Month: March 2014

AirVPN’s Responses to TorrentFreak’s VPN Questions

Back in 2011, TorrentFreak did a survey of third party VPN services in response to some high-profile incidents in which companies running VPNs ratted out their customers. Recently, TorrentFreak did a similar survey that had a fairly striking omission–TorrentFreak didn’t include and apparently didn’t bother to even ask its questions of AirVPN, which I and others concluded was the best VPN available based on its 2011 survey. TorrentFreak hasn’t explained why AirVPN was left out, but AirVPN went ahead and answered TorrentFreak’s questions in their user forums, and TorrentFreak finally got around to updating its original story to include AirVPN’s answers.

Anyway, since I don’t like the format in which TorrentFreak offered up the answers, here are their questions with AirVPN’s answers, which  highlight why I continue to be a loyal AirVPN customer.

1. Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user of your service? If so, exactly what information do you hold and for how long?

No, we don’t keep any log that might be exploited to reveal customers’ personal data during connections, including real IP address. For example OpenVPN logs are sent to /dev/null (Air is based on OpenVPN). Our privacy policy is available here: https://airvpn.org/privacy

On top of that our VPN servers do not maintain any account database.

2. Under what jurisdictions does your company operate and under what exact circumstances will you share the information you hold with a 3rd party?

Italy. We do not share any information with any 3rd party.

3. What tools are used to monitor and mitigate abuse of your service?

Automatic triggering based on patterns to detect and if possible block as soon as possible various types of attacks (for example UDP floods) against or from our servers.

4. In the event you receive a DMCA takedown notice or European equivalent, how are these handled?

They are ignored. Now and then we reply asking for a more substantiated proof and asking to disclose the technical method according to which a takedown notice has been prepared, but so far none of the entities we queried disclosed such information, in absence of which the notices pertaining to p2p are simply vague and unproven claims from some private entity.

5. What steps are taken when a valid court order requires your company to identify an active user of your service?

No help can be given about past connections because we don’t log, monitor or inspect our clients traffic, and we don’t and can’t require a proof of identity from our customers. However, if the court order pertains to presumed actions which infringe our Terms of Service and in particular that in any way violate, directly or indirectly, or aid the violation of, the ECHR, we can try to help the court in the best way we can with subsequent investigations and if possible with the help of proper and competent authorities.

6. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why?

Yes. p2p protocols are perhaps a set of the most exciting protocols invented in the last 12-13 years, so they are actively encouraged on every server. We do not discriminate against any application or protocol, in compliance with our mission and to stay a mere conduit of data.

7. Which payment systems do you use and how are these linked to individual user accounts?

We accept Bitcoin, many credit cards, PayPal. Each payment is linked to an account only in order to provide service delivery and to comply to our refund policy.

8. What is the most secure VPN connection and encryption algorithm you would recommend to your users?

We put into practice the recommendations of security expert and best practices on our setup, based exclusively on OpenVPN with the following features:

Data Channel: AES-256-CBC
Control Channel: HMAC SHA1
RSA keys size: 2048 bit
PFS (Perfect Forward Secrecy): yes. TLS re-keying is performed by default every 60 minutes through DHE as well as at each new connection. As an additional option the re-keying time interval can be lowered by the client unilaterally.

The client key is used to authorize the access to the system, not to encrypt the data channel, so that even if an adversary catches the client private key, the client traffic can’t be decrypted.

Dell XPS 13 Review

Recently it was time to buy a new laptop, and this time around I wanted something that was powerful, but ultraportable. I ended up settling on a Dell XPS 13 and have been very happy with it so far.

Weighing in at just 3 pounds and just 0.71 inches thick, it certainly has the ultraportable criteria covered. Dell makes a ton of different versions of the XPS 13. The version I bought has a 1920 x 1080 touch screen, 8gb of RAM, a 128gb SSD and a core i7 processor.

OS

The Dell XPS 13 ships with Windows 8. The first thing I did was wipe that and replace it with Linux Mint 16. Dell makes an Ubuntu developer version of the XPS 13, and a lot of the work Dell has done there carried over to the consumer version of the XPS 13. The laptop worked perfectly out of the box with Linux Mint. Everything from the WiFi to the keyboard backlight to the touchscreen just worked without any effort on my part. In fact, the geekiest configuration change I had to make was figuring out how to completely disable the trackpad (I simply despise trackpads on all laptops).

Screen

The screen is a glossy touchscreen coated in Gorilla Glass. This is not the worst glossy screen I’ve used, but I’m not a fan of non-matte screens in general. A matte version would have been nice. I also think touchscreens on laptops are a gimmick and turned that feature off immediately.

Keyboard and Trackpad

I’m used to the awesome keyboard on my Lenovo T420. The XPS 13 keyboard isn’t that good, but it is surprisingly nice to type on. It is much better than most non-Lenovo laptops I’ve used, including other Dell models. As I mentioned above, I despise trackpads and the first thing I do on any laptop I own is completely disable them. If you’re into trackpads, I’d say the XPS 13 trackpad was about as crappy as every other trackpad on every other laptop I’ve used.

Performance and Battery Life

The laptop’s performance under Linux Mint is very good. You’re not going to be able to do any serious gaming on this, but I get more than acceptable frame rates from Minecraft.

Obviously with ultraportables, the battery life is one of the major tradeoffs. I turn up the brightness on the screen as far as it will go, and I tend to get 4-5 hours of battery life doing normal browsing and text editing. More intensive applications, such as video encoding, are going to reduce that significantly.

The XPS 13 seems to manage heat fairly well. After extended use, the machine does get a little warm, but much less so than other laptops I’ve used. Occasionally the internal fan kicks on, and the noise is noticeable but typical for what I’d expect in a laptop.

Ports

One of the major compromises Dell made in creating the XPS 13 was reducing and eliminating the port options.

For USB, there are only two USB 3.0 ports–one on each side of the laptop. Two on each side would have been ideal, as this is really too few USB ports for a contemporary laptop.

For connecting to an external display, the only option is a Mini-Display port. The laptop’s small size probably precluded an HDMI port or VGA port.

Finally, there is no Ethernet port on the XPS 13 at all. The laptop is WiFi only unless you have a USB-to-Ethernet adapter.

One Minor Annoyance

There is one other minor annoyance I have with the XPS 13. I prefer laptops that have hardware latches that lock and unlock to allow the laptop to be opened up. The XPS 13 does not have such a latch, relying on the hinge to keep the laptop closed.

This creates two problems. First, opening up the laptop is a bit awkward as the user has to wedge a finger underneath the LCD and then pull the panel upward in order to open the laptop. Second, I’m extremely skeptical as to how well the hinge will hold up over a couple years of opening and closing.

Overall

Overall, this is a very good laptop for the price. I had some concerns when buying it and planned to gift it to one of my kids if it didn’t work out for me, but the Dell XPS 13 has become the PC I use for all of my non-gaming PC needs.

Rocketman Action Figure

Wow — Go Hero is making a 1/6 scale action figure of the Rocketman from the 1949 King of the Rocketmen serial. Along with the figure, the package will include,

  • Portrait of George Wallace
  • Metal Helmet w/ Working Visor & Flight Cap
  • Metal Jet-Pack
  • Metal Luger w/ Raygun Attachments & Clip
  • Metal Canon
  • Metal Control Panel w/ Adjustable Knobs
  • Radio
  • Leather Jacket
  • Detailed Outfit (Pants, Shirt, Tie, Socks)
  • Leather Belt w/ Metal Buckle
  • 3” Rocketship Mini Model
  • 3 Sets of Hands
  • Figure Stand
  • High-Grade Specialty Packaging

 

Rocketman Action Figure