There is new OpenSSL vulnerability notice circulating the web. It is known as the "crypto bypass" flaw. This flaw allows a man-in-the-middle attacker to decrypt information between a client and a server.
VikingVPN is immune to this attack because of our use of the HMAC firewall feature built into OpenVPN. It is not possible to establish a man-in-the-middle attack because the client and server both will drop all network traffic received from outside sources.
We have already updated our servers to close the flaw, but the impact to our users is nil. There will likely be another version of OpenVPN posted on the official site to close the vulnerability, as it uses an integrated OpenSSL 1.0.1 library that is vulnerable in certain configurations (again, not ours).
The updated version of the OpenVPN client will be located at: http://openvpn.net/index.php/download/community-downloads.html> read more
We are preparing a network expansion in Chicago to accommodate a surge in users connecting to that cluster. We will be expanding the capacity of the network by 50% in order to keep our strong lead in both speed and reliability.
Our network is evaluated constantly for slowdowns, and as a premium VPN service we watch user density closely to make sure that our users never experience speeds that we would ourselves find unacceptable.
The upgrade should be transparent to our user base and will be completed with no downtime.
When I first decided to toy with the idea of a privacy VPN company, it was because I felt that I could do a better job than what was out there. Being a person that was concerned with privacy, I had tried five different VPN services and was met with unreliable connections, unreasonable speeds, questionable business practices, and zero transparency.
I saw some features that showed that these companies were not managed by capable hands. Rather than use load-balancing technologies, they would force users to hop around from server to server to find one with acceptable performance. Rather than create a company with a sound legal framework, they would have their servers randomly torn down for legal violations or violations or network carrier policies. Rather than admit when there is a problem with the network, and be transparent about it, they would lie to their customers.
I knew I could do better.
VikingVPN is currently doing emergency patching to all VPN servers in order to close a new vulnerability in OpenSSL named Heartbleed. This is a particularly nasty bug in OpenSSL 1.0.1 that would allow an attacker to invisibly read small sections of secure data in memory due to a faulty software pointer.
What we are doing:
Emergency patching OpenSSL on all VPN servers to close the security hole. We are also updating the hardened server that generates customer keys and certs, and regenerating server credentials appropriately.
How this impacts our users:
Our website does not use OpenSSL, and our root CA for the VPN was not exposed by this vulnerability. The impact to our users is far less serious than it could have been. Because of the settings that we use on our network, the problem was largely mitigated by our security model.> read more
Update: This issue has been resolved. Time Warner is now allowing data to flow normally again as the major outage has been restored.
We have become aware of a major Time Warner Cable problem impacting our customers that began yesterday. It appears that as a temporary measure, they are throttling a lot of non-standard browsing traffic that is impacting the performance of our customers.
The symptoms (other than the customers that are completely offline) are capped speeds of about 5Mbps rather than your normal fast connection speed to Viking. This problem should be fixed when Time Warner removes the throttle and allows traffic to flow normally again. This will likely happen when they fix whatever issue is causing the widespread outage.
I will update this page with further information as it becomes available.> read more
We have brought the NYC VPN cluster to live service!
This brings our total number of VPN clusters to four, and gives us better high performance VPN coverage for New England and eastern Canada. The new addition expands our US network capacity by 50% and increases the number of concurrent connections allowed by each account to 4. (We allow one connection per server cluster)
We have plans to expand to Seattle and Atlanta in the near future as we continue to grow.
For existing customers, to access the new servers you will need to log in to the website and generate a new set of keys. There will be a new .ovpn file for the NYC cluster that you can use to connect.
As always, you will get optimal performance from connecting to the cluster physically closest to your location.
Enjoy our new cluster and our commitment to remaining the fastest and most secure premium VPN service.
-Derek> read more
Our New York City servers have entered alpha testing with our internal employees. Barring any flaws being found, we plan to launch the servers for customer use by this weekend.
The NYC server cluster is our 4th cluster, and is targeted at giving better service to the eastern seaboard, specifically the New England region, and European and Canadian customers wanting to connect to US servers. We will be sending a mass email with instructions for how to get your NYC config files to all subscribers when the servers go live.
Our next three planned expansions (in order) are Seattle, Atlanta, and in the Czech Republic.> read more
Some of our server clusters are approaching user levels that will trigger another round of expansions to our network.
We are currently looking to build a new cluster in the New York / New Jersey area.
I will give more details like opening dates and network details when they are available.
Expansion into New England, the Pacific Northwest, and Southeastern US are our current priorities.
This will give us total coverage in the US and most of Canada within our optimal coverage area.
> read more
Our server clusters were issued a rolling a restart for security updates at 5PM CST.
Everything went smoothly, and users saw no interruption of services.
If you have speed troubles with our service within the next few hours, disconnecting and reconnecting to the service should correct the issue. Because of the nature of rolling restarts, all of our users are currently piled onto only a couple of servers for each cluster. Reconnecting will get you onto a load-balanced server once again.
Edit: Fixed some errors. I gots bad grammar.> read more