Desktop applications release [v60]
Today we released a new version of the PIA client for Windows, OS X, and Linux. You can download it on the Client Support Page here:
https://www.privateinternetaccess.com/pages/client-support/
This version introduces a new feature called MACE™, an option to block ads, trackers, and malware when connected. We have also fixed a number of known issues in this release outlined below.
HIGHLIGHTS
- When you put your laptop to sleep and wake it up after awhile, the app will now auto-reconnect to the VPN on its own.
- The VPN kill switch will now work with 10.* IP addresses.
- Fixed issue with the app spawning multiple instances of NW.js in the background; this will no longer happen.
- If you have spaces or quotes in your OS X or Linux home directory name (e.g. /Users/John's Home), the app will work fine for you now.
- The installer for OS X is now signed by London Trust Media, so you no longer have to weaken the security of your system to install the app.
- Implemented auto-disabling of the WPAD feature when the VPN is connected.
- We have also made some improvements in the area of certificate security.
NOTES:
This version addresses a critical privacy leak issue related to the Web Proxy Auto-Discovery (WPAD) feature in Windows and OS X. If you have this feature enabled on your system, it is possible for an attacker on your network to man-in-the-middle your connection and route all your web traffic through the attacker's own proxy server. We have addressed this very serious problem by making the app automatically disable this feature of the OS while it is connected to the VPN. Now it will no longer be possible for anyone to snoop on your web browsing activity.
Comments
And please turn Ukrainian servers on at least instead of Russians. We need some servers from CIS countries. I am using them to purchase some stuff
The web browsing is a bit faster since the ads are blocked.
Also, it used to be the PIA staff would post the sha256 checksums for new client installers with the change log notes, within the announcement itself. Would like to see you folks resume that practice.
I see for v60, a regular has posted these in another thread: https://www.privateinternetaccess.com/forum/discussion/18694/installer-not-signed
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on
Have to rename it myself in order not to overwrite any earlier version that I have saved.
Thanks
Also, please restore the "Connect Auto" option at the top of the server list from the OSX menu bar item. It's gone in v60/61
Thanks!
@QuestionTime, I thought I was the only one and hopefully some others from PIA Support Staff might be able to comment to help or look into what's causing this.
@PIA Support, I've always been happy with your service for over 3 years but I'm also noticing a similar occurrence to the quoted message above with the latest v60 PIA Win7 Client (I only ran the updated installer and have not changed any other operating system/router-modem settings). The sheer number of random disconnects (e.g. ~8-9 times within a 6 hour period) is alarming and there is no specific trigger which causes these. The Kill Switch doesn't function as it should during the unknown client disconnect and the non-VPN/True IP ends up revealing once refreshing the browser (e.g. visiting any IP checking website)!
Prior to v60, I have rarely seen a disconnect of this manner before (maybe a few times in a month!). I haven't changed any settings from the previous default client GUI settings (e.g. tcp/auto/kill switch/dns leak protection all enabled). I haven't enabled the new MACE feature since I still control adblocking/malware protection via FireFox ublock origin + malwarebytes software.
Anyone else noticing something as described or have some workaround of what we might need to (re)enable or double check again? I don't feel comfortable having to worry about the client disconnecting in such a frequent, unpredictable and erratic way. Thanks for your time and help!
https://www.privateinternetaccess.com/pages/downloads
https://www.privateinternetaccess.com/pages/client-support/
whereas links on
https://www.privateinternetaccess.com/pages/downloads
inlude version number in linux install script.
The upgrade from v60 (July 07, 2016) to v61 (July 08, 2016) also showed up within the client GUI to upgrade when checking your link... I'll have to see whether this connectivity issue has been resolved today... crossing my fingers but thankful to the PIA Staff on coming up with a quick 1-day revision release to address a known issue!
From the changelog to Windows v61 (July 08, 2016 update) :
@PIA Staff
@menopia
How do we know whether WPAD is actually disabled (e.g. in Windows)? I have Windows 7 and went to the services menu :
WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc) is currently listed as "Started" in status, startup type "Manual" while connected to PIA VPN v61 (and in v60).
@paddy + @PIA, would like to still hear on this as well and how much of a difference this is from browser-based adblock plugins like Ublock Origins for Chrome/Firefox and other antimalware software that runs live (e.g. Microsoft Security Essentials + Malwarebytes).
As for the Russian IPs. PIA dropped support of Russian servers because:
Russia just enacted a new "anti-terror" law that requires company's to hand over there encryption keys
"The bill also requires communications companies to hand over encryption keys to state security agencies on demand, allowing them to read encrypted data. Non-compliance could cost companies between 800,000 and 1 million rubles ($12,300 – $15,400) in fines."
It forces company"s to keep call logs and meta data. So let's say "Thanks" to Putin and his homeless gang.
Prior to these upgrades I have never had a single issue.