Investigating Issue With Foreign Zip/Postal Codes

We are currently investigating an issue that is affecting our international customer's ability to sign up for services. It seems that an error in the restriction on the postal code field denies our customers payment processing if they reside in a country that does not use a 5-digit postal code.

We are currently working with our payment providers to rectify the issue for our international customers.


Update:

The issue has been corrected and we have verified that international postal codes are working properly.

> read more

Warrant Canary On The Way

We have completed our website face lift.

The next item on our list is a warrant canary, so that we can passively inform our users if we have been served with law enforcement requests even if they contain a gag order.

As of this writing I can positively say we have had zero law enforcement requests with VikingVPN.

Our warrant canary will involve all requests that involve breaking the privacy of our users. This includes requests to snoop on an individual user on our network (which is not possible with our security model), and any request for keys to our servers.

We are committed to keeping our users data safe, primarily by not having data. We have a policy to not log any user data, and keep our network as close to "zero knowledge" as possible.

We will post about how our warrant canary works when it is in place! Stay tuned!

For more information about warrant canaries see the Wikipedia entry at http://en.wikipedia.org/wiki/Warrant_canary

> read more

New Comcast Modems -- Wireless Issues

We are working on a solution to a problem with the latest Comcast modem/router units by Arris. The new units Comcast is issuing do not properly function with OpenVPN for any device on Wifi. Attempting to sign on to our service while on one of these modems leads to packet loss and total loss of connectivity. If you assign a static IP address to a single device on wireless, and then put that device on DMZ hosting, it marginally works.

In our testbeds we were only able to achieve about 1/3 of our total possible throughput regardless of settings client or server side, even with encryption disabled entirely. Sometimes signing on to OpenVPN would crash the device entirely, and it would drop all users, including wired users, from the network. When we were able to sign on with out testbeds, the connection would hang for 30-60 seconds as if the connection had dropped, but would then limp along at significantly reduced speeds. Signing off of OpenVPN causes a similar hang.

> read more

We have some exciting new stuff coming to VikingVPN in the next few weeks!

Website Facelift -- When we first launched VikingVPN, our main concern was getting things functional and secure. We wanted a fully operational and trustworthy service in place for our customers to use. We have now achieved that goal and are moving on to the look and feel of the website. We have a large update in the works to make the site look more professional, as well as more accessible to our customers and potential customers. This project is near completion.

Further Security Hardening -- We are implementing even further technologies to protect our users from intrusion into their privacy.

Warrant Canary -- Due to popular demand, we plan to implement a warrant canary on our home page. This is to further assure users that no government entity has compromised the security of our systems, or requested that we violate the privacy of our users. This should be implemented shortly after the facelift goes live.

> read more

3PM EST: Sign-On and Speed Issues -- Investigation

We are currently investigating an issue connecting to the service.

I will update with more information when I have it.

-Derek

Update: 3:39PM

Services have been fully restored.

> read more

Enforcing the Rules of the Network

We will be restarting the servers over the next few minutes to activate a new certificate revocation system. This system will not allow old certificates onto the network, only the last certificate that was issued on your account. This is to keep users and the service secure from intrusion by parties with stale certificates and credentials.

If your service stops working and you are unable to reconnect to the service, your device is likely using a stale set of keys. You can fix this by generating a new config file in your profile on the site. 

This system is in place to prevent a compromised account from accessing the network without the user being aware. In order to access our service, the attacker would have to generate a new config file with new keys, which will immediately revoke old config file that the user is using, dropping them from the service and alerting them to a problem with their account.

> read more

Viking VPN is making some infrastructure changes.

These changes are motivated by our dissatisfaction with our current datacenter.  They have caused 2 full days of downtime in the past 2 months.  They're also not serving us the kinds of speeds that we're promising our customers.  Obviously, we can't allow this situation to continue any longer.

We will be shuttering our servers in Ohio, and opening servers in Chicago, and shortly thereafter in Phoenix.

Current customers probably won't notice any change, except an increase in speed.

The old Ohio servers will go down around noon(12pm EST) tomorrow(Wed 09/11/2013).  If you're connected to the Ohio server at the time of shutdown, you will lose connection.  All you need to do is reconnect to the service.  Our system will handle everything and see to it that you get connected to the new server.

As with the old servers, the new servers won't have any kind of logging enabled.

> read more

Slow Speeds Being Investigated

We have detected slow throughput on our VPN service. We are currently investigating the issue. At this time it appears to be a problem at our hosting datacenter.

I will edit this post when the problem is corrected.

Update 1: We have isolated the problem to a switch on our datacenters network. We are awaiting action by the NOC to correct the issue.

Update 2: Services are now totally down. It appears to be a hardware failure. We will be extending subscriptions for all customers for free. There is no ETA on restoration of services yet.

Rest assured, i'm loading up on coffee and getting ready to pull an all nighter. Thank you for your continued patience.

Update 3: NOC has reported back that it was a hardware failure. ETA on restoration of services is Midnight EST.

Update 4: Our NOC missed their midnight ETA. The server is now up, but needs reconfiguration. New ETA (which is actually under our control now) is 2:15AM EST.

> read more

VikingVPN.com is getting redesigned.

Let's be honest, the website in its current incarnation is pretty shitty looking.  It was built from the ground up by our 3 founders, although all of the heavy lifting was done by Justin Greene(who was, understandably, much more concerned about functionality than vanity).  None of we 3 founders are artists by any stretch of the imagination.  We've brought in the talent of Mark Davis from ScriptDance to help us out.

I met Mark in college.  We immediately hit it off and became fast friends.  I've stayed in touch with Mark ever since college, despite living in separate states.

Mark has moved pretty fast on this work.  We gave him the project about a week ago and he already has sent us the first Mockups.


It's only a couple thousand times better looking than the current site.  We're looking forward to pushing this redesign live as soon as we can.


> read more

We have lofty goals for this VPN service.  Here’s a roadmap of things to come.

I talked about some of our basic initial goals here.  TL;DR We want to be the fastest VPN service out there, and we want you to stay connected to our service 24/7 so that there are no gaps in your security.

We have much larger goals, outlined below.  We can’t fulfill all of these goals at once.  None of the founders of Viking VPN were born with a silver spoon in our mouths.  We don’t have endless amounts of cash to throw into the business, and we’re not willing to take irresponsible loans in order to do that.  We have to scale up responsibly, as revenue allows.

Near Term Goals

Open new servers

USA East Coast, USA West Coast, USA South, and USA Midwest.

> read more