Search the Community

Hi all, First of congratulations on great product. It beats all other VPN providers in user review! I have one issue though. This seems to pertinent to all VPN providers out there. How does one secure access to VPN account? OpenVPN and connections are encrypted and all the cryptographic goodies are there but security of access to account itself is fairly limited. Someone can still/guess/keylog credentials and get access to account - and therefore connect under my credentials to the Internet, and cause (even legal) havoc. Why is there not added security in this space? 2FA authentication seems no brainer these days but no one seems to offer it. VyprVPN is really bad with this, the offer encrypted storage with their service but once your credentials are compromised all goes down the drain. Cheers all!

Hi, this has been announced here https://mta.openssl.org/pipermail/openssl-announce/2015-July/000037.html the security flaw is impacting versions 1.0.1 and 1.0.2 of Openssl. From eddie (mac version) it states openssl version 1.0.1k, so it is affected. Will you repack Eddie with the 1.0.1p version patched soon? Thanks

The EFF compiled it's annual report regarding major internet companies transparency. Worth to read which ones you should avoid (I would recommend avoiding most) https://www.eff.org/who-has-your-back-government-data-requests-2015 PDF version: https://www.eff.org/files/2015/06/18/who_has_your_back_2015_protecting_your_data_from_government_requests_20150618.pdf

As the title says I'm confused about what these dozens of windows components actually do online and how I should assess each one. There's virtually nothing on the forums or the internet about them, especially with regard to VPN privacy, so how do you deal with them? To put this question in context. Privacy is essentially a trade-off between convenience and security - I want my system to be secure but not at the expense of much slower connections or to ruin my interaction with the internet. I don't need the highest level of privacy but I do like to understand what I'm letting through and what I'm not. Like most applications some Windows components can be blocked (eg OneDrive) and cause no problems, but some will stop Windows working altogether while others seem to be okay but cause problems in the background. If you let one through why not let them all through? It's a minefield. To put this question another way, what's the point of a VPN if Microsoft can uniquely identify your system and is being told a thousand times a day what it's doing. Unless I've got it all wrong?

Dear AirVPN staff First of all, thank you very much for offering such a great service. So far, everything has been working without problems. The Eddie client is taking care of the concerns I had while using VPN (speed, failover, leaks). I have however come across one thing that I am not a big fan of: The client is saving the login details without any regards to security inside the profile (AirVPN.xml). The file itself is readable by every user on the operating system. There are better ways to handle the credential storage: OS X Keychain or the Data Protection API on Windows. This way, other processes or users would not have access to the AirVPN login credentials. I could at least fiddle with the file permissions myself to make the profile readable only by my user, but that is hardly optimal and should be handled by the client and not manually by the user. Maybe there is a good reason that you chose to do it the way it is done now but I thought it would be important to address this. Thank you very much in advance for your feedback.

/dev/ttyS0 recently analyzed D-Link's DIR-890L and found a security issue which opens up the possibility of executing any code with privileges of system, i.e. root. The worst thing about it is: The firmware version was designed to patch three different vulnerabilities in connection with HTTP and UPnP... .. which were, well, not really closed. If you are using a D-Link router orif you are planning on buying one,scroll to the bottom of the post and see if your model is listed there. If so, you should really think about your habits or your choices, respectively. From what I understood, this can only be exploited in a local network. The truth is: If D-Link doesn't seem to care about exploits in local networks - do you really think they care about what's coming from the internet? You should really abandon the D-Link ship.

Hi everybody, At the moment i am using Comodo internet security 8 and i like it.I have not noticed any security problems whilst using it but from reading some of the comodo forums its not as secure as CIS 7. I have used Airvpn's guide to block everything outside the VPN which is mainly why i use it. I would like to know some of the views from Airvpn and its users on what the best firewall and antivirus solution is.Also recently with the privdog issue bundled with comodo 6 and 7 and also its browsers i'm less sure that security and privacy is really their top concern.I have not been able to find a decent explanation about the privdog issue from comodo so am looking for an alternative. I am not a wreckless googler clicking on anything but i worry with the bugs in 8 i may not as secure as i thought. Some of the videos i've seen about how easy it is for those who know how to bypass its security make me wonder if comodo is still the best option for me. What do you guys think and recommend. This is the link about comodo 8 issues ( https://forums.comodo.com/news-announcements-feedback-cis/do-you-still-think-that-comodo-v8-is-safe-to-use-t108660.0.html )

Hi, I came across an article today that states AirVPN is not one of the most trustworthy VPNs out there, contrary to what many believe, as according to them, you log sensitive identifiable information including IP address. I don't want to take this article at face value and I want to give you a chance to respond to the accusation and defend yourself so, please have a read over the linked article and respond. http://www.deepdotweb.com/2014/07/08/is-your-vpn-legit-or-shit/ Sorry if this has been discussed. I could not find a related post. Thank you.

Read this http://googleonlinesecurity.blogspot.fr/2014/10/this-poodle-bites-exploiting-ssl-30.html Anything to worry about concerning airvnp connections using openvpn over SSL?

Hi there, I have some questions regarding security/anonymity issues for only one pc. Not all people have 2 PCs in their home where they could split up like one for all non-VPN tasks and the other one strictly for VPN tasks. Some of them have their VPN always on, also for real-life identity tasks (let's call these non-VPN tasks) like banking, shopping, ... Just because they don't want their traffic to be sniffed by ISP or others, so this is just to protect their data usage, not their identities because they give it to the bank, amazon etc, when logging in to their website and doing bank transfers, buy books... So what about the security then if they need the VPN for "real VPN tasks" (let's call these VPN tasks), whatever that might be depends of course. Remember we have only one PC. So would it be a solution to work with a dedicated country or just some dedicated (VPN-)servers of a country for all non-VPN tasks and to take servers from other countries for VPN tasks. On top of that the VPN servers for VPN-tasks will be used with another browser-profile to avoid exact fingerprinting. Also there is always a complete setup comodo-firewall running which only let's traffic through the VPN to the outside. The DNS of the network interface will always be static and pointing to the VPN-DNS. So in fact there is no traffic possible without being connected to the VPN. Which security issues can come up like that? I think most people with one PC will do it that way that they use no VPN for non-VPN tasks and VPN only for VPN tasks. This is of course quite different but the same questions come up. Of course care is taken to not mix identities, eg to not login to your bank account if you are not in the non-VPN servers using the non-VPN browser profile.

Hello, I think Air should add GPG support for the Contact Us page ( regardless of whether one has registered and logged in as a client or is accessing as guest). Users could upload their GPG public key so Air's responses sent via e-mail to the user would be encrypted. This would really improve security, particularly for users who have an insecure mail host. Best regards, anonym

I'm not sure if I am allowed to post this here (if not please notify me) but I would like to tell the glorious AirVPN community about my ongoing MyBB forum project. My friends and I have created a community where users can discuss on topics like privacy, security, cryptography, philosophy, politics, freedom and cryptocurrency and on various other topics. We are still working on it and adding new things every day but we hope to grow and have a lot of activity (might change up the theme a bit). We are also open to anyone's suggestions This might be a strange place to post this but I thought why not! Currently there is one other comparable and popular board which is 'wilderssecurity'. So if anyone wants to check us out stop by sometime. Privacy conscious people welcome! https://cryptoforums.net

Hello, I think Air should have HSTS (HTTPS Strict Transport Security) enabled on your website for even more security. See this article from EFF for more information. Best regards, anonym

Hi all, if someone could help me please, how does the Open VPN client generate the RSA keys it uses for the initial handshake when logging on and then for the encryption of traffic? Does Open VPN generate it's own keys ( and if so according to what rules) or does it 'buy in' a key or key template from the company of the name RSA or where do these keys come from? Thanks.

Hello everyone, I just signed up for a trial period of 3 days using the Spain's VPN provided by AirVPN. I connected to the VPN using Tunnelblick, and 20 mins later I got a message on my phone from Google saying that someone was trying to access my email account from the same place where my new IP address was located?? I wonder if I am the first person to suffer this situation, or if any of you has been using the Spanish AirVPN server. Obviously, this forced me to change all my passwords everywhere, which is a very annoying thing to do. To be honest, I wouldn't try to connect through your VPN again unless you can explain what actually just happened. Thanks in advance

I'm building a Linux home server, and some resources (mostly protected by password & SSL) will need to be accessible over the internet. Also, I'll need to be able to SSH into my server over the internet, to initiate remote tasks or something of that nature. In order to do any of these things, I'll need to get a dynamic DNS, at least until I can get a static IP. First of all, is this even possible to do while my IP address is masked by airVPN? If so, does this present any additional security concerns? I assume the dynamic DNS provider will know the outbound IP of the AirVPN server I'm using, but would that actually be a problem? After all, every site I connect to can already see that address.

How NSA-Proof Are VPN Providers? ​ ​Very interesting article, suggest everyone to read your way through it.

On the page https://airvpn.org/topic/9139-prevent-leaks-with-linux-iptables/ there is a guide to setting up rules for iptables to prevent any leaks if the VPN were to disconnect. There are some brief comments accompanying the commands, which is great, but I was wondering if anyone could offer a more in-depth explanation for those of us not familiar with iptables? I've been trying to decode everything through 'man iptables', but it's a little difficult. For example, how do I know that the rules don't open up access to my machine or network through the tunnel? Thanks to anyone who can help!

(Reuters) Sunday 30 June 2013 - The United States taps half a billion phone calls, emails and text messages in Germany in a typical month and has classed its biggest European ally as a target similar to China, according to secret U.S. documents quoted by a German newsmagazine. The revelations of alleged U.S. surveillance programs based on documents taken by fugitive former National Security Agency contractor Edward Snowden have raised a political furor in the United States and abroad over the balance between privacy rights and national security. Exposing the latest details in a string of reputed spying programs, Der Spiegel quoted from an internal NSA document which it said its reporters had seen. The document Spiegel cited showed that the United States categorized Germany as a "third-class" partner and that surveillance there was stronger than in any other EU country, similar in extent to China, Iraq or Saudi-Arabia. "We can attack the signals of most foreign third-class partners, and we do it too," Der Spiegel quoted a passage in the NSA document as saying. It said the document showed that the NSA monitored phone calls, text messages, emails and internet chat contributions and has saved the metadata - that is, the connections, not the content - at its headquarters. On an average day, the NSA monitored about 20 million German phone connections and 10 million internet data sets, rising to 60 million phone connections on busy days, the report said. A Spiegel report on Saturday that the NSA had spied on European Union offices caused outrage among EU policymakers, with some even calling for a suspension to talks for a free trade agreement between Washington and the EU. In France, Der Spiegel reported, the United States taps about 2 million connection data a day. Only Canada, Australia, Britain and New Zealand were explicitly exempted from spy attacks. Full article: http://www.reuters.com/article/2013/06/30/us-usa-germany-spying-idUSBRE95T04B20130630

Since I use the Comodo firewall at the recommendation of the excellent support staff here, I was wondering what do you think of their Dragon web browser, as far as privacy and security is concerned? Because I respect their opinions on such matters, I'd love to hear from the support staff, but also others who might have used it. Thanks in advance, L

Hello, I was conducting several tests to see how to better use Air and I encountered the fact that when I am connected through the Air client I have incredible slow download speeds (below 500 kbs) - without any VPN I have over 10 mbs. So, while doing research about this issue I find out that probably the ISP is trying to throtle me from using the VPN for this kind of activity.... So I generated an open vpn config using TCP-80 and everything works great, I have an average of 6.5 mbs when I download. The question which bothers me: Is this kind of configuration offering the same security as the client? Am I protected as well as I would use the Air client?