Jump to content
Not connected, Your IP: 3.236.110.106

Staff

Staff
  • Content Count

    9012
  • Joined

    ...
  • Last visited

    ...
  • Days Won

    1315

Reputation Activity

  1. Thanks
    Staff got a reaction from colorman in Bluetit: Developer's Reference Manual   ...
    Hello!

    We're very glad to inform you that we have just published the Developer's Reference Manual for Bluetit by promind.

    Bluetit, a core component of the AirVPN-SUITE, is a lightweight D-Bus controlled system daemon providing VPN connectivity through OpenVPN 3 AirVPN. Bluetit exposes a D-Bus interface which can be used by client applications in order to control the daemon and provide full interaction and connectivity with the whole AirVPN infrastructure.

    The manual covers Bluetit infrastructure and architecture and provides a complete reference for all the AirVPN’s classes on which the suite is based. The goal is to give any developer who wishes to write a Bluetit client, or a tool providing AirVPN inter-connectivity, a complete reference about the internals of both Bluetit daemon and the AirVPN–SUITE C++ classes.

    The tool to swiftly interact with the AirVPN infrastructure, repeatedly required by multiple AirVPN client developers in the past, is available and fully documented now.

    The document is a significant step forward in the VPN market and a further AirVPN's commitment to transparency and openness..The availability of a Developer's Reference Manual allows, in fact, any user or developer to successfully and proficiently build an AirVPN client to best suit her or his own needs.

    Should you decide to have a paper copy of the document, please consider that it is typeset for double side printing.

    Bluetit Developer's Reference Manual has been written and typeset in the unrivaled (ça va sans dire) LaTeX 2ε and it is released under CC BY-NC-SA 4.0 International

    You can download the manual here:
    https://gitlab.com/AirVPN/AirVPN-Suite/-/blob/master/docs/Bluetit-Developers-Reference-Manual.pdf

    directly from this message:
    Bluetit-Developers-Reference-Manual.pdf

    or in the AirVPN Suite for Linux download section.

    Kind regards & datalove
    AirVPN Staff
  2. Thanks
    Staff got a reaction from colorman in Bluetit: Developer's Reference Manual   ...
    Hello!

    We're very glad to inform you that we have just published the Developer's Reference Manual for Bluetit by promind.

    Bluetit, a core component of the AirVPN-SUITE, is a lightweight D-Bus controlled system daemon providing VPN connectivity through OpenVPN 3 AirVPN. Bluetit exposes a D-Bus interface which can be used by client applications in order to control the daemon and provide full interaction and connectivity with the whole AirVPN infrastructure.

    The manual covers Bluetit infrastructure and architecture and provides a complete reference for all the AirVPN’s classes on which the suite is based. The goal is to give any developer who wishes to write a Bluetit client, or a tool providing AirVPN inter-connectivity, a complete reference about the internals of both Bluetit daemon and the AirVPN–SUITE C++ classes.

    The tool to swiftly interact with the AirVPN infrastructure, repeatedly required by multiple AirVPN client developers in the past, is available and fully documented now.

    The document is a significant step forward in the VPN market and a further AirVPN's commitment to transparency and openness..The availability of a Developer's Reference Manual allows, in fact, any user or developer to successfully and proficiently build an AirVPN client to best suit her or his own needs.

    Should you decide to have a paper copy of the document, please consider that it is typeset for double side printing.

    Bluetit Developer's Reference Manual has been written and typeset in the unrivaled (ça va sans dire) LaTeX 2ε and it is released under CC BY-NC-SA 4.0 International

    You can download the manual here:
    https://gitlab.com/AirVPN/AirVPN-Suite/-/blob/master/docs/Bluetit-Developers-Reference-Manual.pdf

    directly from this message:
    Bluetit-Developers-Reference-Manual.pdf

    or in the AirVPN Suite for Linux download section.

    Kind regards & datalove
    AirVPN Staff
  3. Thanks
    Staff reacted to MarxBrother in Raspbian: Cannot access my server via airdns.org   ...
    I edited the above post, and that overlapped with your last answer.
    Everything is fine now!

    Thank you for your help!
  4. Like
    Staff reacted to MarxBrother in Raspbian: Cannot access my server via airdns.org   ...
    Thank you for guiding me into the right direction!

    55555 was just an arbitrary example, not a real port of mine - but:

    It was all my silly mistake. Yes, the port number!
    I always looked at the "port number", alas, there is also a "local port".
    With all my reserved ports, both are identical. Except one. THE one!

    "With glasses on, this would not have happened!"
  5. Like
    Staff got a reaction from Stalinium in AirVPN not acknowledged on EFF's donation page?   ...
    @Stalinium

    Thank you!

    The AirVPN founder has been working pro bono for EFF (Europe, not USA) for a couple of years, and that's not a thing that can be acknowledged in the donation pages or evaluated monetarily.

    Anyway, it must be said that we have not donated to EFF during 2021, but we will.

    Kind regards
     
  6. Like
    Staff got a reaction from AboSaudKing in CBS Broadcasting Inc. (CBS)   ...
    Website: http://www.cbs.com
    Watch CBS television online. Find CBS primetime, daytime, late night, and classic tv episodes, videos, and information.
    Status: OK
    Native: no servers
    Routing: all servers
     
    Updated: 03-Aug-18
  7. Like
    Staff got a reaction from AboSaudKing in CBS Broadcasting Inc. (CBS)   ...
    Website: http://www.cbs.com
    Watch CBS television online. Find CBS primetime, daytime, late night, and classic tv episodes, videos, and information.
    Status: OK
    Native: no servers
    Routing: all servers
     
    Updated: 03-Aug-18
  8. Like
    Staff got a reaction from AboSaudKing in CBS Broadcasting Inc. (CBS)   ...
    Website: http://www.cbs.com
    Watch CBS television online. Find CBS primetime, daytime, late night, and classic tv episodes, videos, and information.
    Status: OK
    Native: no servers
    Routing: all servers
     
    Updated: 03-Aug-18
  9. Like
    Staff got a reaction from AboSaudKing in CBS Broadcasting Inc. (CBS)   ...
    Website: http://www.cbs.com
    Watch CBS television online. Find CBS primetime, daytime, late night, and classic tv episodes, videos, and information.
    Status: OK
    Native: no servers
    Routing: all servers
     
    Updated: 03-Aug-18
  10. Thanks
    Staff reacted to Stalinium in Ain, Sweden server overloaded?   ...
    Just to provide an update: the Staff has indeed tweaked the server last week and it appears fine on monitoring Maybe more to come but it looks fixed now.
    Its a great example of "include your users in the process" ❤️ no bouncing of support tickets back and forth due to outsourced support haha. Probably we've all been on the internet long enough to have experienced it first hand
  11. Like
    Staff reacted to OpenSourcerer in Happy AirVPN power user   ...
    I'm flattered to be directly mentioned with such high praise. Thank you for your kind words, though some would argue that it's not all roses with me, to which I agree.
     

    Be advised that the proper abbreviation for Dynamic DNS is actually DDNS. DynDNS is the trademark name for the DDNS service of Dyn, Inc. (now an Oracle company). It's quite a smart name, I admit.
     
    I'd like to mention that there is an AirVPN subreddit, though there's very little activity; I usually refer back to the forums, anyway, so maybe people see the sidebar and then register and ask their questions here instead. Rarely people ask here and there.
     
    Let me… enhance that. .
  12. Thanks
    Staff reacted to Stalinium in Happy AirVPN power user   ...
    I don't know what to write about... Everything's fine and I love AirVPN. Sounds cheesy but it is what it is. I've been using AirVPN for half a year.

    Many servers to choose from, very transparent from the user's point of view - something I value. Transparency about server status and an API (admittedly I haven't used it much). From reading the forums I grasped that AirVPN has very strict (legal) criteria for choosing server locations (countries), an approach that is unique across all providers I've seen so far. Yea placing servers in China wouldn't be the best idea or many other more "democratic" as a matter of fact which were ruled out.
    The config generator is awesome if you're not using their open source client Eddie (bonus points again!) - plenty of flexibility. Configs? Afaik there're some providers out there who still have user/password prompt on each connection, laughable. AirVPN not only properly makes use of certificates (that's how the server knows you are you without asking for credentials) and on top of that allows you to properly distribute different access keys across your devices (in case of theft etc). Lost a device? Revoke access to that single one and done!

    Port-forwarding support ALONG WITH Dynamic DNS is unparalleled. Sure an advanced user probably could create an ad-hoc DDNS solution for themself, but offering it along the VPN is ingenius.
    The servers are very stable, the stats currently show a user has been connected since January. I've read comments where other VPNs often force reconnects etc, that just sounds wild to me. Before AirVPN I've been on a private VPN server with 24/7 uptime and that's the quality of service I got used to and wouldn't want to downgrade from (looking at those other VPN providers)

    The AirVPN forums are a great source of information. The staff cannot be commended enough for responding to concerns and generally being here for discussion. @OpenSourcerer is a damn community hero, this place is unimaginable without him! I myself have contributed in one form or another and will continue to. As a side note to forums: AirVPN appears to have customized the forum software for privacy. I can't assess how far it goes (hopefully "enough"), and it's a far better choice than those completely relying on Reddit - undoubtedly a useful puppet of/for the certain government.

    The only problem I've had was with initial payment. I bought the 1 month plan and found no clear indications it was still active (because it is a PayPal recurring payment), so before the month expired I bought the 1 year plan. I was quite surprised to see a few days later my access days to have been extended by +31d - the automatic Paypal payment kicked in and I paid a single month extra. Though I like the service so much I decided not to bother with a refund (consider it a donation hehe). You need to login in Paypal to cancel those, I wish this was made clear/er. What's unclear to me was whether/how much info is retained on payment after all the transactions... but to grossly paraphrase an official response: use crypto. Just make sure your mug shot (photo) isn't connected to the coin wallet

    Roses are red,
    AirVPN's great.
  13. Like
    Staff got a reaction from stupid are cocksure in FreeBSD setup guide   ...
    @m1ster

    Hello!

    You can't build Hummingbird or the AirPVN Suite in FreeBSD because OpenVPN3 AirVPN library needs various modification for FreeBSD, you will not be able to even compile it at the moment.

    We have plans to port the AirVPN Suite to FreeBSD later this year, but first we need to adapt the library, which might be or not a trivial task, and we must release a new Eddie Android edition version before the summer is over.

    At the moment you only have the Linux binary compatibility mode option (try with Hummingbird, as Eddie will have too many complications due to Mono), and of course OpenVPN 2.5.2.

    Hummingbird and the Suite support and have always supported pf, the default FreeBSD firewall, but different directory tree and some other issue may cause trouble. https://docs.freebsd.org/en/books/handbook/linuxemu/

    Anyway we assure you that FreeBSD support improvement with native applications remains our goal for 2021. Our FreeBSD users are many (25% of our Windows customers, and 20% of our Linux customers, who are currently the absolute majority), not to mention the system outstanding superiority, so stay tuned.

    Kind regards
     
  14. Like
    Staff got a reaction from stupid are cocksure in Eddie Desktop 2.21 beta released   ...
    Hello!
     
    We're very glad to inform you that a new Eddie Air client version has been released: 2.21 beta. It is ready for public beta testing.
     
    How to test our experimental release:
    Go to download page of your OS Click on Other versions
    Click on Experimental
    Look at the changelog if you wish Download and install
    Please see the changelog: https://eddie.website/changelog/?software=client&format=html



    This version contains an almost completely rewritten code for routes management, DNS and more, so please report any difference from the latest stable release 2.20.

    This version implements WireGuard support. AirVPN servers will offer it, during an opt-in beta-testing phase, within September.
      WireGuard support is expected to work out-of-the-box (no need to install anything else but Eddie) in Windows and macOS. In Linux it works if kernel supports it (WG support by kernel is required).

     
    PLEASE CONSIDER THIS AS A BETA VERSION.
    Don't use it for real connections it's only for those who want to collaborate to the project as beta-testers.  
  15. Like
    Staff got a reaction from Stalinium in Ain, Sweden server overloaded?   ...
    @Stalinium

    Hello!

    We might have underrated the non-linear growth of load over clients amount, which is very difficult to compute in advance because it depends not only on bandwidth required by a client, but (also) on an unknown variable, that is the amount of half.-connections established by single clients, which varies enormously over time and by single clients (different usages).

    We are fine tuning and resolve the issue if necessary, thank you for the head up.

    Kind regards
     
  16. Thanks
    Staff reacted to Maggie144 in [macOS] Eddie - unable to obtain elevated privileges   ...
    Update*

    I'm able to run the new beta of Eddie 2.21.0 - all previous versions I tried were unable to elevate their priviledge.

    Thanks for continuing to improve Eddie, I really appreciate it.
  17. Thanks
    Staff reacted to frisbee in Eddie Will Not Turn Off   ...
    For anyone still experiencing the issue that Eddie freezes/is unresponsive, a workaround is to NOT minimize Eddie. It seems to crash only when minimized. The Airvpn support team has been advised and should investigate further.
  18. Like
    Staff got a reaction from cortisol in Status of Eddie on Linux distributions   ...
    Last update: 16 May 2018 - Related to version: Eddie 2.14.4
    Any Linux distribution has at least:a different graphics server (X11, Wayland) a different desktop environment (GNOME, KDE, LXTE etc.) a package manager with a specific format (deb, rpm, tar.xf etc.) a different packaging signature for trust and security a different method to obtain administrative privileges, required by advanced features of Eddie (also because OpenVPN requires them) a different set of packages used by our client, that sometimes have different names (for example 'stunnel4' under Debian, 'stunnel' for Fedora) maybe a different DNS management. We are working at our best to support every kind of configuration managed by our source code directly, when possible.
     
    Tested without known issues
    Debian (tested 7/8/9) Ubuntu (18.04 GNOME tested) Ubuntu Mate (18.04 tested) Devuan (tested Ascii) Mint Arch (XFCE tested) Fedora (28 tested)

    With minimal issues
    openSUSE (Tumbleweed KDE tested)
    openSUSE (Tumbleweed GNOME tested)
      Works, with no tray icon. Elementary
      Works, but tray icon, web and folder links don't work.

    Fatal issues
     
    None known.


    Tech notes
    Sometimes Tray icon works, but it is not shown because the desktop environment hides it.
    For example, latest GNOME may require a separate shell extension (generally TopIcons). Currently Eddie 2.x under Linux requires root privileges (like GParted or Synaptic Manager).
    Elevation is generally obtained with a polkit policy file (pkexec) if installed, otherwise fallback methods are used when available (gksu, kdesu, beesu etc.).

    When the UI runs as root, there are four -optional- actions that are performed as normal user: tray icon, notifications, open web links and open file folders.
    If it is not possible to act as a normal user, such actions are not performed at all.

    A totally separated UI (as a normal user) vs. root-actions (as root user, service or separate process) is currently under development.

    Needed improvements
    Minimal lintian warnings on .deb edition General info details on .deb edition (for example, reporting Proprietary as License, not true.) General info details on .rpm edition (for example, reporting Proprietary as License, not true.) Create official package for AUR and other distributions. Create packages also for CLI-only edition. Create packages based on direct source compilation. Procedures to include Eddie in official/standard repository
  19. Like
    Staff got a reaction from bosr in Wireguard plans   ...
    @Flx

    The first message was approved by some moderator in the wrong thread, not a big deal. Then we moved the message on its own thread, this one. Then user "wireguard" posted more messages which were all approved by some moderator.

    @Brainbleach

    Of course. We were replying to "wireguard" who invites surreptitiously to punish AirVPN because AirVPN uses and develops actively OpenVPN: "Needless to say, investing in AirVPN means investing in OpenVPN, and that's not acceptable to me at this point," . He/she also kept claiming that "it's time to retire OpenVPN" (sic), that OpenVPN is a "truly disgusting hack" (sic) and so on,. showing his/her embarrassing ignorance and lack of good faith. Nothing to do with your messages.

    Funny how bogus account writers are so eager to become from time to time AirVPN software lead developers, general managers for AirVPN strategies, marketing directors and more. 😀

    We wanted to prove beyond any reasonable doubt that his/her claim are unreasonable and based on wrong assumptions and terrible omissions, showing how Wireguard can not replace OpenVPN for a significant percentage of our customers and how our OpenVPN development has been beneficial for many users around the world.

    That said, we claimed that Wireguard needed to be developed and tested further years ago, so at the time our claim was totally reasonable. We also claimed years ago that the problem was not with CHACHA20 which to the best of nowadays knowledge is a very robust and secure cipher.

    Now the problems are different because Wireguard is asked to offer something which it was not designed for, i.e. providing some kind of anonymity layer. Such problems include lack of DNS push, lack of dynamic IP address assignment (with subsequent problems with client key-private address static correspondence, a very tough legal problem for us but above all for our customers), need of keeping client real IP address stored in a file. We have resolved them one by one with external software and internal work around. Once the problems are resolved in a robust way, which means testing thoroughly the adopted work-around, we can offer Wireguard, not earlier.

    Kind regards
     
  20. Thanks
    Staff reacted to tom7812 in "Checking authorization..." lasts longer than before   ...
    Working fine here now  ! Thanks a lot !
  21. Thanks
    Staff reacted to 56rohrschach2u in "Checking authorization..." lasts longer than before   ...
    Whatever quirks and treats you pulled out of your sleeve ... it's working now just as slick and quick as always experienced. Thank you for solving this (at least for me that is).
  22. Like
    Staff got a reaction from esmeralda2 in Rebuttal of article "Don't use VPN services."   ...
    Hello!
     
    DISCLAIMER: this post has been written by an AirVPN co-founder (Paolo) and merges the information and the points of view elaborated by the Air founders in more than seven years. Other Air VPN staff members might add additional comments in the future.
     
    We have been asked via Twitter to reply to the following post:
    https://gist.github.com/joepie91/5a9909939e6ce7d09e29
     
    We see that the issues raised by the aforementioned article may be of general interest, so we have decided to post a detailed rebuttal here, meant to fix the remarkable amount of technical misunderstandings and errors which have led the writer to astonishingly wrong conclusions and worrying generalizations.
     
    The rebuttal is based on AirVPN only; we can not and we do not want to write in the name of any other service, since most of the considerations you will read here may or may not (and sometimes we know that they will not) apply to other "VPN services". Anyway, it is our right to reply as if the writer were talking about us too, because he/she repeatedly claims that ALL VPN services act in the same way.

     
     
     
    A "VPN in this sense" is NOT a proxy. Our service encrypts and tunnels all of the client system TCP and UDP traffic to and from the VPN server. Moreover, our service, when used with our free and open source software, also makes additional steps to prevent traffic leaks outside the VPN tunnel.
     
    A proxy tunnels (and not necessarily encrypts) only TCP traffic (proxies can not support UDP), and only the traffic of those applications which are configured to connect to a proxy. UDP traffic, system traffic and traffic of applications which may be started by the system and that you failed to configure (or that you can't even configure in Windows, in some cases) are not necessarily tunneled to the proxy. Not even your system DNS queries are necessarily tunneled over the proxy.

     
     
    If we were really interested in logging our clients traffic, we would not allow connections to and from Tor, proxies and other VPNs. We have always made very clear how to bypass the problem of "trust us" when you can't really afford to do that, and our answer has always been "partition of trust".  Please see for example our post dated March 2012 (!) about it:
    https://airvpn.org/topic/54-using-airvpn-over-tor/?do=findComment&comment=1745

     
    There's more. We work under a legal framework where the safe harbors for the mere conduits are very rigidly and clearly defined (specifically, by the 2000/31/EC, the E-Commerce Directive, articles 12, 13, 14 and 15).
    https://eur-lex.europa.eu/legal-content/en/ALL/?uri=CELEX:32000L0031
     
    The liability exemption for the mere conduit status would not exist if we were not mere conduits. If we inspected traffic and/or modified traffic (e.g. through content injection) and/or selected source and destination of the communications, we would not be mere conduits and we would lose the legal protection on liability exemptions.

    We have also two decisions of the Court of Justice of the European Union which clearly define indiscriminate data retention as infringing the fundamental rights of the citizens of the EU:
    https://curia.europa.eu/jcms/upload/docs/application/pdf/2014-04/cp140054en.pdf
    https://curia.europa.eu/jcms/upload/docs/application/pdf/2016-12/cp160145en.pdf
     
    Therefore:
    under a legal point of view, logging and/or monitoring and/or inspecting and/or modifying the content of our customers traffic without the customers explicit and written consent would be a criminal infringement, also subject to civil prosecution by the customers themselves under a business point of view, that would be simply suicidal (more on this later)  
     
    It is enigmatic how the writer can make such claims.
     
    We charge less than 10 USD per month for our services and we can pay a whole legal firm, 250 servers (physical, bare metal servers), the whole staff, including a tiny team of programmers. We also regularly donate money to organizations and projects whose activities are compatible with AirVPN mission.
    https://airvpn.org/mission
    https://airvpn.org/status
     
    We're not here only for the money, but if the writer wants to talk about money, so be it. He/she may rest assured that we have planned seriously a business model which remains robust if not rock solid.
     
    It is obvious that we must keep our business model solid, because our infrastructure has become large and we have duties toward the people working with us and toward our customers. At the same time we never forget that our customers have transformed into reality the dream to build a rather big project based on and aimed to privacy protection in a time when the whole world was going to the opposite direction. By changing now direction and pointing to a business based on privacy infringements and personal data commerce would not only betray our beliefs and mission and customers, but we would become a goldfish in an ocean of sharks, we could not even think to compete.
     
    After 7 years, we have the right and knowledge to claim that a privacy protection mission is not incompatible with the price the writer mentions and with a strictly agnostic network where no traffic inspection or monitoring is enforced.
     
    We can also claim confidently that any business plan based on data protection and privacy infringements not declared in the terms of service would crash dramatically in the short-term in the EU: remember the legal framework we live in and feel free to do your own research on real cases and incidents in the recent past.
     
    Last but not least, please do your own math and compute the costs to store and "hand a customer traffic data over": they imply costs of losing the mere conduit status, added to the costs of civil lawsuits from that and potentially other tens of thousands customers. Then compare them to the "costs" (in reality benefits) of no monitoring at all added to the peace of mind to strictly act in a legal/lawful way.
     
    Given all of the above, you can easily discern that the quoted assumption is false for AirVPN. The logical, unavoidable conclusion is that AirVPN best interest, even under a purely cynical, business point of view, is to NOT log (in the most extensive sense of the term) customers traffic and not commerce with their data.
     
     
    This is partially, only partially, true. HideMyAss was really risking to go out of serious privacy protection business soon after the incident occurred: check the massive uproar caused by the event. The AVG acquisition, with the disruptive marketing power of AVG, has probably covered the issue, but the old HideMyAss management hurried to sell the whole Privax company. Who knows, maybe just in time, maybe before the value could be hit too seriously by the incident. We can't know for sure, and the writer can't as well. Anyway, if the writer wants to claim that marketing is powerful, we agree (what a discovery!).
     
    The logical jump from HMA incident to the assumption that every service does what HMA did is long. Do not forget that what HMA did would pose a huge amount of legal problems to us, as explained.
     
    HideMyAss targeted the same persons who are happily using the new Facebook VPN. We respect the intelligence of our customers and we don't have the arrogance to think that we can change people mind and competence all over the world in a few years (or ever), and we don't even think that we can oppose the marketing power. More importantly, that's a problem pertaining to HideMyAss. It is not only unfair, but even defamatory to surreptitiously imply that the behavior (good or bad) of certain services is the same behavior of any other service, in the same field or not.
     
    We have been providing AirVPN services since 2011, when we offered the service as a beta version totally free. Now we challenge the writer of the article to provide any single proof that any single user identity has been compromised by us through a betrayal of our terms of service and our mission and/or through traffic logging or inspection and/or by any infringement of the EU legal framework on privacy and personal data protection. 
     
     
    False. We provide our users with any tool to never make their "real" IP address appear to our servers. We have also integrated AirVPN over HTTP proxy, AirVPN over SOCKS proxy, and AirVPN over Tor usage in our free and open source software. We don't even block connections from competitor VPN servers. Finally, we accept not only Bitcoin, but Monero and ZCash as well, which are designed to provide a robust anonymity layer on the transactions.
     
    If you really don't trust us, you can easily make your IP address never visible to our servers.
     
    This is particularly important even if you trust us, but you can't afford (for the sensitivity of the data you need to transmit, for example) to assume that our servers are not monitored by hostile entities, an event that can happen with ANY service, not only VPN services. The fact that we have made every human effort to provide effective and easily usable protections against such occurrences is a proof of our interest in the protection of our customers privacy.

     
     
    This is ambiguous, because we would need the writer to define security scope and context exactly. Is he/she referring to integrity and security of data between your node and our servers? Or security of your system? Surely, our service is not meant as a security tool to protect against virus and spyware, and this is clearly stated at the very beginning of our Terms of Service. AirVPN can't do anything if your system is compromised.
     
    However, the above does not imply in any way that our service is a glorified proxy. See the reasons we mentioned above and verify how a loose security mention does not change anything. Additionally, while OpenVPN is the core of our service, it is complemented by an important series of features aimed to protect privacy and data in all of those cases which OpenVPN alone has not been designed for.
     
    Even if you don't run our free and open source software, we and our community have made any effort to provide guides and insights on how to get the most from our service to integrate it in a comprehensive environment aimed to protect your data and identity. We are very grateful to our community for the invaluable contributions throughout the years.
     
    If we were a "malicious VPN provider", does the writer really think that we would have allowed our forums to become a golden source of information for privacy, identity and data protection? Do you really think that we would have been provided monetary support to TorProject, OpenBSD, European Digital Rights, Tor infrastructure, etc. etc.?

     
     
    A part of this has been widely rebutted in our previous reply. Here it will be sufficient to add that even if you don't use end-to-end encryption, even if you don't use Tor on top of an AirVPN connection, a MITM who sniffs the packets in any point between the VPN server and the final destination (including the final destination itself of course) will see those packets coming from the VPN server exit-IP address, NOT from your real IP address and NOT from the entry-IP address of the VPN server you connect to. This is a paramount point which is incompetently (intentionally?) ignored by the writer. It is so important that in some extreme cases it makes the difference between imprisonment and freedom, or even between life and death.
     
    Imagine the case of a whistleblower giving out relevant information via VoIP or other applications relying on UDP to a self proclaimed journalist who then betrays the confidentiality of the source, or even to a serious journalist who is unaware of the fact that his/her computer is compromised, or that his/her line is wiretapped. The whistleblower can't use a proxy reliably. The journalist, or the wiretapping entity, can trace the source IP address and the identity of the whistleblower can be disclosed (just to make a trivial example which does not require any wiretapping or compromised system, think of Skype exploit, for which any party could discover the IP address of the other party). In most of these cases, end-to-end encryption would have been irrelevant for the whistleblower.
     
    Whenever the source can't trust the destination integrity, whether the recipient is in good faith or not, our service makes a vital difference.

     
     
    True. We have never said or written the contrary. In addition to changing IP address, which is anyway important in spite of the writer claims, further steps are strictly necessary to prevent profiling, from "separation of identities" to script blocking, from browser fingerprint changes to system settings obfuscation. Our community has widely covered this issue and provided precious suggestions.
     
    Here the writer makes a totally irrational shift: first he/she wants to make you think that our service is just a "glorified proxy", then he/she wants to insinuate that our service is useless because it is not some sort of supernatural system capable to protect users from their own behavior and from every possible tracking system which exploits the user system, not the service.


     
     
    The first case is true, and it is very important.
     
    However, it is totally false that you can safely rely on a proxy for the second case purpose. Many applications, including torrent software, can:
    bind to the physical network interface, or do some dangerous UPnP use UDP (not supported by a proxy) send DNS queries out of the proxy include the assigned "real" IP address inside their layer of communications, example: https://blog.torproject.org/bittorrent-over-tor-isnt-good-idea In the aforementioned cases, correct usage of our service will fulfill the purpose to never disclose your real IP address and/or the UDP traffic and/or the DNS queries. A proxy will not and you can be potentially tracked back, either by copyright trolls or any hostile entity.
     
    Additionally, our service has many more use cases:
    tunneling UDP traffic (not available with a proxy or Tor) circumventing censorship based on IP addresses block circumventing censorship based on DNS poisoning preventing injection of forged packets (not necessarily available with a proxy even in TCP, and surely not when you need UDP flow integrity) using Tor anyway when Tor usage is blocked or triggers interest of ISP or any hostile entity about you protecting your identity when the final recipient of your communications is compromised (not available with end-to-end encryption alone, and not available with Tor when you need UDP, imagine if you need to stream a video in real time which requires source identity protection) making your services (web sites, torrent clients, FTP servers for example) reachable from the Internet when your ISP does not allow port forwarding (not available with a proxy), without exposing your IP address having a static exit-IP address bypassing various types of traffic shaping tunneling simultaneously the traffic of all the devices in your local network, even with remote port forwarding, and even those which can't run OpenVPN provided that you have a device acting as a gateway to the VPN (typical examples a pfSense box or a DD-WRT / AsusWRT / Merlin / Tomato etc. router or any computer configured to work as a router) and maybe you can see more use cases which we have missed here.
     
    The fact that the writer omitted all of the above says a lot about his/her competence and/or good faith.

     
     
    This is hilarious, and not only because the whole point of the writer's post ends up into advertising LowEndBox.
     
    We will not insult our readers' intelligence with an explanation of why that is a terrible idea when you seek more privacy and some anonymity layer in your interactions with the Internet.
     
    Draw your own conclusions.
     
    Kind regards and datalove
    Paolo
    AirVPN co-founder
  23. Like
    Staff got a reaction from flat4 in New country: New Zealand - New 1 Gbit/s server available   ...
    @flat4

    Hello!

    The agreements between intelligence offices to exchange information more liberally are irrelevant for our purposes, due to the nature of our service. They do not make the situation worse. You have absolutely no additional protection from traffic monitoring by intelligence agencies according to the location of the server, as Snowden documents show. If the adversary has such vast powers, our service is insufficient by itself alone in any case and in any country, and the only level of defense (which may be very effective!) is enforcing what we call "partition of trust".
    https://airvpn.org/forums/topic/54-using-airvpn-over-tor/?tab=comments#comment-1745

    Provided that the target device is not compromised. of course... any attacker with vast power and precise targets will save time and efforts by simply cracking the device of the target, instead of hunting packets all around the world and correlating them.

    Kind regards
     
  24. Like
    Staff got a reaction from LZ1 in AirVPN 11th birthday celebrations   ...
    Hello!

    Today we're starting AirVPN eleventh birthday celebrations offering special discounts on longer term plans.

    It seems like it was only yesterday that we celebrated the 10th milestone birthday, and here we are, one year later already.
     
    From a two servers service located in a single country providing a handful of Mbit/s, the baby has grown up to a wide infrastructure in 22 countries in four continents, providing now 240,000+ Mbit/s to tens of thousands of people around the world.

    We still define it as a "baby", but AirVPN is now the oldest VPN in the market which never changed ownership, and it's one of the last that still puts ethics well over profit, a philosophy which has been rewarded by customers and users.

    2020 (and 2021 so far) have been harsh years for the mankind but we have no rights to complain too much because AirVPN was only marginally touched by those terrible repercussions which affected many other business sectors in general.

    In spite of that, we could not maintain our promise to deliver native software for FreeBSD and we apologize for the failure. However, releasing software for FreeBSD, specifically AirVPN Suite, remains one of our goals, so stay tuned.

    On the other hand, Eddie desktop edition, AirVPN Suite for Linux, Hummingbird for Linux and macOS, and OpenVPN 3 AirVPN library were updated substantially and swiftly.  Moreover, Eddie Android edition development has been recently re-opened to provide a new version updated to new requirements and specifications of Android 11 during 2021. Hummingbird was natively released for M1 based Apple Mac systems too, allowing a dramatic performance boost (up to +100% in >100 Mbit/s lines).

    Behind the scenes, infrastructure had some paramount improvements.

    The whole network in the Netherlands has been enlarged with additional redundancy and several servers around the world have had hardware upgrades. In Sweden and Switzerland we started operating servers connected to exclusive 10 Gbit/s lines and ports, and we optimized the environment to obtain more bandwidth from the OpenVPN processes. We managed to beat the previous 1.7 Gbit/s barrier. The performance on the customer side has improved and reached new peaks of excellence, as you can see here: https://airvpn.org/forums/topic/48234-speedtest-comparison/?do=findComment&comment=130191

    Furthermore, the infrastructure has become fully Wireguard capable and throughout 2021 we will start offering Wireguard connections, in addition to OpenVPN ones, in an hardened environment which mitigates the numerous privacy problems posed by Wireguard.

    Last but not least we re-started operations in a fourth continent, Oceania, with a new server in New Zealand.

    All AirVPN applications and libraries are free and open source software released under GPLv3.

    It's worth quoting literally what we wrote last year for AirVPN birthday:
     

    Kind regards and datalove
    AirVPN Staff
  25. Thanks
    Staff reacted to f.rollo in TrustPilot   ...
    Hey, my 2 cents.

    Trutpilot seems a reputable website for reviews,. Incredibly, in the VPN busines gems like Mullvad and AirVPN have less than 40 reviews, while big bluffs have hundreds or thousands. Why don't we, as a community, write more reviews about truly serious VPN services in Trustpilot? I already did for Air! What do you think?
×
×
  • Create New...