Jump to content


Staff

Member Since 04 Jun 2010
Online Last Active Today, 01:15 PM
*****

Posts I've Made

In Topic: Eddie keeps on crashing at startup - macOS (High Sierra 10.13.6)

Yesterday, 08:25 PM

... and where could I get Eddie 2.17.2 beta to test if it solves the crashes issue ?

 

Kind regards,

Z.

 

Hello!

 

Thank you for the crash report.

 

To download Eddie latest beta version for Mac:

 

  • go to https://airvpn.org/macosx
  • click "Other versions"
  • click "Experimental"
  • you will be brought back to the download page pointing to the latest beta version
  • download and install as usual

Feel free to report whether it solves the issue or not.

 

Kind regards


In Topic: Running tls-crypt and SSL together - overkill?

Yesterday, 07:48 PM

Hello!

 

If Windscribe and Torguard work, then the block might be not against the protocols, but against our own IP addresses, we're sorry.

 

Kind regards


In Topic: Considerations on Eddie Android

Yesterday, 10:42 AM

I've found the same issue. I've extensively tested both OpenVPN for Android and Eddie for Android and it appears that OpenVPN for Android wins out as far as ease of use and reliability are concerned for the time being.

Using OpenVPN for Android, I can turn off my network connection and know that if I reconnect it will kick in and connect very quickly.

 

Hello!

 

This is exactly what Eddie does. Your problem is treated in another thread and is not reproducible so far. Moreover your problem is unrelated to this thread. Please do not pollute threads and help us keep them clear and in good order. A split is mandatory.

 

EDIT: thread has been split for consistency.

 

Kind regards


In Topic: [Android] Eddie does not reconnect after losing connection

22 March 2019 - 04:37 PM

Thanks for the reply. I'm not entirely sure why me disabling and reactivating the VPN connection is more secure than the app doing these steps automatically. Also, I have never read before about the possibility for leaks with the actual Android leak protection activated.

 

Hello!

 

Simply because when you are the one to decide when to unlock, you can first terminate those app which must not have their traffic outside the VPN according to your threat model.

 

 

Mind you, I am NOT talking about the way Google initially added it, when only the "Always-On VPN" option was available. This iteration was indeed leaky. I'm talking about the later Android patch which also included the "block all non-VPN connections" option to the same menu, which I've personally never seen fail and never heard or read about it failing. If you've found this feature to fail, you should probably report it to Google.

 

 

Yes, we are talking about the same. There's nothing to report, the option works as expected. It's you that you're asking it for what it can't (and did not promise to) do, i.e. block the traffic unconditionally, if we understand correctly what you want. The "Block connection ..." new sub-option under "Always on" blocks traffic of the unregistered (to the VpnService API) applications while the tunnel is non-existing. All the traffic of the registered to the service applications is not blocked as well as the traffic (outside any tunnel) during all the time necessary to rebuild a tunnel and connect.

 

Eddie leaves you the freedom of choice according to your threat model. If the "Alway on" + "Block connections..." are not a hazard for your threat model, then you can disable VPN lock in Eddie. On the contrary, if you can't allow the risk of traffic flowing outside any tunnel in aforementioned cases, then enable Eddie "VPN lock".

 

Finally, always remember that, even while the tunnel is up, in an Android device leaks are ALWAYS possible by applications running with high privileges (typically Google and system manufacturer software), trivially by binding to the physical network interface . Such leaks could be theoretically prevented only with the correct packet filtering table rules, which you can't modify if you're not root (that's why Eddie leaks prevention is a "best effort").

 

The same happens in iOS where Apple. by policy, reminds you that Apple applications will bypass whenever they want any VPN and exchange data outside the VPN tunnel without warning you.

 

Kind regards


In Topic: [Android] Eddie does not reconnect after losing connection

21 March 2019 - 08:40 PM

Hello!

 

The VPN lock is the only safe way to prevent traffic leaks in specific circumstances. The feature can anyway be disabled in the Settings, if your threat model can tolerate traffic leaks. In this way Eddie will behave similarly to all the other OpenVPN based apps, trying to re-connect as soon as possible in any case with potential, unavoidable leaks.

 

Eddie will anyway re-connect to the server whenever doing so will not expose the device to traffic leaks (i.e. the tunnel was not destroyed), even when the VPN lock feature is on.

 

EDIT: please note that the Android Oreo (and higher versions) options you mention are not aimed to prevent leaks in various circumstances.

 

Kind regards


Servers online. Online Sessions: 15488 - BW: 64632 Mbit/sYour IP: 52.201.27.211Guest Access.