Blog Postings

The official blog of ÉlanVPN

Notice of Website Maintenance

In the evening of Sunday, 20th August at around 6pm UTC, this website will be offline for a hardware upgrade. While this does not directly affect our VPN network, new logins will not be possible during this time. Already connected users will remain connected. Downtime is expected to last about 6 hours.

We apologize in advance for any inconvenience.

Notice of Website Maintenance

In the afternoon of Tuesday, 19th July at around 2pm UTC, this website will be offline for scheduled maintenance. While this does not directly affect our VPN network, new logins will not be possible during this time. Already connected users will remain connected. Downtime is expected to last about an hour.

We apologize in advance for any inconvenience.

Notice of Website Maintenance

Early in the morning of Sunday, 5th June at around 7am UTC, this website will be offline for routine maintenance and installation of software upgrades. While this does not directly affect our VPN network, new logins will not be possible during this time. Already connected users will remain connected. Downtime is expected to last 1-2 hours.

We apologize in advance for any inconvenience.

Updated ElanVPN Client VPN Configuration

In order to improve our ElanVPN network security settings and conform to options changes made on the servers, we have found it necessary to update the client VPN configuration files for all of our customers.

Accordingly, we are reissuing the credentials for each customer. We emailed all our customers today.

How to update your ElanVPN configuration files:

Method 1:
You may install your new client config files these over top of the ones you are already using and you are done.

Method 2:
Alternatively, if you wish to do this manually you can edit your ElanVPN-Max.ovpn or ElanVPN-Max.conf files and change the line near the top which reads:
mssfix 1400
so that it reads:
fragment 1400

Without making this change, on some computers you may find it impossible to connect your client to the network. On our ElanVPN network, user privacy & security always comes first!

Additional note: the OpenVPN team has recently released an update to the client software, rev. 2.3.11. We suggest that you upgrade at your convenience, to obtain the latest security patches. You can always download the latest OpenVPN client for Windows computers here. For Mac, get the latest stable Tunnelblick here, and for Linux check the repository for your distro here.

Announcing Our Formal Service Launch!

ÉlanVPN is pleased to announce that our online store is now open for new business! Although a small number of users have already been receiving service the past couple of months, we wanted to finalize a few things before doing a formal launch announcement. Those tasks are now at or nearing completion, so we feel it's a good time to get started.

We are also announcing a very important service change: we've decided not to offer the single-hop "Turbo VPN." There are a number of reasons for this. First and foremost, it really isn't possible to provide a single-hop VPN that's thoroughly secure, even if it doesn't allow port forwarding. It is simply too easy for an attacker who can view enough traffic to associate inputs with outputs across the VPN. Secondly, our multi-hop "Max VPN" actually provides speeds comparable to the single-hop, for sustained throughput. Finally, prevailing prices for single-hop VPN services are now so low that it doesn't make economic sense to offer them to a modest subscriber base. In short, we just don't see how it makes sense to charge a premium price for a low-value service which provides little or no real anonymity. Granted this is precisely what most VPN companies are doing, but we're just not comfortable selling snake oil.

All of our IndieGoGo campaign backers who purchased a package for Turbo VPN, will be given a Max VPN subscription of the same duration at no extra charge. Those who purchased a Turbo-Max combo package will be given the choice of an extention to their Max subscription, or a refund of the Turbo portion of their package price, at their option. (Note that there is no SIP calling support provided via the Max network at this time.)

New subscribers will be able to choose from monthly, semi-annual, or annual Max subscriptions. All subscriptions come with secure email nyms which can only be accessed via the VPN, plus 1GB of file storage tied to the first email nym created for the account.

Support pages for connecting to the VPN using free clients on various platforms are now up on our website, under the Downloads menu. In addition, detailed README files are provided for each platform along with a user's VPN credentials. At present these pages are only available in English, with French versions to follow.

We do still have some errata to resolve. Although we will issue you credentials for your email account, the process of creating new nyms (addresses) is not yet automated. Consequently, for the present you will need to email us at support AT ElanVPN DOT net when you wish to establish a new email nym. We will shortly provide a secure API on our website to automate this function.

We apologize for our longer than expected delay in getting started, and sincerely appreciate the patience of those who have been waiting. But we felt it was better to offer a more restrictive set of features and options that truly do maximize the privacy and security of our users. It's what we're here for!

CISA Signed Into Law

Well, what did we tell you? In our Indiegogo campaign video, it was pointed out that there was no hope of achieving online privacy through the actions of politicians. In fact, nothing could be expected from those "tail-wagging idiots" except more of the same.

Today we were proven correct in this pessimistic assessment, when President Obama signed CISA into law, after Congress passed it yesterday. Actually it's even worse than that, because rather than have an actual debate on the merits of the bill, the Congress simply log-rolled it into the year-end omnibus spending bill. This means that to vote against it was to vote against the continuing operation of the government. This is actually a common tactic in Washington, used precisely when a bill might not pass on its merits, or when members of Congress aren't willing to be seen voting for passage of a bill by itself. Naturally, since almost every representative and senator voted for the omnibus spending bill, having done so ceases to be a meaningful distinction.

Moreover those few pro-privacy protections which were put into the CISA legislation via amendments were apparently stripped out again in the final version. All of which was done at 2am, when nobody was paying attention. It also seems that many of the big internet companies which previously claimed to oppose CISA on principle were actually just posturing for public consumption, while secretly supporting it behind the scenes. You can read about the whole sorry mess here.

This reminds us of the words inscribed above the entrance to Dante's Inferno:"Abandon all hope, ye who enter here." If anyone seriously thinks that the political process is going to protect anybody at all from big brother or big data, they are frankly delusional. Take steps to protect yourself, or give up all hope of privacy forever! One of the best steps you can take is to subscribe to a good VPN. (Such as ours, not the lame ones that get promoted on TorrentFreak or by shills on Reddit.) Next, learn to use encryption, wherever possible. We can help you with that too; we have tutors available to whom we can refer you if you'd like to learn.

But the politicians are plainly hopeless. On the plus side, this is becoming more and more obvious to many more people.

The Future of Digital Privacy is Now!

On the lighter side today, here is a very short story:

"The cyberverse is the system of virtual worlds which are hosted in cyberspace. Physically Elan is a mathematical projection running inside ÉlanVPN, a server cluster composed of high-speed computers and data stores which are owned by Bruno & Kevin.

"Bruno & Kevin, being Full Sings, are themselves hosted on networked computers in brain houses elsewhere. Since they are both in possession of the correct cyberverse coordinates and the necessary encryption access keys, each of them could open a client channel to Elan, thus allowing a part of themselves -- the portion dealing with sensory perception and awareness -- to interface with Elan's server software so that they could directly experience existing in Elan's world.

"Each of their bodily avatars was itself a simulation projected into Elan's mathematical model. Since all of the data being exchanged between Kevin and Bruno via Elan's servers was fully and unbreakably quantum encrypted, it was also as good a place as any to have a very private conversation."

We hope you've enjoyed this little excerpt from the pages of The Last Trumpet Project, with a few amusing substitutions. ÉlanVPN, that's the spirit! Don't buy the cheapest, buy only the original source Cypherpunk Turbo-Max Perk!

Combatting the Surveillance State

Recently, the US National Security Agency (NSA) supposedly "lost" its ability to spy on telephone metadata due to the passage of the USA Freedom Act. As a result, some people are celebrating and sounding the "all clear" on NSA spying. Unfortunately, this meme is nothing but propaganda designed to restore the illusion of the rule of law and adherence to constitutional principles. In fact no collection has ceased, it has merely been moved to government-friendly big corporations, or to government facilities located outside the U.S.

Attorney John W. Whitehead explains all this in detail in an excellent blog post from yesterday. Exposing these issues, and rightly complaining about them, is a vital service, and we applaud Mr. Whitehead for his many efforts in this direction.

But the question, of course, is what can you do about it? When it comes to getting government to change its spying, lying ways through political activism, the answer, after 60 years of failure, is clearly: nothing. What you can do is protect yourself by becoming a VPN user. But be careful: many low-cost VPN services don't run their own network infrastructure, which makes their service only minimally useful. (Some may even be "honeypots," particularly those which cater to torrent users.)

Here at ÉlanVPN, we do operate our own independent infrastructure. Our Turbo VPN product supports making VoIP calls, with or without integrated video, using private SIP extensions. This completely protects both the call content and the call metadata. Meaning no one will know whom you are calling, or when, or for how long, and no one will know what you say. Our Max VPN product uses multiple hops and mixed routing to bring you the very highest quality anonymity available through a VPN.

Take effective action to protect your communications privacy! Then tell your friends and family, so they can get protection too. Privacy is maximized when everyone is in the dark net. You can complain, you can get mad, but at the end of the day, what are you going to do to solve the problem? Ultimately the responsibility rests with you.

Cyber Monday Specials!

In recognition of Cyber Monday around the world today, we're taking the opportunity to add some additional perks! The Couple's Quarter perk provides three months of Turbo VPN service for two for a discounted price of $45. The Dynamic Duo perk provides six months of service for two users for $90, while the Couple's Annual ups the subscription period to a full year for two users, for $180. These perks are great for friends and partners who travel, or couples having long-distance relationships! Turbo VPN not only gives you the anonymous surfing and dark net access that you can enjoy solo, but also lets you keep in touch privately through our live encrypted audio-video SIP calling feature. Why let your ISP or your government eavesdrop? With our Turbo VPN service, you don't have to.

Our Family Quarter Pack offers 3 months of Turbo VPN service for a total of 4 users, for only $85. This lets four family members not only surf privately but keep in touch privately as well. Give your family the gift of private communications this Christmas! Also great for small businesses. If you'd like longer subscriptions, or subscriptions for more than 4 users, just contact us. We'll be happy to customize a plan for your family or business!

The Dangers of Port Forwarding

Some VPN providers allow "port forwarding," meaning that they permit clients to open unique ports on the VPN's exit IP addresses. This is particularly common among VPN services who serve the torrenting market, because it facilitates p2p filesharing. ÉlanVPN however does not permit this practice, and in this post we'll explain why we don't.

Stated at its most basic level, the problem is that using unique ports effectively de-anonymizes users. A recent article on TorrentFreak discusses the issue, as if it were some kind of shocking new security problem which was only recently discovered.

This is disingenuous nonsense. Not only has the problem been well known for years (as illustrated by this security forum discussion from 2010), but the loss of user anonymity is the result not of some obscure bug or defect, but merely of simple logic.

Much of the anonymity provided by a VPN is the result of a phenomenon known as "crowding." When users share the use of an exit IP address, all of the traffic from all of the users appears to originate from that same IP. This makes it much harder (but not impossible) for an observer of the traffic to associate particular data streams with individual VPN users. Note that this effect is independent of whether or not any of the traffic is being encrypted!

So the trouble with opening a specific unique port on an IP address for any given VPN user is that the anonymity of crowding has been wiped out, and replaced with a pseudonym: now, the exit IP + port = you. Although the torrent or other data may be encrypted, exclusivity on the unique port works the same as exclusivity on an IP address. Hence utilizing a specific port isn't much better than using your own naked IP address, almost as if you didn't have a VPN at all! A hostile observer can simply watch the port traffic, because it's all split up for them per user, and they can now attribute each stream of port traffic to a unique entity.

You may want to open a direct port forward, but as soon as you do you are saying "this is my traffic, all traffic through this port is mine." You have exchanged relative anonymity for pseudonymity. The traffic is then attributable, and merely needs to be assigned to an identity. This can be done through a number of techniques, inside or outside the hosting provider, whenever port forwarding is being used.

Establishing this identity is actually pretty easy to do, if the observer can see both entry and exit traffic. The solution in that case is multiplexing: that is, using a multi-hop VPN like our Max VPN, which varies routes, internally maximizes crowding on the exit cascades, and adds randomized transmission delays across the network (plus other techniques) in order to make associating inputs to outputs extremely difficult. Nevertheless, even on our Max VPN, port forwarding is disallowed.

To sum up, port forwarding removes the condition of crowding and reduces the anonymity set from all users down to a single user. This downgrades the maximum context protection level from anonymous to pseudonymous, because the data traveling on the port is merely aliased to a single entity (uncrowded), and cannot be confused with a single stream of data to multiple entities (crowded).

Hence this is a case where the VPN provider must protect everyone by protecting the users from themselves. "Casual" VPN services, such as those promoted on TorrentFreak and discussed in the article, are prone to insecurity because they often place accomodating the needs of their filesharing users above the security of of their users as a whole.

ÉlanVPN will not do this. On our network, user security always comes first!

Black Friday Specials!

In recognition of Black Friday around the world today, we're taking the opportunity to add two additional perks! The Max Footlong perk provides a full year subscription to our Max VPN service for only $310. Because of the deep discount being offered here, we have to limit this perk to the first twenty-five contributors.

The Turbo-Max Footlong perk provides a full year subscription to both of our VPN products, Turbo and Max, for a full year for $395. This perk gets you 12 months of everything ÉlanVPN has to offer. Make 2016 the year you take back control of your internet privacy!

Our Indiegogo campaign can be found here.

No, Daesh Isn't Using Bitcoin

A French language publication, Metronews, has just published an interview with ÉlanVPN co-founder Bruno Delpeuc'h on the topic of the use of encryption and cryptocurrencies by terrorists, in the wake of the horrific attacks in Paris on 13 November. The ÉlanVPN team doesn't just know the VPN business, we're also recognized experts in the area of encryption and electronic money. You can find the published article here. An approximate English translation can be obtained from Google here.

A more detailed discussion of some of the same issues can be found on the Digital Cash Alliance blog. This article was also recently published in The Libertarian Enterprise.


Happy Thanksgiving!

Since it's Thanksgiving Day in the USA, we're taking the opportunity to add our first additional perk. The Max Turkey Half provides a half year subscription to our Max VPN service for only $150, or $25 per month. Because of the deep discount being offered here, we have to limit this perk to the first ten contributors. Happy Thanksgiving!

Our Indiegogo campaign can be found here.

Announcing our Crowdfunding Campaign on Indiegogo

We decided to launch a campaign on Indiegogo for several reasons, and we think they're good ones. The two traditional ways to finance a business expansion are through equity or through debt. Both methods come with strings attached, especially venture capital. VC's inevitably want controlling interest. That's simply not acceptable for a company whose business is privacy as a service. Not to mention that we're seeking far too little money for most investors to bother with.

As for debt financing, going to a bank for a business loan is so 1990. Banks have been making a vig on the economic activity of main street businesses for entirely too long. Besides, banks are the past and are on their way out anyway – probably even the ones that don't need bailouts.

That leaves raising money from one's customers, and potential customers. This approach helps people who want your service to find you, provides you with valuable product and pricing feedback, builds up the customer base using discounts, and supplies additional advertising exposure for both the products and the business. Crowdfunding is the new way, which “crowds” the third party venture capitalists and bankers right out of the space between a business and its patrons.

Our campaign page can be found here. We hope you'll take advantage of our special discount subscription pricing by contributing to our campaign. Help us to serve you better!