Wow. Are you serious. I registered just to say how dissatisfied I am with this service now. This service is becoming more of a joke every day. No communication from the devs, and this "change log" if one wants to call it that - is a complete joke. Two lines regarding an update everyone has been shitting their pants over. Many features promised but there never seems to be any development of them. The service has started to deteriorate and no one can get a clear answer on these forums regarding ANYTHING. Anyways PIA - thanks for the first 3 months; I was very hopeful that this was the real deal but now it's just a joke. I'm not surprised to see that after the service became huge and massive profits were made, the incentive to provide a good service decreases. Anyways this "change log" is a joke.. this goes to show how much you guys really care about communicating with your users .
Sorry guys I don't mean to upset anyone. I just feel really ripped off.
Oh f*** off, hahahaha, you call this a "change log", great, thanks, I learned SO much. How long did this take you to write? About 20 seconds I bet, because that's all the information you could extract from your "dev" team. Seriously, I'd love to know who is working for this company. If you can't even write a detailed change log, how are we expected to trust you to keep our privacy safe?
I can totally understand why Alex B quit, this place is a serious joke. I'd advise all to assume they don't take your privacy seriously at all, and bare that in mind when you use the service.
Based on a change-log that basically says "really minor update that performs some routine maintenance" you've drawn the conclusion that they don't take our privacy seriously.
Cool story bro...
I'd advise all to assume they don't take your privacy seriously at all, and bare that in mind when you use the service.
Based on a change-log that basically says "really minor update that performs some routine maintenance" you've drawn the conclusion that they don't take our privacy seriously.
Cool story bro...
I'd advise all to assume they don't take your privacy seriously at all, and bare that in mind when you use the service.
If they can't take the time to write a detailed changelog and explaining what exactly has changed, how can we assume they are bothering to maintain the integrity of their servers and users privacy? It speaks volumes about the company when we ask for a changelog since last year and this is all we get.
They expect everyone to know what rotating CA certificates means? Or what version they upgraded openssl to? They could spend time describing the changes and what they mean to the end user.
I laughed, but i can understand there frustration. There has been a few issues with the Client some small and some not so small. I think the main thing that makes them mad is that the lack of detail ( to state the obvious). If something is fundamentally wrong it requires a large change in the execution of the software.
Its the fine details that annoys them we did all this took along time and we got everything back in order. It wasnt easy and took many hours but its done. On a side note we do not have time to write a detailed explanation.
All I want is a transparency notice. Iv contacted Customer Support twice about it and you would have thought i was speaking Latin with the responses i got. I would be on the same boat as them if i asked for a Transparency for a long time and they just labeled it
I guess I'm underwhelmed because we've been asking for a changelog for so very long and this makes me wonder why the F it could take so long to write and post two lines. If something even as meager as this could have been posted for the last 5 client updates maybe this wouldn't feel so inadequate. I feel like someone hounded the dev(s) about it and so they wrote up what amounts to an "F U" and sent it along.
Granted we already assume that OpenSSL was updated to 1.0.1g, but to not even state that...
And I'll also assume that "rotated" means revoked and reissued.
Whatever. I just hope that other aspects of the service that pertain to everyone's security and privacy are taken more seriously than this seems to have been.
But it is a changelog, so thanks for getting it up. =D>
Sorry Omni but I'm in agreement with the others on this one. All this time to finally issue a 'changelog' that tells me nothing. What version of OpenSSL? What version of OpenVPN is being used? Is it self-compiled or community?
Other VPN companies issued post-heartbleed revoked and reissued certificates ages ago. PIA finally get around to updating the client (which was only noticed by a user, not posted by staff) and then eventually THIS gets posted as a changelog? LOL
Go compare the quantity and quality of information provided by AirVPN, NordVPN, IVPN and others to this. PIA is laughable in comparison.
@meno You took the time to listen to my issues with the way PIA handles Linux using customers (which most privacy minded individuals are, and that's your target userbase!). You even took time to get my detailed feedback on the app and what needs fixing, and you've taken it forward for a resolution (hopefully).
For that, I respect and thank you as an individual. However, surely you see that this offering from PIA (the company) is pitiful in the face of a technically minded userbase? We're paying your wages and keeping the company afloat. I'm sure you've seen the scores of threads lately from myself, @VPN, catcher, @OmniNegro and others? Not to mention the newbies all registering on the forums JUST to say they're sick of PIA?
How long before PIA's reputation is in the dirt and they go under? At present that's what I see happening and it's a real shame. How can you expect me to believe you take my privacy seriously when you're so anti-transparency, so loathe to engage with your paying customers, and so lackadaisical in providing updates and explaining them?
Why have the regular OpenVPN config files (ca.cert, *.ovpn etc) not been updated also? Most of us savvy customers - you know, the ones providing PIA with FREE technical support to other customers, because T1 is so awful - are using community OpenVPN releases not the PIA app.
The list goes on. Your customer base is discontent and getting to the point of migrating away. What then? I realise this isn't directly your fault (unless you happen to be Andrew Lee) but you're our only real point of contact at present. It's not a pretty picture, and something's got to give. As I said in my other response yesterday, I found AirVPN a breath of fresh air compared to the service I've received lately and if I hadn't subscribed for a year up front I'd be gone already. That kind of dissatisfaction in your paying customers should be a loud, large warning bell to the CEO.
As I said, I realise you're not personally responsible so please don't think I'm angry or taking out my frustrations on you. To be honest I imagine you were as embarrassed and cringe-worthy posting that 'changelog' as most of us were reading it.
You're simply the only available person with enough authority to make it worth sharing them with. PIA had been riding a wave of popularity and adulation this last year. The current situation unfortunately reads like 'they' got a kind of big head and started riding the wave of popularity and sat back on their laurels. Meanwhile things start sinking because everyone's stopped pedalling...
@rainmakerraw, thank you for your post. It's nice that you and the other commenters actually providing sense in the thread where omni is clearly a fanboy and thinks that this is acceptable behaviour. The events are mutually exclusive, you cannot have good security and a shitty little changelog where other companies excel in all areas. They could have better security than fort knox, but if their PR and communications are weak, it sets the tone for the ENTIRE company, and that's the point I was trying to make (maybe not done is the best fashion possible).
My time with PIA will be running out soon, and I will be looking to other providers to see if they can provide a better quality service, as PIA are clearly not committed to providing a good quality product with a decent support network and communications about important issues.
@rainmakerraw, thank you for your post. It's nice that you and the other commenters actually providing sense in the thread where omni is clearly a fanboy and thinks that this is acceptable behaviour. The events are mutually exclusive, you cannot have good security and a shitty little changelog where other companies excel in all areas. They could have better security than fort knox, but if their PR and communications are weak, it sets the tone for the ENTIRE company, and that's the point I was trying to make (maybe not done is the best fashion possible).
My time with PIA will be running out soon, and I will be looking to other providers to see if they can provide a better quality service, as PIA are clearly not committed to providing a good quality product with a decent support network and communications about important issues.
Please do not insert words in my mouth. I never said I find it acceptable. And I am most certainly not a fanboy. I have even made threads mocking PIA in the past. But after the clone account fiasco, all of my threads are gone. (Literally ever last one. I lost 1200 posts in one night.)
This is the 0.36 change log thread. It really was only a trivial thing. If there was a change log every release, this would not have been a virtual slap in the face to most users wanting that.
No, there is a pretty massive gap of change logs from the last time one was posted. And this thread, being the newest is the dumping grounds for all who are unsatisfied with trolling everywhere else on the Internet.
@OmniNegro is a worthwhile member here who shares his time and knowledge. So I'm sorry but I won't agree that he's a PIAa**-kisser. However, Omni I'm sorry to say I do disgaree that this is a 'trivial' update. Post heartbleed it's vital to know which versions of libopenssl and OpenVPN are being used. To omit them at such a time is not only poor practice but it also leads one to suspect that perhaps the versions are not as they should be.
PIA is already known to run outdated versions of OpenVPN (with no word on whether they sport backported patches). To upgrade the version of openssl used without actually listing it in the present climate is absolutely laughable.
However I do agree that it's a long list of failures regarding updating customers etc. One only has to look at various other providers who are constantly on Twitter, Facebook and their own site's forum providing constant and detailed updates [Remember that? Actual staff on the company forums answering questions!!].
However to call you a fanboy was rather wide of the mark, and I'm sure if the gentleman(?) concerned knew more of your posting history and character he'd not have made such a remark. You're one of the very few members here (I can count them on one hand) who I actually have respect and time for.
BTW I have already purchased a server and begun the process of setting up a properly implemented VPN service and security review website. No current site properly addresses reviews (instead writing template kiss-a** articles in exchange for affiliate cash), nor do their 'speed tests' hold any water. Sorry, but if I want to read a VPN review I don't want to see that you're testing it from a 10 megabit connection lol 100+Mbps and preferably 1Gbps connections, please!
I shall be thinking long and hard about my PIA review, but I assure you it will be factual and informative. To be continued!.....
@OmniNegro is a worthwhile member here who shares his time and knowledge. So I'm sorry but I won't agree that he's a PIAa**-kisser. However, Omni I'm sorry to say I do disgaree that this is a 'trivial' update. Post heartbleed it's vital to know which versions of libopenssl and OpenVPN are being used. To omit them at such a time is not only poor practice but it also leads one to suspect that perhaps the versions are not as they should be.
PIA is already known to run outdated versions of OpenVPN (with no word on whether they sport backported patches). To upgrade the version of openssl used without actually listing it in the present climate is absolutely laughable.
However I do agree that it's a long list of failures regarding updating customers etc. One only has to look at various other providers who are constantly on Twitter, Facebook and their own site's forum providing constant and detailed updates [Remember that? Actual staff on the company forums answering questions!!].
However to call you a fanboy was rather wide of the mark, and I'm sure if the gentleman(?) concerned knew more of your posting history and character he'd not have made such a remark. You're one of the very few members here (I can count them on one hand) who I actually have respect and time for.
** Post edited due to vulgarity by Goldstein
I am honored. Now I hand you the bribe? envelope that belongs to you?
BTW I have already purchased a server and begun the process of setting up a properly implemented VPN service and security review website. No current site properly addresses reviews (instead writing template kiss-a** articles in exchange for affiliate cash), nor do their 'speed tests' hold any water. Sorry, but if I want to read a VPN review I don't want to see that you're testing it from a 10 megabit connection lol 100+Mbps and preferably 1Gbps connections, please!
I shall be thinking long and hard about my PIA review, but I assure you it will be factual and informative. To be continued!.....
** Post edited due to vulgarity by Goldstein
This sounds great. Keep us appraised. And please do start a thread for it if you want to hear what people want to know besides raw speed. (How clumsy of me to use the word "want" that many times in one sentence.)
haha No you can have that one for free, because it was warranted and I meant it.
I'll certainly start a thread, and if yourself and the likes of @VPN would be interested in bashing heads and getting something together with me over it then you'd be more than welcome.
I've mostly thought about how do deal with the advanced crypto issue for OpenVPN, but I'm available for comments on your ideas. Trigger/PM me so I don't miss it.
Back to the changelog. This specific instance wasn't so bad compared to the months of no information at all on the various topics I've seen in the forums. PIA's information policy is still sub-par to other companies, but it is a step in the right direction. I understand your disappointment, but give them a chance. As long as things improve they're on the right track.
[...] Why have the regular OpenVPN config files (ca.cert, *.ovpn etc) not been updated also? Most of us savvy customers - you know, the ones providing PIA with FREE technical support to other customers, because T1 is so awful - are using community OpenVPN releases not the PIA app. [...]
Is it correct to copy the new ca.crt file (the one that is in the updated PIA's client in /ProgramFiles/pia_manager/data) and paste it in /etc/openvpn so as to have the updated ca.crt in OpenVPN?
Or is it better to wait until they update their links with the files?
------
BTW I have already purchased a server and begun the process of setting up a properly implemented VPN service and security review website. No current site properly addresses reviews (instead writing template kiss-a** articles in exchange for affiliate cash), nor do their 'speed tests' hold any water. Sorry, but if I want to read a VPN review I don't want to see that you're testing it from a 10 megabit connection lol 100+Mbps and preferably 1Gbps connections, please!
I shall be thinking long and hard about my PIA review, but I assure you it will be factual and informative. To be continued!.....
** Post edited due to vulgarity by Goldstein
Huge Thanks, please keep us informed about the reviews! . Or if you can now, which company would you guys go to other than PIA? I'm really interested to know.
I mentioned this in the thread I will link in at the end of this post, but there are TWO different versions of the 0.36 client. The first version has the following hashes: MD5: 0EC55D705694AB5474ADD2E8D8773BBB SHA1: BFE82231BCA01A485F37ADA0449C6F98CC4F8A46 SHA-256 2A15351137988559EEA6CFAF055397080BC451A65D73B05B84887D9364022D6F
The second version of the 0.36 client has these hashes. MD5: DD60F27C955F9BBEFA0481B52D70B430 SHA1: 064C1E89DC8092641208D5F7B101B5474A9EB038 SHA-256: 4BF54000441F3913363F45CAFE105EAAB5DAD5FB708C1D329A32E2C8BB522E34
@gambox I would wait to be safe, as the client uses a custom version of OpenVPN and it and the servers are set up outside the normal OpenVPN spec (eg encryption which works inside the app but not over OpenVPN proper). I wouldn't risk it.
This is all very frustrating and I've speed issues that have never been fixed. I have no clue which alternative VPN service to go with. Every single one of them has lovers and haters that either viciously defend or tear apart their service.
I mentioned this in the thread I will link in at the end of this post, but there are TWO different versions of the 0.36 client. The first version has the following hashes: MD5: 0EC55D705694AB5474ADD2E8D8773BBB SHA1: BFE82231BCA01A485F37ADA0449C6F98CC4F8A46 SHA-256 2A15351137988559EEA6CFAF055397080BC451A65D73B05B84887D9364022D6F
The second version of the 0.36 client has these hashes. MD5: DD60F27C955F9BBEFA0481B52D70B430 SHA1: 064C1E89DC8092641208D5F7B101B5474A9EB038 SHA-256: 4BF54000441F3913363F45CAFE105EAAB5DAD5FB708C1D329A32E2C8BB522E34
@gambox@luezuve I wouldn't really like to promote a particular VPN service provider on PIA's own forum. Forgive me if I'm being trite but it feels rather a crass thing to do.
I'd suggest you simply sign up for some free trials until you find a service that satisfies your requirements. Just make sure they're non-logging and see what YOU think and what suits your particular connection and routing.
The ones off the top of my head are Torguard, CactusVPN, AirVPN, TigerVPN, IVPN, NordVPN, PrivatVPN, Anonine proxy.sh and Mullvad. Not an exhaustive list by any stretch, but I know they don't log and are generally on the recommended lists. Proxy.sh is contentious as they did enable logging on one server to catch a cyber bully after receiving a request from a family's lawyer, but they warned everyone on the service first and have since teamed up with EFF and promised not to do it again whatever the situation. Your call.
" Minimum 8 years related experience with a Bachelor's Degree or 4 years experience with a Master's Degree"
I think that's the problem - there are probably people who have only done a few android apps that can come up with a better version of the client then PIA can. They should be willing to accept anyone who can code a decent app in Android, years of experience should never be a factor.
On second thought, the best way to help them fill these positions so they can become the best VPN ever is to spread that link around. Especially to people who meet the requirements or are close enough.
Knowledge of how OpenVPN is coded, and experience programing anything are required. But I doubt compiling qualifies as knowledge of programing.
As I said in the previous post, they have been hiring for quite a while, yet you cannot even get to that page from the forums directly without the direct link. (But if you click Client Support or another page, it will be in the list at the bottom middle column.)
" Minimum 8 years related experience with a Bachelor's Degree or 4 years experience with a Master's Degree"
I think that's the problem - there are probably people who have only done a few android apps that can come up with a better version of the client then PIA can. They should be willing to accept anyone who can code a decent app in Android, years of experience should never be a factor.
I agree that the requirements seem a bit crazy, but I suspect that anyone who could demonstrate an actual capacity to get the work done would get the job even if they never attended college. For example, I surely do not sound retarded, but that is what people must think when I tell them I never even attended High School. And that is true.
There are seven billion people in this world, and another 300 million or more are born each year at current. If everyone knew of the jobs, they would be filled in days. But that is the problem.
I also think a large part of the problem is that a diploma does not mean you know your ass from an application. So they insist on years of experience to try and weed out the people who just want to ride the slow train of mediocrity to retirement. That is also why they ask for Git experience.
Bottom line is, you want quality, you PAY for quality. You don't get GOOD programmers/developers if you're not paying top wages. Believe me, I see what positions are paying in the tech industry.
Comments
Thanks anyway.
Sorry guys I don't mean to upset anyone. I just feel really ripped off.
*Edit* The OpenVPN configuration files link has not changed. It still has the same checksum.
** Edited due to vulgarity by Goldstein
Based on a change-log that basically says "really minor update that performs some routine maintenance" you've drawn the conclusion that they don't take our privacy seriously.
Cool story bro...
Granted we already assume that OpenSSL was updated to 1.0.1g, but to not even state that...
And I'll also assume that "rotated" means revoked and reissued.
Whatever. I just hope that other aspects of the service that pertain to everyone's security and privacy are taken more seriously than this seems to have been.
But it is a changelog, so thanks for getting it up. =D>
Other VPN companies issued post-heartbleed revoked and reissued certificates ages ago. PIA finally get around to updating the client (which was only noticed by a user, not posted by staff) and then eventually THIS gets posted as a changelog? LOL
Go compare the quantity and quality of information provided by AirVPN, NordVPN, IVPN and others to this. PIA is laughable in comparison.
@meno You took the time to listen to my issues with the way PIA handles Linux using customers (which most privacy minded individuals are, and that's your target userbase!). You even took time to get my detailed feedback on the app and what needs fixing, and you've taken it forward for a resolution (hopefully).
For that, I respect and thank you as an individual. However, surely you see that this offering from PIA (the company) is pitiful in the face of a technically minded userbase? We're paying your wages and keeping the company afloat. I'm sure you've seen the scores of threads lately from myself, @VPN, catcher, @OmniNegro and others? Not to mention the newbies all registering on the forums JUST to say they're sick of PIA?
How long before PIA's reputation is in the dirt and they go under? At present that's what I see happening and it's a real shame. How can you expect me to believe you take my privacy seriously when you're so anti-transparency, so loathe to engage with your paying customers, and so lackadaisical in providing updates and explaining them?
Why have the regular OpenVPN config files (ca.cert, *.ovpn etc) not been updated also? Most of us savvy customers - you know, the ones providing PIA with FREE technical support to other customers, because T1 is so awful - are using community OpenVPN releases not the PIA app.
The list goes on. Your customer base is discontent and getting to the point of migrating away. What then? I realise this isn't directly your fault (unless you happen to be Andrew Lee) but you're our only real point of contact at present. It's not a pretty picture, and something's got to give. As I said in my other response yesterday, I found AirVPN a breath of fresh air compared to the service I've received lately and if I hadn't subscribed for a year up front I'd be gone already. That kind of dissatisfaction in your paying customers should be a loud, large warning bell to the CEO.
As I said, I realise you're not personally responsible so please don't think I'm angry or taking out my frustrations on you. To be honest I imagine you were as embarrassed and cringe-worthy posting that 'changelog' as most of us were reading it.
You're simply the only available person with enough authority to make it worth sharing them with. PIA had been riding a wave of popularity and adulation this last year. The current situation unfortunately reads like 'they' got a kind of big head and started riding the wave of popularity and sat back on their laurels. Meanwhile things start sinking because everyone's stopped pedalling...
Thanks for your time as always.
This is the 0.36 change log thread. It really was only a trivial thing. If there was a change log every release, this would not have been a virtual slap in the face to most users wanting that.
No, there is a pretty massive gap of change logs from the last time one was posted. And this thread, being the newest is the dumping grounds for all who are unsatisfied with trolling everywhere else on the Internet.
PIA is already known to run outdated versions of OpenVPN (with no word on whether they sport backported patches). To upgrade the version of openssl used without actually listing it in the present climate is absolutely laughable.
However I do agree that it's a long list of failures regarding updating customers etc. One only has to look at various other providers who are constantly on Twitter, Facebook and their own site's forum providing constant and detailed updates [Remember that? Actual staff on the company forums answering questions!!].
However to call you a fanboy was rather wide of the mark, and I'm sure if the gentleman(?) concerned knew more of your posting history and character he'd not have made such a remark. You're one of the very few members here (I can count them on one hand) who I actually have respect and time for.
** Post edited due to vulgarity by Goldstein
I shall be thinking long and hard about my PIA review, but I assure you it will be factual and informative. To be continued!.....
** Post edited due to vulgarity by Goldstein
This sounds great. Keep us appraised. And please do start a thread for it if you want to hear what people want to know besides raw speed. (How clumsy of me to use the word "want" that many times in one sentence.)
haha No you can have that one for free, because it was warranted and I meant it.
I'll certainly start a thread, and if yourself and the likes of @VPN would be interested in bashing heads and getting something together with me over it then you'd be more than welcome.
Back to the changelog. This specific instance wasn't so bad compared to the months of no information at all on the various topics I've seen in the forums. PIA's information policy is still sub-par to other companies, but it is a step in the right direction. I understand your disappointment, but give them a chance. As long as things improve they're on the right track.
Is it correct to copy the new ca.crt file (the one that is in the updated PIA's client in /ProgramFiles/pia_manager/data) and paste it in /etc/openvpn so as to have the updated ca.crt in OpenVPN?
Or is it better to wait until they update their links with the files?
------
Huge Thanks, please keep us informed about the reviews!
Thank you all in advance
The first version has the following hashes:
MD5:
0EC55D705694AB5474ADD2E8D8773BBB
SHA1:
BFE82231BCA01A485F37ADA0449C6F98CC4F8A46
SHA-256
2A15351137988559EEA6CFAF055397080BC451A65D73B05B84887D9364022D6F
The second version of the 0.36 client has these hashes.
MD5:
DD60F27C955F9BBEFA0481B52D70B430
SHA1:
064C1E89DC8092641208D5F7B101B5474A9EB038
SHA-256:
4BF54000441F3913363F45CAFE105EAAB5DAD5FB708C1D329A32E2C8BB522E34
And here is the link where I mentioned this mess.
https://www.privateinternetaccess.com/forum/index.php?p=/discussion/3019/bitdefenderpia-incompatibility#Item_7
@grh as said above, version data would be a start
@OmniNegro yeah from what we gather it's just a fixed build that displays the version correctly on the GUI, but really who knows?
I'd suggest you simply sign up for some free trials until you find a service that satisfies your requirements. Just make sure they're non-logging and see what YOU think and what suits your particular connection and routing.
The ones off the top of my head are Torguard, CactusVPN, AirVPN, TigerVPN, IVPN, NordVPN, PrivatVPN, Anonine proxy.sh and Mullvad. Not an exhaustive list by any stretch, but I know they don't log and are generally on the recommended lists. Proxy.sh is contentious as they did enable logging on one server to catch a cyber bully after receiving a request from a family's lawyer, but they warned everyone on the service first and have since teamed up with EFF and promised not to do it again whatever the situation. Your call.
There is the reason for the problem. They have been trying to hire someone to do that for a while now.
Minimum 8 years related experience with a Bachelor's Degree or 4 years experience with a Master's Degree"
I think that's the problem - there are probably people who have only done a few android apps that can come up with a better version of the client then PIA can. They should be willing to accept anyone who can code a decent app in Android, years of experience should never be a factor.
Knowledge of how OpenVPN is coded, and experience programing anything are required. But I doubt compiling qualifies as knowledge of programing.
As I said in the previous post, they have been hiring for quite a while, yet you cannot even get to that page from the forums directly without the direct link. (But if you click Client Support or another page, it will be in the list at the bottom middle column.)
There are seven billion people in this world, and another 300 million or more are born each year at current. If everyone knew of the jobs, they would be filled in days. But that is the problem.
I also think a large part of the problem is that a diploma does not mean you know your ass from an application. So they insist on years of experience to try and weed out the people who just want to ride the slow train of mediocrity to retirement. That is also why they ask for Git experience.