VikingVPN Warrant Canary -- April 2016

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

May 2nd 2016

VikingVPN, and it's parent company Viking Connections LLC, from the inception of the company to present day, has not received any of the following:

Requests for information - Civil or Criminal - We have never received a request for information on a specific user, nor any request for bulk user data, nor any request for metadata.

Requests to modify or weaken our services - We have never received a request to change our encryption, our security practices, or our protocols. This includes wiretap orders or implementing methods to identify users on our network.

Requests for private keys - We have never received a request for private VPN server keys, access to our website CA, or any code signing certificates we control. This includes all of our self-signed certificates in the chain used by our VPN network.

Specific Clandestine Warrants - We have never received a request under FISA 702 or Section 215 of the Patriot Act, nor any other clandestine court order.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIbBAEBCAAGBQJXJ4QTAAoJEDyT+fmXUj/KidUP9i7Cn/l2YNSj6ERZpWRT0ukt
yiLCO7xqgXQ7N1E04kUL9YtT/oyrw7Ym/VeHP5gLxWwOBOpsaNW3syKPaJLJIivt
YIKAZszfaBLCCTux22qj0/J/FuHseWZtU26yCZr3teK1fblIm/+8mY9V2I/OTDof
prumjIW+TpLzlYl+d/MKCSt2wgdhfV8TpFs3jN+PmPObiZYKqLpbl/i7ZKx9Z4On
EiKx2xy1RqkdQBufQi5SjKoonjEkB9bWuIgbRxjMCQ/9+DfqYFkrmnEfRR7giTQI
PkaeNm11SZrW1e9OcXQsWYk7K/naO+ObxL3TQ3wds3Lc5+Dlm8oJPmIRz78fTfyX
WyvF7PYHO6dfal/KQ4I82ili/7Vwuz8sAFwdx/g/Mn/N0n8pkXGM5GVCnXvGO4LD
CwuHbLqB/rs7tIUnMOfmlmAnMu6FTsVdhFDfGfF3E+20/uCPwEQREznBW59DoUtF
tr8Pp/YABEaWb0PLdJpeHwckk2bGlN4Y/Giwx9U/rUDOnQ1inbIaA4cJoqP1/+pi
KhZnl4KvimTYdt7Qe9aC5LpkPgKskheYHW0uauywkHkl4G4ClarfXtoAbakbhELT
zpzOPfbs/Uio/IDJ4plYAl3RNOL5yYEIiozcjk/BL/KuOkHjT8nKsSvkj0RL4ey9
70EaeCZGJwqY3wddDaU=
=FgcJ
-----END PGP SIGNATURE-----
> read more

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

April 3rd 2015



VikingVPN, and it's parent company Viking Connections LLC, from the inception of the company to present day, has not received any of the following:



Requests for information - Civil or Criminal - We have never received a request for information on a specific user, nor any request for bulk user data, nor any request for metadata.



Requests to modify or weaken our services - We have never received a request to change our encryption, our security practices, or our protocols. This includes wiretap orders or implementing methods to identify users on our network.



Requests for private keys - We have never received a request for private VPN server keys, access to our website CA, or any code signing certificates we control. This includes all of our self-signed certificates in the chain used by our VPN network.



> read more

VikingVPN Warrant Canary -- February 2016

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256


March 2nd 2015


VikingVPN, and it's parent company Viking Connections LLC, from the inception of the company to present day, has not received any of the following:


Requests for information - Civil or Criminal - We have never received a request for information on a specific user, nor any request for bulk user data, nor any request for metadata.


Requests to modify or weaken our services - We have never received a request to change our encryption, our security practices, or our protocols. This includes wiretap orders or implementing methods to identify users on our network.


Requests for private keys - We have never received a request for private VPN server keys, access to our website CA, or any code signing certificates we control. This includes all of our self-signed certificates in the chain used by our VPN network.


> read more

Viking VPN Service OpenVPN Windows App Client Released in Open Beta!

Viking VPN Service is releasing our client for Windows PCs into Open Beta as of today.  You can download the client here.


Follow our connection guide for Windows to get it set up.  It's pretty easy and hassle free.  

It's possible that you'll get false-positives from malware or virus scanners for this app.  These false-positives are caused simply by the app being new on the market.  These false-positives will go away in time.

We have open-sourced the code for the app.  It is published on bitbucket.


> read more

VikingVPN has Completed Emergency Maintenance Related to the glibc Stack Overflow Vulnerability

We have completed emergency maintenance to respond to the Stack Overflow in glibc as disclosed in CVE-2015-7547. Google and Red Hat are credited with the disclosure and fix.

More information on the CVE can be found below:
Google Online Security: https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html

Red Hat: https://access.redhat.com/security/cve/cve-2015-7547

Proof of Concept Attack: https://github.com/fjserna/CVE-2015-7547

Our infrastructure has been patched and all server clusters have been issued rolling restarts to ensure that there is no chance of an out-of-bounds buffer being active. Google and Red Hat are confident that the vulnerability has likely not been exploited in the wild. As a precautionary measure, we will be performing an internal audit of our systems ahead of schedule to verify that all systems are secure.

> read more

VikingVPN Warrant Canary -- January 2016

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

February 6th 2015

> read more

Privacy Policy Update - February 1st 2016

We have made some minor updates to our privacy policy in order to clarify our position and procedures.

Our policies are completely unchanged, this update is to just make it more clear how we handle logging.


The specific privacy policy changes are:

We clarified that total user bandwidth is not monitored.

We clarified that total server bandwidth usage (per day) is monitored.

We clarified that we have never had to use our logging contingency plan to defend the network. It is just present in case it ever has to be used.

I also edited the formatting of the privacy policy to have consistent spacing throughout the page.

> read more

VikingVPN is Releasing a Beta Custom Client for Windows

Since the inception of VIkingVPN, we have been committed to using open-source, trustworthy software only. This is why we exclusively use OpenVPN on all supported devices for our users, and eschew technologies that can have poorly implemented or outright compromised implementations. (I'm looking at you, PPTP, IPSEC, and SSTP)

We are remaining committed to that cause.

However, we have run into a number of usability problems with the standard OpenVPN client that many non-technical customers cannot overcome. This includes implementing DNS leak protection, protecting yourself from IPv6 leaks, managing your own config files, and obfuscation technologies for customers in nations with heavy censorship.

As a response to these needs that the regular OpenVPN client does not meet for some customers, we are developing a custom client that will fill this role.

We have multiple goals for the client that will be slowly implemented and tested.

> read more

VikingVPN Warrant Canary -- December 2015

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> read more

VikingVPN Warrant Canary -- November 2015

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

December 17th 2015

> read more