We’d like to give some more insight into how we dealt with the Heartbleed security bug that affected most of the Internet last week.
The key points are:
- For any of our systems using OpenSSL, we patched those servers on the same day as when the issue was announced.
- Confirmation that our webservers are patched: http://filippo.io/Heartbleed/#expressvpn.biz
- As a pre-caution, we re-keyed server certificates and briefly disconnected all connected users to apply the patch on affected systems
- Our OpenVPN servers use tls-auth, which helps prevent man-in-the-middle attacks and mitigated some of the Heartbleed risks even before the patch.
Here is a more detailed technical explanation of Heartbleed that also shows how difficult it was to exploit Heartbleed to steal private keys.
In summary, we reacted quickly to protect our customers and ensure our systems are not susceptible to Heartbleed attacks.
Edited April 2, 2014:
The Lunar Jig Is Up! Happy April Fool’s Day Everyone!
Hi everyone! Thanks for tuning into our April Fool’s prank, and for sharing it with others. We hope it made you laugh!
Let us know what you thought of our joke and watch this space for news, updates, tips and tricks.
Thanks to your suggestions for higher security, we’re delighted to announce a brand new, ultra-secure server location on The Moon. For those concerned about security and privacy, the lunar server is the perfect server for you.
Why you should connect to our moon location:
- No earthling can monitor you as the lunar server is outside of any country’s jurisdiction
- Great speeds from anywhere in the world, expedited by the strong pull between the earth and the moon
To connect, simply open the ExpressVPN app on your computer or smartphone device, and you will see “The Moon” in the list of server locations.
In the Windows and Mac apps, you’ll see The Moon in the server locations list:
On the iPhone, go to Settings > VPN and choose The Moon from the list.
We’re thrilled to announce that we’ve released v3.0 of the official ExpressVPN iOS app, optimized for iOS 7 users. The ExpressVPN iOS app helps first-time ExpressVPN users download and install the VPN configurations in one click. This means that if you are already using ExpressVPN on iOS, you don’t need to download this app! With the ExpressVPN for iOS app, new users can easily:
- Download and install the ExpressVPN configurations in one click
- Make sure your connection is secure using our visualization tool
- Refer friends and get a free month of service for each successful paid signup
- Contact the support team from within the app if you have any problems
So what’s new in v3.0?
- Now optimized for iOS7 and iPad (previous version was optimized for iPhone only)
- Improved user experience
- Bug fixes and performance improvements
Please note that the app does not connect to the VPN for you. If you want to connect to the VPN, you need to connect to it yourself by going to Settings > VPN and choosing your server.
Download ExpressVPN for iOS in the app store!
Watch this space for more news—this is just the beginning of the exciting plans we have for mobile this year. Here are some screenshots of Express VPN for iOS v3.0
Download ExpressVPN for iOS in the app store
If you’ve had a good experience with ExpressVPN, why not share the love? Vote for us on Lifehacker’s “What’s The Best VPN Service Provider?” Hive Five Call for Contenders.
To vote, scroll to the bottom of the comment and click on the star in the bottom right-hand corner. And feel free to leave comments as well!
Thank you for your continued support!
“Creative Commons Grand Cafe Van Gogh” by Thomas Leuthard, used under CC BY / Danger sign overlaid over photo.
Apple just released an update for iOS that fixes a major security problem: it gave hackers a way to see exactly what you’re doing online, even if your browser is using https. This bug gave the bad guys a way to break the iOS devices’ attempts at encryption, and then see or modify what your iOS device is sending over the network, even when your browser tells you that it’s secure such as when logging into your online bank. (Here’s a technical explanation). What’s worse, this bug also impacts computers running OS X Mavericks, but as of the time of publication, Apple has yet to release a patch for this.
What to do now:
On your iOS device, go to System Settings and upgrade to the latest version of the iOS software. If you’re using OS X Mavericks on a computer, you’ll have to wait till Apple releases a patch and use extra security measures in the meantime.
Use a VPN. ExpressVPN protects any iOS device or OS X machine with this vulnerability. That’s because it adds an extra layer of encryption and anonymizes your traffic, making it a lot more difficult for the bad guys to attack the weakness.
This year, with more than twelve new winter sports events, the Sochi Winter Olympics is definitely one for the history books.
Don’t miss out!
If you’re in the United States, you don’t need a cable or satellite subscription to NBC to stream the Olympics. (If you do have a subscription and are fed up with NBC’s coverage and tape delay—well, that’s another story, and we can help you out too). Or if you’re an expat abroad trying to cheer on your home country, you can still watch the games.
The CBC (Canada) and BBC (United Kingdom) both have regional rights to the Olympic Games, and are livestreaming the Winter Olympics online for free, no logins or subscriptions required.
The BBC is offering 650+ hours of live competition online, while the CBC is serving 12+ feeds of live event coverage. Both of the sites are geoblocked, which means streaming is limited to people using IP addresses within those regions. With a VPN, you can bypass geoblocking restrictions and enjoy Olympics coverage online.
Our customers love ExpressVPN for a number of reasons. For some it’s the usability and friendliness of our apps. Others choose us for our 39 server locations and high speed network. While there are lots of reasons to love ExpressVPN, we realize that there are other VPN providers out there to choose from.
So we decided to do a fun exercise to see exactly how we stack up to the competition. We think we knocked it out of the ballpark, but we’ll let you be the judge! Click here to read how we compare to StrongVPN.
New in this version:
- Better support for Windows 8.1
- If your connection drops unexpectedly: ExpressVPN will try to reconnect automatically, and network connections outside the VPN tunnel will not be allowed until the connection is successful again. This prevents your computer from accidentally sending unprotected network traffic.
- Multi-user installs: an admin user can now install ExpressVPN so it’s accessible for all users on a given PC. However, each of those users still needs to have admin rights. ExpressVPN does not currently work for non-admin users.
The upgrade is free for all customers. Simply click the “new version available” link in your ExpressVPN app, or login to our customer dashboard and click the “setup my vpn account” link.
We’re always happy to hear feedback and feature requests. Please write to us if you’d like to discuss anything about our apps or have suggestions for future versions.
Thanks to your suggestions and continued support for our service, we’ve added 4 brand new locations this month.
The new locations are: Greece, Hungary, Costa Rica and Thailand and are available for the OpenVPN protocol.
We’re proud to announce that adding these latest server locations now brings our total footprint to 39 countries.
Happy surfing from the team at ExpressVPN!
Hei and annyeonghaseyo! We’ve added Norway and South Korea to our selection of locations, which brings the ExpressVPN network to a total footprint of 35 countries!
We’ve also added additional US locations in San Jose, Phoenix and Virginia.
We plan to add more worldwide VPN servers in the month to come. Have a place in mind where we don’t currently have a server location? Please drop us a line with your recommendation.