Jump to content


Staff

Member Since 04 Jun 2010
Offline Last Active Yesterday, 08:34 PM
*****

#79703 Eddie Android edition 2.0 beta 1 released

Posted by Staff on Yesterday, 09:45 AM

Hi Team,.

 

Some Q,s / remarks.

  • Why a masterkey to connect?

 

Hello!

 

It is a very essential security feature which protects all of your AirVPN data (username, password, certificates, keys...).
 

 

  • Some kind of timer to see how long I’m connected on startpage.

 

 

Eddie makes every effort to save battery and what you suggest is somehow problematic because it may decrease battery life. Currently Eddie is the only OpenVPN based application which ensures a longer than "OpenVPN for Android" and "openvpn-connect" battery life, therefore we are hesitant to add any non-strictly essential feature which would potentially drain more energy per time unit.

 

 

  • Why not use the same button for quick connect and disconnect. With kind of warning for disconnect.
  • Button “quick connect “color is a bit dull, as in colorless. Red and green will be more understandable.
  • Possibility to keep log files and delete when needed after connections or disconnections are made.
  • Version number at startpage?

my 2 cents.

 

Thank you very much! Your suggestions will be kept in due consideration.

 

Kind regards




#79547 Eddie Android edition 2.0 beta 1 released

Posted by Staff on 15 November 2018 - 10:40 AM

Honestly, I'm intrigued to hear about such a 'rule' because it doesn't seem to make sense in any way.

 

It makes tons of sense, trust us, we have so many years of experience about it. The jurisdiction separation makes important distinctions in legal and illegal traffic wiretapping. If you live in a country controlled by a regime which is not friendly toward human rights,  the rule is even more important. Anyway it's important in general because the coordinated, legal wiretapping in different jurisdictions require at least the intervention of a magistrate and international cooperation and leaves significant less room to arbitrary wiretapping; while illegal wiretapping might have more issues in breaking physical access into machines in different countries, or more issues in traffic correlation.

 

Kind regards




#79543 Eddie Android edition 2.0 beta 1 released

Posted by Staff on 15 November 2018 - 10:07 AM

Even though I live in the U.S., Eddie refuses to auto-connect to a U.S. server. And if I blacklist every non-U.S. server, or add every U.S. server to my favorites, it says "End of Server List Reached",

 
Hello!
 
The "quick connect" feature respects the so called "golden rule" that claims that you should never connect to a VPN server located in your own jurisdiction. Currently you will need to manually select either a server from the global servers list, a server from the favorite servers list, or import the proper profile from the Configuration Generator to connect to a server located in your own country (or the country Eddie thinks you are in).
 

This is a feature which can of course be changed. Send us your feedback, what do you guys and gals think about it?

 

Also, what is VPN locking and how do I get rid of it?

 

A key part of leak prevention best effort is the ability to intercept, before it's too late, certain network statūs or OpenVPN error conditions. Every condition which is going to cause a traffic leak outside the VPN tunnel will trigger a proper action to prevent it. When possible, Eddie will restore the tunnel flow. In various error conditions that's never possible and you will have to intervene manually, so you can take care to stop programs whose traffic must not be leaked before removing the lock.
 
"Better safe than sorry" is Eddie Android founding philosophy. In an environment where the running application has limited privileges, you can't rely on a set of firewall rules or on permanent previous default gateway removal, so the task to prevent traffic leaks is challenging and requires some peculiar measures which are unnecessary in a desktop environment.
 
Kind regards




#79501 Eddie Android edition 2.0 beta 1 released

Posted by Staff on 14 November 2018 - 08:49 PM

When does this request to IPleaks get made? And is it strictly required for operation? I understand the use (to check users IP after connection), but runs the risk of sending a users real IP to your site.

 

Hello!

 

They are made each time the application wants to estimate which country you are in. It uses a service that's inside the AirVPN infrastructure (ipleak.net), through HTTPS. It does not use external services or GPS or any geo-location method which is anyway available in an Android device.

 

The procedure is part of the smart connection feature in automated mode. We are in an environment where many limitations must be taken into consideration: battery life, high latency networks, networks which block ICMP and more.

 

For example, relying on hundreds and hundreds of pings to determine the lowest round trip times between VPN servers and your node would be an unreliable, battery unconscious and, in many cases, intolerably slow operation.

 

Allowing the application to get the geo-location information (it only needs the country information) will make automatic connections remarkably more accurate. It is a quick, battery conscious, privacy aware procedure. It does not send to AirVPN infrastructure any information that AirVPN servers (including ipleak.net) already receive every time you connect.

 

Kind regards




#79492 Eddie Android edition 2.0 beta 1 released

Posted by Staff on 14 November 2018 - 03:49 PM

Hello!
 
We're glad to inform you that we are opening the beta testing phase of our free and open source software Eddie for Android version 2.0.

Version 2.0 is a quantum leap when compared to 1.0. It tries to meet most, if not all, of our community requirements and keeps the promises we made: swift and full AirVPN integration as well as Android TV extended compatibility.
 
As usual Eddie is free and open source software released under GPLv3.

 

You can participate to the beta testing by joining the beta community in the Google Play Store here:
https://play.google.com/apps/testing/org.airvpn.eddie
 
You can also download the Eddie Android 2.0 beta 1 apk directly from our repository:

https://eddie.website/repository/eddie/android/2.0beta1/org.airvpn.eddie.apk

 

The application is fully localized and we look for translators, especially for translations into simplified and traditional Chinese. Korean, Japanese and German, but many other languages are welcome. If you wish to translate (from English) please contact info@airvpn.org for every detail.

 

Eddie Android 2.0 beta 1 adds tons of new features while keeping all the appreciated old ones:

  • Free and open source OpenVPN GUI based on OpenVPN 3
  • The only Android application officially developed by AirVPN
  • Robust, best effort prevention of traffic leaks outside the VPN tunnel
  • Battery-conscious application
  • Low RAM footprint
  • Ergonomic and friendly interface
  • Ability to start and connect the application at device boot
  • Option to define which apps must have traffic inside or outside the VPN tunnel through white and black list
  •  

    New features:

  • Full integration with AirVPN
  • Enhanced security thanks to locally stored encrypted data through master password
  • Quick one-tap connection and smart, fully automated server selection
  • Smart server selection with custom settings
  • Manual server selection
  • Smart attempts to bypass OpenVPN blocks featuring protocol and server fail-over
  • Full Android TV compatibility including D-Pad support. Mouse emulation is not required.
  • AirVPN servers sorting options
  • Customizable "Favorite" and "Forbidden" servers
  • OpenVPN mimetype support to import profiles from external applications
  • Known issues:

    French localization is partial and will be completed soon.

     

     

    If you test this new version, do not hesitate to report bugs, problems, considerations and any other feedback in this thread. You will help us reach a stable version more quickly. Please remember to report all the device information (brand, model, Android version, environment) as well as the log taken after the problem is occurred (when and if possible).

     

     

    Changelog 2.0 (VC 10) - Release date: 14 November 2018 by ProMIND - [ProMIND] Added classes for AirVPN connection, management and integration with AirVPN servers. - [ProMIND] Added classes for AirVPN user login, logout and profiles. - [ProMIND] Quick connection to AirVPN. Full connection support with determination of best server, protocol and mode, including server failover. - [ProMIND] Server connection to AirVPN compliant to AirVPN server list. Creation of favorite and forbidden lists. - [ProMIND] New user interface design - [ProMIND] Full Android TV support, including Storage Access Framework (Android SAF, when available) and full support for d-pad navigation. - [ProMIND] OpenVPN mimetype support. Import OpenVPN profiles from external applications. Native Library 1.3.1 - [ProMIND] Added new APIs for system information - [ProMIND] Updated boost library to 1.68.0 - [ProMIND] Updated to latest OpenVPN3 release  

     

     

     

    Kind regards & datalove

    AirVPN Staff




    #79257 IPv6 support and new smart features

    Posted by Staff on 07 November 2018 - 12:02 PM

    Hi Guys!

     

    Because all servers are gen 2 could it be possible to update the OpenVPN Config Generator and making UDP entry 3 available by continent/country?

     

    Despite the fact that all servers are now gen 2 servers it give the following message "You selected advanced options not yet available on all servers."

     

    Thank you in advance :)

     

    hi guys! any news?

     

    Hello!

     

    Yes, we are very glad to inform you that we are deploying this new feature on the Configuration Generator with the addition of new FQDNs. Probably everything will be available today (Nov the 7th 2018) or tomorrow for everybody.

     

    Kind regards




    #79055 automatic server selection for TLS connections

    Posted by Staff on 01 November 2018 - 09:31 PM

    Hello!

     

    Absolutely. This feature will be implemented.

     

    Kind regards




    #78922 Two new 1 Gbit/s servers available (CH)

    Posted by Staff on 29 October 2018 - 11:28 AM

    Hello!

     

    By popular acclaim Kitalpha will not be canceled. Our previous decision was a consequence of the fact that Kitalpha has old hardware, no AES-NI supporting CPU and no IPv6 support. Since the datacenter could not offer IPv6 support, we decided to switch to a less obsolete infrastructure.

     

    While nothing can be done for IPv6 support, it is possible that we can replace the server at least with an AES-NI supporting CPU (unavailable until some time ago, but now things might have changed), so that Kitalpha will be always in the same datacenter, but with a more modern hardware. If no AES-NI CPU is available, we will anyway keep Kitalpha as it is now. The advanced load balancing system works well and mitigates the bottlenecks caused by non-AES-NI supporting CPUs.

     

    Kind regards




    #78834 Wireguard + post-quantum cryptography

    Posted by Staff on 27 October 2018 - 11:06 AM

    Hello!

     

    We prefer a safer approach. Testing the implementation of a stable protocol has nothing to do with testing an experimental protocol. IPv6 is definitely not an experimental protocol since so many years: the test is on our servers settings, not on the protocol, which is stable.

     

    Completely different thing is testing a protocol which is itself experimental.

     

    I guess I'm just coming from a different perspective since I've looked at the code myself and have been using it flawlessly for awhile now.

     

    This is anecdotal and unfortunately has no value at all.

     

    Side note: IPv6 configuration completed the beta phase successfully, the disclaimer must be deleted.

     

    Kind regards




    #78803 Refreshing server list loses "score" information

    Posted by Staff on 26 October 2018 - 01:28 PM

    I am confused by this. I am sure this wasn't the case before with an earlier version of Eddie. If one uses monstrocity workaround Eddie refreshes the server list correctly showing the latency, but if one manually refreshes the list, you lose the stats thus how would one be able to choose the next best server without needing to disconnect first? This doesn't seem like a good function. The UX needs to be refined. It's still very rough around the edges.

     

    Hello!

     

    Yes, that's correct and intended. If an older version of Eddie showed latencies after a refresh while the system is connected to some VPN server, that was not an accurate behavior, because Eddie should show round trip times from your node to VPN servers, not from some VPN server to other VPN servers: that's not a useful info (to pick a server) and is anyway visible in the ping matrix of the real time servers monitor.

     

    monstrocity suggestion should not be a workaround: simply, Eddie will not print the round trip times while the system is connected to the VPN and you will see the older ones. If you force an update with the button, then you should see the round trip time and the stars disappear.

     

    Kind regards




    #78795 New 1 Gbit/s server available (US)

    Posted by Staff on 26 October 2018 - 10:27 AM

    Hello!

    We're very glad to inform you that a new 1 Gbit/s server located in New York City (NY, USA) is available: Lich.

    The AirVPN client will show automatically this new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

    The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP.

    Just like every other "second generation" Air server, Lich supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt.

    Full IPv6 support is included as well.

    As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

    You can check the server status as usual in our real time servers monitor:

    https://airvpn.org/servers/lich

    Do not hesitate to contact us for any information or issue.

    Kind regards and datalove
    AirVPN Team




    #78794 Two new 1 Gbit/s servers available (CH)

    Posted by Staff on 26 October 2018 - 10:20 AM

    Hello!

    We're very glad to inform you that two new 1 Gbit/s servers located in Zurich (Switzerland) are available: Dorado and Sextans.

    The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

    The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP.

    Just like every other "second generation" Air server, Dorado and Sextans support OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt.

    Full IPv6 support is included as well.

    As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

     

    Dorado and Sextans replace Kitalpha which will be dismissed within Nov 17th, 2018.  EDIT: by popular acclaim good old Kitalpha will NOT be canceled.

    You can check the servers status as usual in our real time servers monitor:

    https://airvpn.org/servers/dorado

    https://airvpn.org/servers/sextans

     

    Do not hesitate to contact us for any information or issue.

    Kind regards and datalove
    AirVPN Team




    #78619 Servers withdrawal announcement

    Posted by Staff on 18 October 2018 - 03:39 PM

    5/5 Vancouver Canada servers highlighted in red with "NA: Imminent Withdrawal". Staff, any update post around this?

    I noticed the same thing. Only one Vancouver server now. What happened?

     

    Hello!

    Getting rid of datacenters/providers that can keep their promises only for a few weeks. It looks like we did not get a good service in the Vancouver area in the last 8 weeks or even more (confirmed by users feedback) so radical changes have been mandatory.

     

    We will expand infrastructure in Vancouver with the Pisces ISP in two weeks if there are no issues (at the moment Pisces meets our requirements).

     

    Kind regards




    #78212 wonky LAN access

    Posted by Staff on 02 October 2018 - 05:00 PM

    Hello!

     

    Please try the following settings:

    • set Preferences > Network Lock > Incoming to Allow (but keep Outgoing to Block)
    • enter the following addresses in the box Allowed addresses:

      239.0.0.0/8

      224.0.0.0/22

    • click Save

    • disable and enable "Network Lock"

    Kind regards




    #78195 New 1 Gbit/s server available (CA)

    Posted by Staff on 02 October 2018 - 10:00 AM

    Hello!

    We're very glad to inform you that a new 1 Gbit/s servers located in Vancouver (Canada) is available: Pisces.

    The AirVPN client will show automatically this new server, while if you use the OpenVPN client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

    The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP.

    Just like every other "second generation" Air server, Pisces supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.2 and tls-crypt.

    Full IPv6 support is included as well.

    As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.

    You can check the server status a usual in our real time servers monitor:
    https://airvpn.org/servers/Pisces

    Do not hesitate to contact us for any information or issue.

    Kind regards and datalove
    AirVPN Team






    Servers online. Online Sessions: 12922 - BW: 44113 Mbit/sYour IP: 54.146.195.24Guest Access.