Purple Post 4 - December

WireGuard is still currently free to use

Our WireGuard servers are not getting enough pressure but hopefully more people will get their eyes on WireGuard and try it out.

It will be free until our WireGuard BETA ends, or when we hit too much traffic so that we cannot afford to have it free anymore.

Blind operator mode - "For clueless operators who wish to become more clueless."

Recently we enabled Blind Operator Mode on all VPN servers. This is a Linux kernel module that we paid zx2c4 to write and open source.

Even though we don't keep any logs, this module works as a technical shield that prevents us from doing realtime sniffing on our clients.

A few things that this module does:

  • Prevents access to /dev/{mem,kmem,port} and /proc/kcore, and it disables future module (un)loading.
  • Prevents the creation of AF_RAW and AF_INET(6)/SOCK_RAW sockets, in order to "break" tcpdump.
  • Ptrace, /proc/PID/mem, and coredumps are also disabled, to gain some rudimentary support for hindering data extraction from userspace programs, like OpenVPN.
  • Zeros out the endpoints field and allowedips field of WireGuard peers.

Service status

You are now able to see how much traffic our nodes handles. Both the site and API refreshes the data every 5th min.

Visit our service status-page here or get all the data from our API.

Reddit

We have created a subreddit-page which you may freely request to join. Not that much activity there yet but our first thoughts was to publish blog posts and let our users comment. You can find it here.

Translations

bonne baguette! Today we rolled out French and Dutch translations to the website. We've also got translations made to azclient that will be included in the next release.

What's going on

We are rewriting some back-end functions and should be done by the end of next week. Our users will not experiencing any difference using our service, however.. it will make it easier for us to continue develop our back-end and bring new features, a much needed update.

We haven't forgot about improving how we handle authentication of our users. It's next on our todo-list!

Warrant Canary

Has been updated and can be found here.