1.0.1a-->f vulnerability is huge, but several factors in our infrastructure design made the menace a minor threat, without any potentially catastrophic consequence.
some of our OpenVPN servers used a vulnerable OpenSSL version. They have been all updated and upgraded between 3 PM and 6 PM 08-Apr-14 CET+1. The non-updated VPN servers running branches of OpenSSL like 0.9.8 were not and are not vulnerable. Assuming that an attacker could steal your user.key on those servers or directly from your system (in case you ran a vulnerable OpenSSL version), the worst damage is that he/she will connect with your account in the future (see below for a solution to this problem). He/she will not be able to decrypt your OpenVPN Data Channel. Various factors help mitigate the problem even on those vulnerable VPN servers: the attacker could not perform an attack through the exit-IP address (he/she should have known the entry-IP) and Perfect Forward Secrecy does not allow the attacker to decrypt your data the primary frontend (the web site you normally visit) used a vulnerable OpenSSL version which has been upgraded at 3 PM 08-Apr-14 to a non-vulnerable version. All sessions were reset. The vulnerability allowed an attacker to dump a memory portion of the server which could disclose information useful to exploit future access of those users using browsers or web clients not supporting DHE or ECDHE: Internet Explorer 6, Internet Explorer 8, YandexBot 3, or browsers manually forced NOT to use Perfect Forward Secrecy. the backend servers and other vital parts of the infrastructure were not and are not vulnerable, since they were NEVER running a vulnerable OpenSSL version What we have already done:
we replaced on every part of the infrastructure the vulnerable OpenSSL versions (if any) with non-vulnerable ones between 3 PM and 6 PM 08-Apr-14 CET+1 we changed in advance all administrative accounts passwords (this was not strictly necessary, but it has been performed anyway) we updated the internal SSL certificates we reset connections of clients connected to VPN servers running OpenSSL vulnerable version and rebooted the server to make sure that no old dynamically linked SSL version was still used by OpenVPN we performed attacks against our servers, even with the help of independent attackers as peer review, to check that the vulnerability has been resolved we have ordered the revocation of the frontend web server previous SSL certificate (this will go into effect in 72 hours according to authority policy) UPDATE 11.15 PM 08-Apr-14 CET+1 we changed the SSL certificate and private key of our frontend servers UPDATE 12.40 AM 09-Apr-14 CET+1 we released a new package for Windows with OpenVPN using non-vulnerable OpenSSL What we will additionally do:
we're going to add the option to generate new user.key from the client side, with no more need of our manual intervention, just in case someone wishes to use our service for free with your account UPDATE 1.50 PM 9-Apr-14 CET+1 We are planning a major change in the system with new RSA and DH keys, new certificates and more. The operation is complex and will cause interruptions to the service. You will need to re-download configuration files, certificates and keys, re-configure DD-WRT/Tomato/pfSense etc. so we are planning it with care. A discussion about it is still ongoing and will go on probably for hours, so we can't provide more details. Please stay tuned. UPDATE 11-Apr 14 3 PM CEST IMPORTANT https://airvpn.org/topic/11319-major-system-upgrade/?do=findComment&comment=16533 What YOU need to do:
change your account password and your API key (if you used our API) and do it as soon as possible especially if you use Internet Explorer 6, Internet Explorer 8 or YandexBot 3 or any other browser that you specifically configured NOT to use TLS with DHE-ECDHE in any way to log in our web site. On this occasion, please consider to drop once and for all Internet Explorer 6 and 8 and prefer browsers supporting PFS change your user.key when this option will be available Windows users only download and install new package with OpenVPN using non-vulnerable OpenSSL https://airvpn.org/windows Allow Air client to upgrade OpenVPN version if required OS X Tunnelblick users only download and upgrade to new Tunnelblick with non-vulnerable OpenSSL http://code.google.com/p/tunnelblick/wiki/RlsNotes UPDATE 11-Apr 14 3 PM CEST IMPORTANT https://airvpn.org/topic/11319-major-system-upgrade/?do=findComment&comment=16533 Kind regards

Hello!

Warning: this document could be updated by the technical staff if necessary. Please consult it again in the near future.

After a deeper analysis we would like to inform you about problems, solutions, what we did and what you need to do, in compliance with our transparency policy. The OpenSSL 1.0.1a-->f vulnerability is huge, but several factors in our infrastructure design made the menace a minor threat, without any potentially catastrophic consequence.
some of our OpenVPN servers used a vulnerable OpenSSL version. They have been all updated and upgraded between 3 PM and 6 PM 08-Apr-14 CET+1. The non-updated VPN servers running branches of OpenSSL like 0.9.8 were not and are not vulnerable. Assuming that an attacker could steal your user.key on those servers or directly from your system (in case you ran a vulnerable OpenSSL version), the worst damage is that he/she will connect with your account in the future (see below for a solution to this problem). He/she will not be able to decrypt your OpenVPN Data Channel. Various factors help mitigate the problem even on those vulnerable VPN servers: the attacker could not perform an attack through the exit-IP address (he/she should have known the entry-IP) and Perfect Forward Secrecy does not allow the attacker to decrypt your data the primary frontend (the web site you normally visit) used a vulnerable OpenSSL version which has been upgraded at 3 PM 08-Apr-14 to a non-vulnerable version. All sessions were reset. The vulnerability allowed an attacker to dump a memory portion of the server which could disclose information useful to exploit future access of those users using browsers or web clients not supporting DHE or ECDHE: Internet Explorer 6, Internet Explorer 8, YandexBot 3, or browsers manually forced NOT to use Perfect Forward Secrecy. the backend servers and other vital parts of the infrastructure were not and are not vulnerable, since they were NEVER running a vulnerable OpenSSL version What we have already done:
we replaced on every part of the infrastructure the vulnerable OpenSSL versions (if any) with non-vulnerable ones between 3 PM and 6 PM 08-Apr-14 CET+1 we changed in advance all administrative accounts passwords (this was not strictly necessary, but it has been performed anyway) we updated the internal SSL certificates we reset connections of clients connected to VPN servers running OpenSSL vulnerable version and rebooted the server to make sure that no old dynamically linked SSL version was still used by OpenVPN we performed attacks against our servers, even with the help of independent attackers as peer review, to check that the vulnerability has been resolved we have ordered the revocation of the frontend web server previous SSL certificate (this will go into effect in 72 hours according to authority policy) UPDATE 11.15 PM 08-Apr-14 CET+1 we changed the SSL certificate and private key of our frontend servers UPDATE 12.40 AM 09-Apr-14 CET+1 we released a new package for Windows with OpenVPN using non-vulnerable OpenSSL What we will additionally do:
we're going to add the option to generate new user.key from the client side, with no more need of our manual intervention, just in case someone wishes to use our service for free with your account UPDATE 1.50 PM 9-Apr-14 CET+1 We are planning a major change in the system with new RSA and DH keys, new certificates and more. The operation is complex and will cause interruptions to the service. You will need to re-download configuration files, certificates and keys, re-configure DD-WRT/Tomato/pfSense etc. so we are planning it with care. A discussion about it is still ongoing and will go on probably for hours, so we can't provide more details. Please stay tuned. UPDATE 11-Apr 14 3 PM CEST IMPORTANT https://airvpn.org/topic/11319-major-system-upgrade/?do=findComment&comment=16533 What YOU need to do:
change your account password and your API key (if you used our API) and do it as soon as possible especially if you use Internet Explorer 6, Internet Explorer 8 or YandexBot 3 or any other browser that you specifically configured NOT to use TLS with DHE-ECDHE in any way to log in our web site. On this occasion, please consider to drop once and for all Internet Explorer 6 and 8 and prefer browsers supporting PFS change your user.key when this option will be available Windows users only download and install new package with OpenVPN using non-vulnerable OpenSSL https://airvpn.org/windows Allow Air client to upgrade OpenVPN version if required OS X Tunnelblick users only download and upgrade to new Tunnelblick with non-vulnerable OpenSSL http://code.google.com/p/tunnelblick/wiki/RlsNotes UPDATE 11-Apr 14 3 PM CEST IMPORTANT https://airvpn.org/topic/11319-major-system-upgrade/?do=findComment&comment=16533 Kind regards

Hello!

Warning: this document could be updated by the technical staff if necessary. Please consult it again in the near future.

After a deeper analysis we would like to inform you about problems, solutions, what we did and what you need to do, in compliance with our transparency policy. The OpenSSL 1.0.1a-->f vulnerability is huge, but several factors in our infrastructure design made the menace a minor threat, without any potentially catastrophic consequence.
some of our OpenVPN servers used a vulnerable OpenSSL version. They have been all updated and upgraded between 3 PM and 6 PM 08-Apr-14 CET+1. The non-updated VPN servers running branches of OpenSSL like 0.9.8 were not and are not vulnerable. Assuming that an attacker could steal your user.key on those servers or directly from your system (in case you ran a vulnerable OpenSSL version), the worst damage is that he/she will connect with your account in the future (see below for a solution to this problem). He/she will not be able to decrypt your OpenVPN Data Channel. Various factors help mitigate the problem even on those vulnerable VPN servers: the attacker could not perform an attack through the exit-IP address (he/she should have known the entry-IP) and Perfect Forward Secrecy does not allow the attacker to decrypt your data the primary frontend (the web site you normally visit) used a vulnerable OpenSSL version which has been upgraded at 3 PM 08-Apr-14 to a non-vulnerable version. All sessions were reset. The vulnerability allowed an attacker to dump a memory portion of the server which could disclose information useful to exploit future access of those users using browsers or web clients not supporting DHE or ECDHE: Internet Explorer 6, Internet Explorer 8, YandexBot 3, or browsers manually forced NOT to use Perfect Forward Secrecy. the backend servers and other vital parts of the infrastructure were not and are not vulnerable, since they were NEVER running a vulnerable OpenSSL version What we have already done:
we replaced on every part of the infrastructure the vulnerable OpenSSL versions (if any) with non-vulnerable ones between 3 PM and 6 PM 08-Apr-14 CET+1 we changed in advance all administrative accounts passwords (this was not strictly necessary, but it has been performed anyway) we updated the internal SSL certificates we reset connections of clients connected to VPN servers running OpenSSL vulnerable version and rebooted the server to make sure that no old dynamically linked SSL version was still used by OpenVPN we performed attacks against our servers, even with the help of independent attackers as peer review, to check that the vulnerability has been resolved we have ordered the revocation of the frontend web server previous SSL certificate (this will go into effect in 72 hours according to authority policy) UPDATE 11.15 PM 08-Apr-14 CET+1 we changed the SSL certificate and private key of our frontend servers UPDATE 12.40 AM 09-Apr-14 CET+1 we released a new package for Windows with OpenVPN using non-vulnerable OpenSSL What we will additionally do:
we're going to add the option to generate new user.key from the client side, with no more need of our manual intervention, just in case someone wishes to use our service for free with your account UPDATE 1.50 PM 9-Apr-14 CET+1 We are planning a major change in the system with new RSA and DH keys, new certificates and more. The operation is complex and will cause interruptions to the service. You will need to re-download configuration files, certificates and keys, re-configure DD-WRT/Tomato/pfSense etc. so we are planning it with care. A discussion about it is still ongoing and will go on probably for hours, so we can't provide more details. Please stay tuned. UPDATE 11-Apr 14 3 PM CEST IMPORTANT https://airvpn.org/topic/11319-major-system-upgrade/?do=findComment&comment=16533 What YOU need to do:
change your account password and your API key (if you used our API) and do it as soon as possible especially if you use Internet Explorer 6, Internet Explorer 8 or YandexBot 3 or any other browser that you specifically configured NOT to use TLS with DHE-ECDHE in any way to log in our web site. On this occasion, please consider to drop once and for all Internet Explorer 6 and 8 and prefer browsers supporting PFS change your user.key when this option will be available Windows users only download and install new package with OpenVPN using non-vulnerable OpenSSL https://airvpn.org/windows Allow Air client to upgrade OpenVPN version if required OS X Tunnelblick users only download and upgrade to new Tunnelblick with non-vulnerable OpenSSL http://code.google.com/p/tunnelblick/wiki/RlsNotes UPDATE 11-Apr 14 3 PM CEST IMPORTANT https://airvpn.org/topic/11319-major-system-upgrade/?do=findComment&comment=16533 Kind regards