HideMyAss VPN

Monday, March 31, 2014

VPN Issues In KitKat Are Interfering With Connection Routing, Fixes Are Planned For Some Of Them

Virtual Private Networks (VPNs) aren’t the sexiest topic out there, but they are a pretty vital part of daily operations for almost every major company and many small businesses. VPNs are used to securely connect a computer, tablet, or phone to a company's private network over the Internet, thus allowing people to work remotely while ensuring strict authentication and enforcing administrative policies. Even some power users are apt to set up a VPN if they want to make their home networks accessible while they're on the road.

During the development of Android 4.4 KitKat, the time came to spruce up some of the lower-level pieces that are responsible for creating and managing VPN connections. As with any normal code rewrite, a few bugs crept into the mix. Unfortunately, some of these bugs proved to be relatively catastrophic to a lot of users, leaving them unable to conduct their business.

Symptoms
The more involved details of each symptom are hard to explain without going into very extensive (and boring) depth about network routing and configurations. Instead, I'm going to stick with the overall effects that most people will witness when they try to establish a connection.
  • Tunneling IPv6 over IPv4 simply doesn’t work. In other words, if you connect to a VPN over IPv4 and the other end supports IPv6, any IPv6 address you attempt to communicate with will be unreachable. Everything will appear to be connected and working, but those data packets simply won't leave your device.
  • Changing connection types (e.g. from wifi to 3g) will result in a disconnection from the VPN. The disconnection might be intentional, as it could be a safety measure to prevent possible snooping. Reconnecting to the VPN is the bigger issue. Some people claim that they can reconnect over the new interface right away, some say that they can only reconnect over the original interface, and some people simply cannot reconnect over any type of interface without first rebooting. To be fair, there isn’t enough information to completely rule out specific apps or environmental conditions.
  • Some apps use VPN routing to establish tethering connections over non-standard interfaces (like Bluetooth). When this occurs on KitKat, it can look like a VPN connection has been established but data packets fail to travel in either direction. This is known to cause issues for apps like BlueVPN and Open Garden. (A mediocre workaround for this is discussed below.)
What Is Affected
Each of the issues described here affect every Nexus device running KitKat 4.4 - 4.4.2. Google Play Edition devices and anything running an aftermarket ROM based on AOSP should also be affected.
HTC and Samsung devices are mentioned in some of the threads, but none of the complaints specify if they are running stock Android (GPE variants or AOSP ROMs). One report claims the 4.4.2 update for the HTC One does not suffer from the Bluetooth tethering bug. Another comment also seems to clear the Galaxy Note 3 of the same bug, but it indicates that the other bugs are probably still be present.
Causes
A root cause hasn’t been clearly identified and there’s still not enough information to determine with any certainty if these bugs originate from the same error or if multiple factors are at work. Most of the problems center around handling of the routing table, so it’s possible all of these are manifestations of the same core bug.
Workarounds
Unfortunately, the last few months have gone by without any really good solutions for most of these bugs. In fact, short of offloading the VPN duties to a router, most people have been at a standstill since updating to KitKat.

There has been a fairly crumby workaround discovered by people using HMA VPN to tether over Bluetooth, which is to also be connected to WiFi at the same time. Yes, you read that right. If your device is connected to a WiFi access point, even one that has no uplink connection, it then becomes possible to use apps like BlueVPN and Open Garden. Of course, this isn’t the most battery efficient or convenient option, but it might help when desperate times call for desperate measures.
Fixes Are Coming
On the positive side, all of these issues are probably just about to vanish. A project member dropped into the Bluetooth tethering thread to mark it as FutureRelease while acknowledging that several bug fixes are scheduled for the next release of Android. The other threads relating to VPN issues are still sitting without a change in status, but it’s likely that many of those issues simply haven’t been marked.
Wrap-Up
VPNs aren’t used by a large percentage of the population, but those who do use them, rely on them heavily. To suddenly lose access to networks that are vital for your job can be a crippling experience. We’ll just have to wait until the next update (probably 4.4.3) to find out which, if any of these bugs survived, but it sounds like most people will be able to get back to their normal routine fairly soon.




Name of the Provider
Website Address
Hide My Ass
Strong VPN
Switch VPN
Pure VPN
IPVanish VPN
Hotspot Shield Elite

 

BT finally admits its Home Hub router scuppers some VPN connections

BT has coughed to a crappy glitch with its Home Hub 3A router that is blocking some VPN connections.
However, the one-time state monopoly appears to have taken a long time to acknowledge customer gripes, which have been piling up for weeks.
BT said it had taken a while to respond to individual complaints because it was essentially compiling a dossier so it could pinpoint the technical blunder.
That's despite the fact that subscribers had been saying since early March that their VPN connections were going titsup ever since BT upgraded its kit with a new firmware version.
On Wednesday, BT said in a lengthy thread on its customer forum:
The Hub team have asked us to pass on their huge thanks for all the help you have given us. The details you have provided have been key to getting to the bottom of what was going on here.
As you guys thought, the new firmware (4.7.5.1.83.8.94.1.37) has introduced an interop issue between the Home Hub 3A and certain types of VPN configuration.
We are currently working on a resolution to this and will roll out a change to the Hub as soon as possible, but this will take time.
In the short term while we’re working on this we can suggest connecting to your BT Wi-Fi connection as a workaround for this issue. If you are still having problems having tried this workaround please let us know and we will offer further support.
The Register has been told by a number of readers that BT had initially fobbed them off about the cockup.
Some were apparently advised that they needed to buy new routers to resolve the problem, which – the customers who contacted us claimed – involved being locked into new 12- or 24-month contracts with BT.
We on the Networks desk at Vulture Central are delighted to see that the company is finally accepting the blame for this snafu. BT told El Reg:
BT can confirm that new firmware update has introduced an issue between the Home Hub 3A and certain types of VPN configuration. We are currently working on a resolution to this and will roll out a change to the Hub as soon as possible, but this will take time.
Meanwhile, it would seem that BT is fighting to wrest the title of "SuperFail" from Virgin Media – which was previously regularly appearing in these pages in connection with its router woes. In February, BT said it was "puzzled" after some Infinity customers complained about being abruptly disconnected from the fibre broadband network when using the telco's Home Hub 5 wireless router. ®

Friday, March 28, 2014

Europol finally wake up and smell the coffee!

Did you know that when you access public Wi-Fi hotspots your data and sensitive information is at risk to cybercriminals and other third parties?  Of course, this is not breaking news; public Wi-Fi has been known to be insecure ever since it came out, but it appears Europol’s cybercrime team has just woken up to this startling revelation.


Troels Oerting, head of Europol’s cybercrime centre recently told the BBC that “We have seen an increase in the misuse of Wi-Fi in order to steal information, identity or passwords and money from the users who use public or insecure Wi-Fi connections.  We should teach users that they should not address sensitive information while being on an open insecure Wi-Fi internet (connection)” he said.
Europol’s advice is spot on, and it’s great to see that they have joined the party, but it is rather tardy of them, Europe’s cybercrime centre, to report this now.  Could it be that a number of individuals at Europol have recently used public hotspots, and had their private and confidential information stolen? It’s a possibility. Or perhaps they have just been beamed back to earth by aliens, and are currently playing catch-up? Who knows!

We at HMA! take your privacy and security extremely seriously and we’ve been talking about the dangers of using public Wi-Fi for years. Danvers Baillieu, Chief Operating Officer at Hide My Ass!, says that “Although this is great news that they are warning people not to send personal data across unsecured Wi-Fi hotspots,  it’s a pity they don’t mention the solutions”.

Of course I applaud Europol for reiterating this message, the more people who are aware they are vulnerable to such attacks, the better.  But what about some solutions, Europol?

Luckily, we have a solution for you that will keep your private information, passwords and other valuable data safe and secure out of the reach of cybercriminals.  HMA! Pro VPN encrypts all data you send and receive over the internet by sending it through a private VPN tunnel so anyone wanting to steal your data, will just see gibberish.  When you use a VPN, you are given a new personal IP (Internet Protocol) address and your data is encrypted, so when you use public Wi-Fi, every task you perform appears as if it is coming from the VPN server. Your data is now encrypted and secure.
For more information and other ways HMA! Pro VPN can safeguard your data click here



Name of the Provider
Website Address
Hide My Ass
Strong VPN
Switch VPN
Pure VPN
IPVanish VPN
Hotspot Shield Elite

 

HMA! Tip: Virtual locations!

What are they and what can I use them for?

When you connect to one of our HMA! VPN servers, you’re assigned an IP address from the country server you connect to. For example connect to any HMA! server in America and you’ll get a US IP address. You can verify this here



Connecting to different countries is great for accessing geo-restricted content – for example, if you’re in the UK and you want to watch US television, many US websites will see that you are in the UK and will block you from viewing the content.  A VPN will help you get around this issue; simply connect to a US VPN server which will assign you an American IP address. This will allow you to watch the shows, as the website will now see you as connecting from within the US – you’ve tricked the website into thinking you are physically in the US.  However, connecting to a country that is far from your physical location can occasionally result in slower connection speeds and decreased reaction time which can make streaming online media difficult.  “Virtual Locations” can help solve this problem.

When you connect to a ‘virtual location’ server, you’re assigned an IP address of the country you would like to appear from, but you connect to a country server that is physically closest to you. For example, if you are based in Europe and would like to access the internet from the USA, you would connect to the UK, London – Virtual USA server.

This will give you improved speeds because now you’ve taken a shorter route, a “virtual” one.
When you connect to this virtual server location and check your IP you’ll see that you have a working virtual IP address, although the server you just connected to is located in a different country. You can now expect improved speeds and better reaction time.

Give it a try – check the HMA! Pro VPN clients server location list, the PPTP/L2TP server list or the OpenVPN configuration files for the “Virtual” server locations:


PPTP server lists: These can be found in your control panel
You can find out more information about virtual locations here


Name of the Provider
Website Address
Hide My Ass
Strong VPN
Switch VPN
Pure VPN
IPVanish VPN
Hotspot Shield Elite