‍ ‍‍‍ᓭ cryptostorm ᓯ

Regarding the https://t.co/6JiJCL6lvr vulnerability, our servers do run Arch Linux, but they're not vulnerable since support for the affected kernel crypto API (AF_ALG) isn't enabled, and the module is blacklisted as described on https://t.co/FIUxpU6xIk

We added public DNS-over-HTTPS endpoints with optional ad/tracker blocking See https://t.co/XxqZ7JHASf The post also includes setup instructions for popular browsers, age/ID verification law comments, lifetime token news, and a Windows client update.

Our current supply of minted lifetime tokens is down to 24, and when those are sold we will be removing the option to purchase new lifetime tokens https://t.co/Kn3671t19a <- buy one now before they're all gone And no, they will not return for the annual Black Friday sale

We finally got around to updating our Linux kill switch page + scripts: https://t.co/8zvE4RvHHU Replaced the old pile of legacy scripts with one clean, unified solution (WireGuard + OpenVPN, nftables + iptables).

We updated https://t.co/9smKpjERo1 to include xtls-rprx-vision support. The old configs should still work, but updgrading is recommended. Our CSXRAY Android app has also been updated - https://t.co/CxMUPx2im7 and so has the server-side Xray instances (Xray-core v26.3.27)

We added better isolation to the backend endpoints for https://t.co/DktTq9xALK and /wireguard_man but a (now fixed) bug was causing keys to not propagate the network correctly for the past 24 hours. If you used either page in that time, please go back and add/del your key again.

We wrote a blog post about our new server-side multihop feature. See https://t.co/Fe8kSGseqb

We added a new server-side multihop feature: connect like normal and go to http://10.31.33.7/multihop to use it. Also updated to OpenVPN 2.7.0 on all the servers, and re-enabled DCO on the UDP instances since 2.7.0 is using a newer (less buggy) DCO

Xray support is live and our custom Android app is finished, see https://t.co/lxWAIXU4rF

For those already asking: Yes, we will be doing the Black Friday to Cyber Monday half-off sale this year (Nov 28 - Dec 1), same as we've done every year for the past decade or so. Xray support is live and our custom Android app is finished, but the blog post is still in-progress

We extended the ports you can connect to our VPN entry IPs on (was 1-29999, now 1-65535). That was leftover from when the entry IP was the exit IP, but they're separate now so we can use all ports. Port forwarding is still restricted to ports >30000. https://t.co/Ny8zKMPMrk

We wrote a quick blog post better explaining the post-quantum stuff involving SSH that we tweeted about on July 3. Also added a couple of other things to the post (fixed an ad/tracker blocking issue, and info about the Xray setup we're working on). https://t.co/i3PXXkLLQN

the result=$(wait "$real_pid") line was incorrect, since that doesn't get the output, it just gets the return code from the wait command. The corrected code has been pushed to the server and updated on https://t.co/ITAs4Qxui6