Search the Community

Yes, I tried several different protocols, but always end up with the fatal error or just staying in a connection-retry loop. I really don't get it, it worked just a few days ago (https://airvpn.org/topic/22266-speed-in-china/) on an almost fresh Manjaro install like this one now.

You are in China? And are you able to connect? Because the Great Firewall is likely trying to intercept here, causing the log lines to occur in the first place. Yes, OpenVPN over SSL is slow but it's working.

No firewall, No QoS, No “Packet Acceleration”. In face, I never connect successfully to Eddie with TCP in China where I have worked since 2015 . So, I don't know what errors will happen. However, though SSL/SSH are able to work, but they are very slowly. And then UDP is so fast.

So what do governments (executive, police, military, ...) and large corporations do about internet insecurity ? The US TLAs seem to have a free hand to spy outside the USA and US corporations for "economic benefits" as explicit policy (and to justify bigger budgets, and offer "insider deals" for "donors"). And one could expect China to do more. I do not follow infosec professional insider forums, etc but they have to justify their consultancy fees and survive third party security audits, etc. Airbus has to compete with Boeing, Siemens with GE, Toyota with GM, Ericcson with Huawei, ...

I kinda agree Their client is conflicting with Eddie, you have to reinstall the TAP driver (better uninstall ProtonVPN, then TAP, then reinstall), I've pushed it to them. But I don't think they'll stuck with these ports simply because as a big mail provider, they'll have lot of clients from Iran, UAE etc.. already using Protonmail so they'll need to change it and probably adding layers of stealth because of that (adding SSL,SSH maybe?) If they do not take this road, I'll never subscribe to it. We'll see but with what they said about their competitors (https://protonmail.com/blog/best-vpn-service/) naming them I hope for them that they'll be robusts The level of transparency ProtonMail has given so far with this information is somewhat promising. But if they do not add obfuscation, i cannot subscribe to them as my main provider. While it is commonly used for restrictive countries such as Iran, China etc. They are still very useful for restrictive networks in the US and the UK where corporations, public wifi and others try to lock down users into censorship and surveillance. Fix their client, and add obfuscation such as Obfs4 or SSL/SSH tunnels and i might switch over if it seems promising. And i'll pay too, i don't care if its technically free or not, ill donate and contribute that way instead.

I'm not sure if they are completely against VPNs or simply banning IPs of hackers/griefers. Maybe they also block VPN users from China because of the country laws, I don't know. My experience: I use VPN simply for the security & privacy. Now when a VPN server is blocked by the minecraft login servers, my login gets rejected and it looks like the login details were wrong but they aren't. Some AirVPN servers do work. We could list the working servers here but I don't know if it is a good idea because of potential abuse. What do you think? Anyway, you should be able to find a working server with no more than 3 attempts at the moment.

Technically it seems rather easy to detect abnormal operating system or driver code or app code and capture a trace of its execution. And then reverse engineer to analyse the algorithms. So it seems reasonable to expect that these sort of "agents" can be detected and captured by other national security agencies in Russia, China, India, UK etc, and that they can honeypot and "pirate" from each other. In addition, "white hat" commercial security staff may find these things, and be tempted by a big money deal on the "dark market". As well as the usual "russian hacker" gangs after new tricks. A cocaine import/distro gang in Sydney was busted by an undercover agent, but in court evidence they only discussed "business" by all stripping down to swimming briefs and swimming out into the harbor to avoid "bugs".

Thank you for this info; I had a slight moment of panic as to why Google was warning me that my Gmail account had been accessed from China (obv. I haven't been there). Since only the SMTP address showed as China (POP was US) I figured it was this sort of VPN IP sorcery at work; good to have a confirmation to ease my paranoia a tiny bit.

Here is a forum where users "Aractus" and "John Citizen" recommend private vpn from China: "Safe vpn for business access" https://forums.whirlpool.net.au/archive/2480843 I remember other blog comment etc mentions, somewhere ... Commercial side of OpenVPN Technologies, Inc. has web based admin, support: "All OpenVPN Access Server downloads come with 2 free client connections for testing purposes." "$15.00 License Fee Per Client Connection Per Year. Support & Updates included. 10 Client minimum purchase." https://openvpn.net/index.php/access-server/pricing.html Searching for "openvpn server" https://duckduckgo.com/html?q=openvpn%20server finds various howtos: https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-14-04 Note "Uncomment push "redirect-gateway def1 bypass-dhcp" so the VPN server passes on clients' web traffic to its destination." Some howtos assume only for access to internal network via server. A lot of doco on the OpenVPN Community website: https://community.openvpn.net/openvpn/wiki/Easy_Windows_Guide I have not done this myself, and no real need, but hopefully some use for these refs after a bit of time investigating. A bit off topic from specific Netflix access, but how to avoid some spying and censoring and georestriction and ...

I have seen comments on other forums about setting up a "home vpn" using the openvpn software. This then allows one to access content from your home ip address/geolocation server from a client wherever. Some technical expertise required, and not for just a one week holiday away from it all. Requires a fixed IP address from your ISP. But useful for people who travel or have overseas postings or need better personal security. Similar to the setup of a commercial business for secure remote access by staff. Australians working in China do this to get through the Great Firewall and access uncensored English language and georestricted content such as ABC iView, as well as any home subscriptions for streaming content.

I have to say that's false and quite a worrying statement coming from you, the supposed Founder. The very notion that trust is required, serves as a weak point, as the trust is merely a substitute for actual verifiable assurance. The less explicit "trust" required, the better. There's been plenty of cases where closed-source software has caused problems. Not just with security, but with other things too. Your misuse of the word "paranoid" serves only to undermine legitimate security and privacy concerns. A network analyzer also won't help if the software contains malware which doesn't need network communications. If the client is so simple as you say, then it should also be a simple matter of making it open-source, no? Then the "truly paranoid" will have even more avenues of auditing and trust in the client will increase.So while you could argue the case of closed source software being alright, I think you picked the wrong brand of software to do it on, since it's security-related and open-source is one of the building blocks of a secure system. You claim the "truly paranoid" could simply use a network analyzer tool, but I think that's a bad argument, seeing as the "truly paranoid" would avoid your software altogether, upon finding out it's closed. Thus you're left with users who can't or won't check such things - which seems irresponsible, given not all users will know the significance of closed vs open source software and thus might unknowingly put their security or privacy at risk. Security isn't just 1 product after all - as you said, there's other factors one should be concerned about. Well, the client is one of them. Someone around here made a thread which showed that a client from another VPN provider acted in some very malicious ways too. I'll concede that the use of the word "paranoid" is misplaced, however I respectfully disagree on your other points. Using the "its closed source so it could contain malware" is misguided for multiple reasons: 1. The binary you download doesn't have to be built from the same source code that's published. At the very least, you won't have a code signing certificate publicly available, so the binary checksum will always be different. 2. Malware will have to do something, and exfiltrate sensitive data from your machine. That's something you can detect with a network analyzer. 3. VPN client sends all your activity through a server which is a black box to everyone except the operator. Your open source client will do nothing if it connects to an actively malicious server that then injects malware into HTTP requests. That would also be virtually undetectable and much more clever than stuffing malware into the executable. With the way how all VPNs function right now, trust is unfortunately required. Having an open source client is certainly a step in the right direction, and we do have plans to eventually open source it once we reach 2.0 (maybe), however this is just a token gesture that is largely irrelevant as the main problem with VPNs is the fact that the server operator holds all the cards. Security through obscurity is rarely a good thing, and some things should always be open source, like protocols. Running a VPN company involves a lot of "cat and mouse" games, where your website, api, servers themselves are blocked in random places, using various methods, etc. Our upcoming update of the application has a ton of new features, however more importantly it has procedural domain generation which uses a programatically generated domain names, which are not hardcoded (to prevent them from being extracted if you decompile the app) and are generated daily, to access our API and ensure people can use our app in China, Iran, your local school with an overzealous network admin. Having this code be public knowledge would render it useless, and prevent people who need a VPN the most from having access to it. That's just one example.

Yeah, while it lasted. Two days Must have been the shortest active periode of all AirVPN servers ever introduced! Air's South Korean server(s) lasted only a few days IIRC. Not sure how useful this would be, but perhaps instead of AU, Air could consider putting a server up in Hawai`i. They have datacenters I think. This has already been previously answered. There are indeed datacenters in Hawaii, however they are routed through the US west coast, making them ineffective for South East Asia. Users in regions such as China and Australia would actually have an easier time using a server in Los Angeles rather than Honolulu.

"Antares ... will almost certainly explode as a supernova,[26] probably within the next few hundred thousand years. For a few months, the Antares supernova could be as bright as the full moon and be visible in daytime." https://en.wikipedia.org/wiki/Antares and so might the other one in Singapore, it is at 71% with 162 users at 2am in Australia, with all the users in E Asia, Asean, India, Pak, Aus, NZ on a Friday night. One could guess that the big increase in YouTube, Facebook, Kodi etc streaming is upping the bandwidth needed, maybe it means higher costs and subs for an adequate service. I am just torrenting Wild Orchid 2 (Zalman King, can't pirate the dead) etc because I am fascinated by artefacts expressing/reflecting Trumpistan, so not really time critical. As already commented, I would not vouch for Singapore not to assist national security / major crime agencies from Australia, China, India, USA, etc but not a concern for many users. But adding another 1G server in an existing facility in an existing country should be simpler. Sent using Arcturus HK which is only at 26%.

Wow. thanks for these quick and in-detail answers. I think this feature would be especially useful for customers in China. Thus a server in Singapore on the WestCoast of the US would make the most sense. Preferably the latter for Netflix use

Honestly I could, but The effort would be pointless by now. Anyone in this forum can edit their posts after the fact. Even if you didn't, your attitude alone makes this thread a waste of time. And I'm not going to grace it with any more of my time and energy.You know, I wrote up a reply several times over, but each time I decided that if he/she cannot see his/her words by themselves, there is no point speaking to them. But for you I will post two quotes. Unedited quotes. Did someone say name calling? "Trump is racist. The Republican Party is racist. As you said, the wall will fix nothing. The drug cartels will laugh and go over, under, around or through it. As you pointed out they're already in Texas as well as every other state. Only one thing will end the cartels: remove the profit motive. How do you do that? Decriminalize drugs. Making drugs illegal has never worked (think Prohibition). Drug cartels didn't exist until Nixon declared the 'war on drugs' in 1971. Since then they've continually grown and become richer and more powerful. Whenever something that large numbers of people want is made illegal, criminal gangs will arise to provide it and reap the enormous profits. The Mafia only became really powerful as a result of the money generated by Prohibition. The only solution: legalize, regulate, educate." How about more name calling? "I'm not aware of any holidays for homosexuals. There are gay pride festivals in most democratic countries (not repressive countries like China or Russia) where people are free to celebrate as they please. But these are not official holidays. It certainly sounds like you do not like homosexuals and that's your choice. It's amusing that you're irritated by 'gay pride' stuff. Why is it so annoying for you to acknowledge that gays and gay sexuality exists? No one is insisting that you participate. I've always wondered if OmniNegro was in fact Negro. I'm guessing yes. Nearly all African countries are extremely homophobic. It's well known that the African American community is traditionally rather anti-gay. That's changing after Obama's election when the NAACP finally officially supported equal rights for gays. I've always felt that there ought naturally to be a kind of understanding, sympathy and solidarity between the two groups, gays and blacks, that have both been oppressed by mainstream cultures, but that hasn't been the case. I don't think that equality can be parceled out in different measure to different groups. Equal means equal...for everyone. It's a great thing for people of different backgrounds to try to understand and empathize with each other. I recently saw the film "Fences". Amazing play and film, highly recommended." I could go on, but why bother? I think he/she has a mental issue that prevents him/her from accepting any phrase they use that is an accusation. Therefore the only reply anyone will ever get is that it never happened. But we have better things to do with our time.

Well it wasn't justified. It's a sovereign country - do you condemn that? That's kind of the equivalent of someone attacking the US in order to fight the Bloods or the Cribs gangs or the KKK. In relation to DT, he could use the same logic to start conflicts with China, as you also previously mentioned being worried about, rightly so. So I think we have to take a hard look at legality here and other concepts such as "innocent until proven guilty", instead of just bombing the ones who look mean. I mean, if applied to ourselves, Trump could say "if you use a VPN then you're guilty of xyz", even more so than is already the case now. Same thing for genders/religions. I don't think he can ban Muslims either, because he would have to make it into a law. Which then requires congress and since many need to get re-elected for various positions next year, they can't risk it. But he did ban or limit entry from a few select countries yes. Sent to you from me with datalove Actually Trump can and will (very shortly according to reports) ban Muslims from several countries by executive order...no law needed. So before he was going to ban all Muslims, now it's just Muslims from certain countries. I have a very close Muslim friend who travels to her home country every year with her kids. They're all US citizens, but the way Trump was talking I was afraid they might take a trip and not be allowed to return home. Fortunately they're not from any of the banned countries. The war in Afghanistan was completely justified. Al Queda (with the support of the Taliban government of Afganistan) attacked the U.S and killed 3500 innocent civilians, that's an act of war. Its internationally legal to respond with force....not to mention it's common sense to defend yourself.

Well it wasn't justified. It's a sovereign country - do you condemn that? That's kind of the equivalent of someone attacking the US in order to fight the Bloods or the Cribs gangs or the KKK. In relation to DT, he could use the same logic to start conflicts with China, as you also previously mentioned being worried about, rightly so. So I think we have to take a hard look at legality here and other concepts such as "innocent until proven guilty", instead of just bombing the ones who look mean. I mean, if applied to ourselves, Trump could say "if you use a VPN then you're guilty of xyz", even more so than is already the case now. Same thing for genders/religions. I don't think he can ban Muslims either, because he would have to make it into a law. Which then requires congress and since many need to get re-elected for various positions next year, they can't risk it. But he did ban or limit entry from a few select countries yes. Sent to you from me with datalove

This new amendment only matters for local businesses which operate and are registered in mainland China. A similar law was passed around 2010, and it's called website compliance license, which means if you wanted to host a website on port 80/443 and Chinese IPs, you must obtain one: https://en.wikipedia.org/wiki/ICP_license This made some websites move to alternatives ports until a solution was found, since they were blocked until the license was acquired. I am not sure how such Firewall unblocking companies operated until now legally. Hong Kong based providers are not affected by this.

If Netflix can block Vpns, I imagine China can It's a repressive regime ruling a country without human rights law trying to keep it's citizens ignorant.

It's not in their power to control VPN's outside of the country. Best they can do is block them as they have before right? Or are they planning to actually prevent VPN corporations to cease serving customers in China? ​I think they can't e won't block VPN services because doing do they would block all HTTPS connections

It's not in their power to control VPN's outside of the country. Best they can do is block them as they have before right? Or are they planning to actually prevent VPN corporations to cease serving customers in China?

It's an important issue, but it's not a core issue and perhaps that's the difference. But Obama, due to the way he speaks, which is full of platitudes, inundates people with words and phrases which are largely meaningless and don't provide an actual recipe for practical action. Things which are just as vague and nondescript as "Make America Great Again" - as with Obama's speeches, it sounds hopeful and positive, but is ultimately pretty meaningless. It doesn't encourage action, it doesn't say what will be done or when and perhaps if anything, it may even encourage inaction. Core issues are ones such as economic questions, questions about war, healthcare and so forth, which won't be solved by hopeful speech. Speeches which actually easily would see Obama do the opposite of his speech - much like when he visited Prague in Europe (in 2009 or so). He said he would strive for a world without nuclear weapons basically. But when he got back, he invested in more nuclear weapons, more nuclear delivery systems, more nuclear warheads and even a kind of "mini" nuclear weapon, designed so that it would be more "thinkable" to use a nuclear weapon in battle, because it's smaller. But gender politics also tends to split people up into categories, based on any number of things, such as race. "The black vote", "The hispanic vote" and so on for instance. A thing which should be about bringing people together, actually helps accentuate their differences oddly enough and as the polls showed, you can't predict everything via polls; especially not based on something as inherently diverse as "the black vote" or "the womens vote", as neither of those groups have people who all vote in as uniform a way as the polls would have you think. @LZ1, "gender politics" is a very core issue if you are oppressed because of your gender or orientation. It's also a core issue to people who care about equality. It would appear that you are not amoung the later group since you consider gender equality a distraction. And as you said earlier: It's interesting to note, that Obama and Bush have also been belligerent bullies. But perhaps you didn't notice, precisely because all the pageantry and platitudes which accompany his speeches and other public shows, blinds you to these things. While with Trump, he's so obviously corrupt, that you're already looking for the signs. I disagree there's a war against radical Islam though. It seems more like a war against average people to me. Besides this, it wasn't Trump who started down the path of containment of China with the Obama "Pivot to Asia" strategy. So again, do you notice? If not, I don't blame you at all. But I do believe one has to look behind the facade, instead of being taken in with too many nice words. Much like when a VPN provider says they've got a quality service and we peer behind the veil to find a splendid VPS setup! Haha. And hey, who doesn't

I'm not aware of any holidays for homosexuals. There are gay pride festivals in most democratic countries (not repressive countries like China or Russia) where people are free to celebrate as they please. But these are not official holidays. It certainly sounds like you do not like homosexuals and that's your choice. It's amusing that you're irritated by 'gay pride' stuff. Why is it so annoying for you to acknowledge that gays and gay sexuality exists? No one is insisting that you participate. I've always wondered if OmniNegro was in fact Negro. I'm guessing yes. Nearly all African countries are extremely homophobic. It's well known that the African American community is traditionally rather anti-gay. That's changing after Obama's election when the NAACP finally officially supported equal rights for gays. I've always felt that there ought naturally to be a kind of understanding, sympathy and solidarity between the two groups, gays and blacks, that have both been oppressed by mainstream cultures, but that hasn't been the case. I don't think that equality can be parceled out in different measure to different groups. Equal means equal...for everyone. It's a great thing for people of different backgrounds to try to understand and empathize with each other. I recently saw the film "Fences". Amazing play and film, highly recommended.

Hi bigshotfatcat, I'm trying since a few days to get decent speeds in China, but so far I'm failed (I'm completely new to the VPN world). With your posted settings I could get the best speeds (around 0.5M) so far albeit being still far away from the promised 4M. - Do you use Network Lock? - I can't find the Advance Mode -> Resolved hosts in .ovpn file..There is nothing stated in the advanced tab in Eddie in the preferences. - I also can only find one Port 443 and no alternative? - For Hong Kong the Direct, protocol UDP, port 443 (Alternative Entry-IP) ? Thanks a lot in advance.

Maybe it would be handy to have a more definite tree of topics, subtopics and encourage adding to an existing easily found topic rather than general search. This local forum which has a lot of traffic does this, but also see this topic for "scope creep" of the surveillance state: https://forums.whirlpool.net.au/forum-replies.cfm?t=2593571 "Urgent warning from ACMA /Skymesh?" "We recently received an AISI report from the ACMA indicating that a computer connected to your SkyMesh broadband service has been compromised and might be infected with malicious software. The following details were provided to us:" "Our Support Team has told me that AISI includes "Vulnerable Services" in their scope. Vulnerability reports can just mean something the customer is running on their network is exposed and is vulnerable to being misused by third parties" "ISP Representative We have no idea how they detect the infection. The ACMA sends us the IP address of the infected computer and the date and time they observed it on the Internet. We work out who was using that IP address at that time, and we send the notification to the Billing Email Address. That's the limit of our involvement. In the vast majority of cases, the customer removes the virus from the offending computer and the emails stop. In some cases they ignore our emails or are recalcitrant and the ACMA notifies us to suspend their service until they do. We comply with the ACMA's directions." "What I would like to know is how are AISI flagging these conditions? I think that one of those 'They can tell you but then they would have to kill you' type of situations. More information here – http://www.asd.gov.au/publications/protect/dns_security.htm Mmmm, 'Australian Signals Directorate', I wonder where I have heard that name before. :-)" Australia seems rather to have the worst of both "worlds" - a government and police who want to have all the power and privileges of the Communist Party of China, and American big corporations that run oligopys to screw customers to their credit limits and harvest their private information and behaviour for sale to all buyers. But what happens here may also apply (soon) in places like the UK. 1. The ASD was originally a secretive organisation with special powers for the purpose of national security information processing. It now appears to be monitoring all domestic internet traffic, and probing attached routers and computers and mobile phones/tablets for "security vulnerabilities". 2. For detection of bot behaviour monitoring of IP traffic to "addresses of interest" is more general than webpages accessed. Logging at the IP level could include what "cloud storage" is used, what mail servers, skype sessions, and whatever else a mobile phone app connects to. 3. This "government initiative" is new and attracting attention in technical forums, but the mainstream media has no coverage or comment. 4. The case can be made that such activity is beneficial to society similar to checking for drunk or unlicensed drivers, or removal of infectious students from school and transport. But alternatives of education and resources would empower citizens, rather than secret police "protection". 5. Another reason to use a VPN, but also pay for effective antivirus subscriptions and warn family about phishing etc threats.