UW IP:  50.17.109.248
United States, Seattle
Klantenscherm

FAQ

Frequently Asked Questions

 See also the
"How to" video

General

What is SecurityKISS Tunnel?

SecurityKISS Tunnel is the program and the service that allow you access Internet despite censorship and local restrictions. It also makes your connection secure and prevents others from viewing your web browsing activities, instant messages, downloads, credit card information or anything else you send over the network.

Technically SecurityKISS Tunnel is a Virtual Private Network (VPN) implementation. It creates a VPN between your laptop and our security gateway so that all your Internet traffic goes through impenetrable, non-transparent tunnel.

Is it completely free?

We offer the free and the paid version. In the first option both software and service are completely free with limited daily usage.

The paid version has high usage limit in the monthly cycle and additional features. See the packages.

Will the service remain free, or will you charge a fee in the future?

There will be a free version of the service all the time

My ISP provides me the Internet link with 10 GB per month. If I use your JADEITE plan, will my montly limit increase to 50 GB ?

No. SecurityKISS is not Internet provider and we cannot add an extra Internet link to your PC. If you ISP's monthly limit is 10 GB you will not be able fully use the quota of the JADEITE plan so it makes more sense to order the cheaper OLIVINE plan with 20 GB/month instead.

Thanks to the fact that SecurityKISS is using compression before data is encrypted and transferred. it is possible that the total data sent and received may be larger by about 10 or 20 percent depending on the type of traffic. So while there is no way to increase the 10 GB limit of your ISP, you may slightly increase the amount of user data transferred (for example to 11 GB).

How can I get a free account to use your service? Do you need any personal information from me?

You don't need an account. Just download the program and use it. Your installed program is identified only by client ID.

We respect your privacy and your time so we don't need to know your name and you don't need to waste time on filling needless forms.

No more usernames and passwords!

How long do I need to wait for account activation?

Customer accounts are activated immediately after we receive the payment (usually it takes a few seconds).

Which operating systems are supported?

Since March 2012 SecurityKISS service available for all users on all platforms that allow OpenVPN, PPTP or L2TP connections. In particular the native SecurityKISS Tunnel program works Windows XP, Windows Vista and Windows 7. We also released a customized Tunnelblick installer with SecurityKISS configuration for Mac users. iPhone and iPad users can download a ready to use configuration for GuizmOVPN.

Apart from that it is possible to connect using the built-in PPTP and L2TP software on most modern operating systems (Android, DD-WRT, Symbian)

Can I run SecurityKISS Tunnel on 64-bit operating system?

Yes, it works on 64-bit Windows

Does SecurityKISS work with Windows 7?

Yes, both 32-bit and 64-bit versions of Windows 7 are supported

Where are VPN servers located?

While the company is based in Ireland the VPN servers (security gateways) are in the UK, US, Germany, Switzerland, Canada, Poland, Sweden and Netherlands. We are setting up new servers in other locations.

Are you planning to offer more servers in other countries?

Yes, we will publish locations of the servers once they are ready

As this software is very good to keep the system secure so please let me know why are you providing this software free of cost?

We make the software available for free to present the quality and reliability of our service to everyone. We also offer paid packages, however we will maintain a free version of the service all the time.

We believe in the formula:

Satisfied User = Potential Customer

Free users can still avail of the benefits of SecurityKISS Tunnel but they need to manage their limits judiciously.

When will the usage limit be dropped? I want to run this tunnel all the time...

The usage limit will be increased but never be dropped.

For free users it is possible to use SecurityKISS Tunnel all the time if they manage their limit carefully while we provide paid versions of the service with full support and high usage limits. You can view the paid packages here

For free users we increased the limit to 300 MB/day

Can I connect with SecurityKISS Tunnel from many PCs and can they be online at the same time?

With one client ID (with the same instance of the program) you may connect from many PCs. The limitation is that only one client ID can be connected to the same server at the same time.

In the paid version you get more than 15 servers so you may connect from the same number of PCs.

It is said the connection speed is up to 100Mbit/s but I can't even reach half of it.

100 Mbit/s is the physical upper bandwidth limit of the link the servers are connected to external world. It doesn't mean however that you will be able to keep connected at maximum bandwidth as the speed depends on many factors mentioned below.

The connection speed in the tunnel is lower than my plain Internet connection.

The tunneled connection speed will never be as fast as your plain Internet connection because:

To improve the tunneled speed you can:

Is there any speed difference between plans?

The primary difference is between the free GREEN plan and other plans. In the free version the bandwidth is controlled in order to prevent traffic congestion when the large number of free users connect.

On the other hand in the paid plans the connection speed is limited only by the 100Mbit bandwidth of ethernet link of our server, your Internet link bandwidth and the time needed for data to travel between your PC and the server.

The same rules apply for OLIVINE, MALACHITE, JADEITE and EMERALD plans so the speed should be the same for all paid plans however, in the high end packages you get more servers which are underloaded (since only high end plans customers can use them) so most of the bandwidth is available to you.

How can I upgrade my current plan?

If you bought 1 month plan and exceeded your monthly data allowance before expiry date, just buy another package and your account will be upgraded immediately. In order to upgrade your existing 3 month, 6 month or 12 month plan please contact Support

Manual

How to find my client ID?

You will find instructions here.

How SecurityKISS usage meter works?

You will find instructions here.

Can I change servers I am connecting to?

Yes. SecurityKISS system has servers in many locations and you can change server at any moment. If you don't select a server from the list before connection the program will connect to a random one.

When you need a server in particular location you can select server manually from the list.

Where is the server list?

The server list opens in a dedicated dialog window. You may get there from menu bar or by clicking the bottom panel button. See screenshots

How to change the server?

Once you open the server list select the server you want to connect and click 'Apply'. If you are connected via tunnel, disconnect and connect again. After clicking 'Disconnect' wait a few seconds before reconnecting to let your operating system return to stable state.

After successful connection the bottom panel should display the new IP address and corresponding country flag.

See the full instruction here

What does the 'Customer Only' column mean in the server list?

Customer only servers are not used by free users so they are not overloaded, their IP addresses are not publicly known to everyone and have better reputation on most websites that use IP monitoring or filtering.

I had to reinstall my Windows. The SecurityKISS Tunnel link from the activation email does not work anymore. How can I install SecurityKISS on the new system?

If you lost your SecurityKISS Tunnel installer or you want to install it on a new PC, you can download individually generated software from the client area panel at any time:

https://www.securitykiss.com/panel/

Please go to the Download tab and your operating system subtab. Generating the software usually takes up to 30 seconds and it includes security certificate and up to date server list for your client ID.

How to use Client Area Panel?

You will find instruction here

I want to use PPTP version of SecurityKISS. How can I set it up?

PPTP is a VPN connection method that allows you to connect to SecurityKISS servers from most modern operating systems using the built-in programs.

Usually you do not need to install additional software, just configure the connection in the system. You will configuration instruction here

When I try to connect with PPTP from my Android smartphone the connection drops or hungs up.

This is caused by the bug in Android VPN implementation. Please read the article to find out how to work around it.

Security

Does this software have a keylogger or malware or virus or spyware? When I try to install this software the system shows a warning.

No, the software is completely safe. The software is a property of SecurityKISS.com and it was written with use of open source technologies. It means that it does not contain any third party component that would be a black box what could present a potential risk.

The warning is triggered by TUN/TAP driver installation. It simulates an Ethernet device and because it is quite a low level operation your operating system displays the warning. The TUN/TAP driver code is a part of OpenVPN project and is entirely safe, tested and used by millions of users.

SecurityKISS Tunnel has been certified by Softpedia as '100% CLEAN'.

Below the original note from Softpedia:

'SecurityKISS Tunnel has been tested in the Softpedia labs using several industry-leading security solutions and found to be completely clean of adware/spyware components. We are impressed with the quality of your product and encourage you to keep these high standards in the future.'
Read more on Softpedia

My anti-malware software reports a virus in your program. What does that mean?

It may mean that:

First please make sure that you downloaded SecurityKISS Tunnel directly from our website.

There is a marginal probability of the 'man in the middle' attack i.e. someone between your computer and our website replaced the stream of data so that you received infected file. This may be especially true if you are using anonymous proxy services.

Most likely it is a third possibility but just in case please check the file with other antivirus software.

Some antivirus programs are known for many 'false positives' (AVIRA and EMSISOFT are infamous examples). A false positive is a situation where antivirus program reports legitimate and normal files as a virus. You can find more information in Wikipedia: Wikipedia: False Positives

SecurityKISS Tunnel may be wrongly classified probably because it contains the code to connect to www.securityKiss.com to get the welcome message and the current list of Security Gateway addresses (VPN servers).

This problem is caused by some anti-malware products that tend to appeal to user's thinking 'The more threats antivirus detects, the better' which is a spurious conclusion.

You can scan SecurityKISS Tunnel files by uploading them to online services that use several anti-virus programs.

We recommend the services below because they do not require installing any software on your computer:

www.virusscan.jotti.org
www.virustotal.com

The scan reports include results from about 40 different antivirus engines.

As a shortcut please find the report from Virus Total on SecurityKISS scan:

SecurityKISS Tunnel scan report on www.virustotal.com

Of course to double check you can use other antivirus services of this kind.

My outgoing traffic is very sensitive. My fear is when SecurityKISS VPN connection may suddenly drop the line and my PC just keep on going sending information using standard unencrypted connection.
How can I automatically block the traffic? Do you have a solution for this?

The solution is Exclusive Tunneling. It boils down to deleting the default route for underlying connection so that no data can be sent outside of the tunnel.

Why am I always assigned the same IP address from a particular server? Is it based on my client ID? This would seem to have the potential to compromise my security.

Assigning the same IP is an OpenVPN feature - it is the underlyig technology SecurityKISS Tunnel use. It is based on client ID and not on external IP address. The mapping is only stored internally on our server.

The 'static IP' is an option in OpenVPN but it is a default option and there is no reason to change it as it is fully secure.

The local IP you can see in SecurityKISS application is the IP address of virtual network created inside the tunnel so it is completely opaque for third parties. This IP does not appear outside of the tunnel as it makes no sense for external world (it is in a non-routeable address pool).

When I'm connected via SecurityKISS Tunnel and testing the connection using Internet Vulnerability tools like Shields Up I can see that the following ports are open: 22, 80, 443. Isn't it a security threat?

When connected in SecurityKISS Tunnel, the server you are connected to is scanned instead of your PC.

Port scanning tools like the one from Shields Up are designed to test open ports on Internet users' PCs and it generally makes no sense to run port scan tool for the server because it is normal mode of operation for a server to open ports to 'serve' the content and part of its nature.

It is a general principle of the client - server architecture that the server side must open a port to make communication possible. An average Internet user works as a client so usually they don't need to open any ports that's why the negative Shields Up scanning test result may be an indication of some vulnerability. However, testing the server in the same way is like trying to apply the same standards to completely different network entity. What is good for the goose is NOT good for the gander here. While for PC workstation exposing open ports is not very common, for the server it's perfectly normal to have many ports open.

To explain WHY the mentioned ports are open:
port 22 is an SSH console for administration, port 80 has many applications, port 443 is one of the VPN server software.

None of these open ports is a security threat. Additionally they are protected against attacks with adaptive firewall rules.

Can I be absolutely sure that data uploaded/downloaded is completely secure?

The tunneled connection is very secure - it is even resistant to 'man in the middle' type of attack.

The thing that can make the whole solution less secure is the ends of the tunnel, especially on the user's side.

Using SecurityKISS Tunnel your data is very well protected once it leaves your PC but if your PC is infected with virus, trojan or the Internet browser sends too much information then SecurityKISS Tunnel will not help much. That's why having a good antivirus program apart from SecurityKISS is so important.

Troubleshooting

How to start program in Troubleshooting mode?

You'll find instructions here.

I installed SecurityKISS Tunnel but cannot connect

Make sure you downloaded SecurityKISS Tunnel from our website. Do not use a program downloaded from other websites. It will not work. The copy of the program you got from your friend will not work either.

Check your firewall settings if connection is open for SecurityKISS Tunnel (TCP 80, 443 and UDP 123)

You may also check if DHCP client is running. You'll find instructions here

I can establish the tunnel but connection is slow and hangs up often

Please check your firewall for some advanced options that may cause problems with tunneled connection.

For example the Comodo firewall has 'Block Fragmented IP Datagrams' option which is turned on by default (Comodo -> Firewall Behavior Settings -> Advanced).

Since tunneling is about wrapping one packets into others some of them may be fragmented and blocked by the firewall because of that.

Issues of this kind are particularly difficult to track down so in case of unstable connection it is recommended to turn off firewall for a short time and observe if there is any difference.

When in the tunnel my mail client program cannot connect to receive or send email

In the free version sending and receiving emails directly from mail programs like Thunderbird or Outlook is blocked in our service to prevent sending spam and other abuse. Please see also our offer which explains it in detail.

When SecurityKISS Tunnel installation completes and I'm trying to run it I get another dialog from AVG antimalware software saying that a threat was detected. After selecting 'Ignore the threat' I still don't have access to the program.

When AVG software complains about the SecurityKISSTunnel.exe file you actually need to select the AVG dialog box option to 'Ignore the threat' but it is not enough.

You can find additional info in the 'Ignore the threat' AVG dialog box, which says that the program can still be blocked by AVG Resident Shield. It means that Resident Shield does not respond to the 'Ignore the threat' command.

To fully enable the program you need to configure AVG manually: in the AVG application open Tools --> Advanced Settings, find the Anti-Virus --> Resident Shield --> Exceptions form, and add SecurityKISSTunnel.exe into the list of exceptions for Resident Shield. (Thanks to Bill Rodgers)

I can't connect from Android or iPhone/iPad

Privacy

Are Internet providers (ISP) aware of exact downloads/uploads or only their size?

Your ISP is only aware of one connection to SecurityKISS gateway and its volume. Neither type nor protocol of encapsulated traffic is visible to third party.

Do you keep logs of traffic through your tunnel?

For security reasons we collect information about user's IP address and connection time.

What information is kept in logs and how long are the logs stored?

We store logs containing connect/disconnect time, IP address and also traffic volume to control usage for every user.

Detailed logs are automatically deleted after 10 days and the only information that is kept for a long time is total usage.

I am concerned about the amount of information stored about the users using your VPN. What information do you keep? Websites visited, usernames, passwords, etc?

As a completion to previous response - we do not store logs with information about traffic type or content. Your data is decrypted and sent directly to destination.

I am still worried about security of personal information because you store my IP address and connection time.

This is the minimum of information that we must store in order to make the service running.

Please note that comparing to the amount of information captured by an average website it is a drop in the ocean. Normally every website can store visitors IP address and register users activity, guess their preferences based on the time spent on a particular page and on the click order (needless to say about cookies).

We do not require registration from free users - there are no login names and passwords so they cannot be associated with your IP address. Such a design primarily has had users privacy in mind.
This is a very important point of our philosophy - we protect you from the third parties but we also want to protect you from ourselves.

We don't want to be another Big Brother Google who knows your next step before you even think of it. We are here to come to grips with this Orwellian dystopia that becomes a reality nowadays.

I'm connecting from Italy to SecurityKISS server in Chicago. When i use Firefox and surf to Google homepage I can see Italian version! Is this correct? I would expect English version for United States?

If you had connected to Google website before using SecurityKISS Tunnel, Google is able to recognize you as an existing user and display Italian language version instead of the US version. It is possible because Firefox (and any other Internet browser) is storing a small piece of information locally on your PC when connecting first time to a website. This piece of information is called Cookie. Cookie can be turned off in your browser settings but it may limit functionality of many websites. Every time you open the website again the browser sends Cookie back to that website what allows to identify you as a returning visitor. Thanks to that the website can also display the language version saved when you connected first time.

There is also another phenomenon possible. Google tries to assign default language settings to the IP address the user is connecting from. This assignment is based on the language the search queries are submitted. It may happen that many Italian users connect via SecurityKISS Tunnel server to Google and submit search queries in Italian so Google algorithm identifies SecurityKISS server as Italy based and Italian version is displayed by default regardless of the real server location. We have experienced similar issue with our Manchester server where Hong Kong Google version was displayed by default because there were many SecurityKISS users connecting from that part of the world.

Finally it is possible that IP geolocation is wrong. Websites are trying to guess from what part of the world you are connecting from. Based on tbe IP address they try to match the country however, there is no such thing like official IP-country matching central service. All these guesses come from approximate databases built on empirical data and it happens they are wrong in some cases. It has already happened that the most popular geolocation databases were identifying one of our UK servers as located in Ireland and Germany server as located in Italy.

Would your software cause my computer to not have full access to various sites like ebay.com or youtube.com or amazon.com, etc.?

No, website providers do not block traffic outgoing from our security gateways. Remember however that SecurityKISS Tunnel does not prevent sending cookies from your browser to websites. This is potential opportunity to block users by website providers.

Integration

In the paid version I tried to use VoIP (2 different providers: Fastvoip and Voipalot) both using SIP protocol but I couldn't establish a call. Why are you blocking VoIP/SIP traffic?

We don't block VoIP/SIP traffic for our customers. We have tested Fastvoip and Voipalot services and experienced many connection problems even on raw (non-tunneled) connection. When starting Voipalot in Ireland the program is failing when trying to find voipalot.com server.

Our conclusion is that those services are not reliable enough and also they may find it difficult to traverse NAT (Network Address Translation) which is an inherent part of local home networks and VPN services such as SecurityKISS.

It may be worth to look for other VoIP alternatives. Although we do not recommend using non-transparent technologies like Skype we have tested it with our service and it works well with SecurityKISS Tunnel.

Is there an option to set up forwarding ports, to fully set up something like emule to work as efficiently as possible?

No, we do not support port forwarding. It is not technically possible on a shared server IP.

Technical

Why does your geolocation data differ from the WHOIS data?

There is a different purpose and meaning of WHOIS data and geolocation service.

When you check a server or your computer IP address on our geolocation service you are getting the best estimate of actual location of the device with this IP address. The estimate is based on traffic analysis and information from users.

WHOIS query identifies the person or company to which the address has been delegated. Usually it shows the address where the ISP is registered on. Additionally large ISPs tend to cover wide geographic areas and in WHOIS database they are allocated to the same city and country.

Could you possibly add proxy support to SecurityKISS? I have to connect through a proxy to get online.

Yes, we will add proxy support within next few weeks

Does SecurityKISS Tunnel support http-proxy with authentication?

Not yet

Is your VPN using OpenVPN, PPTP or L2TP?

SecurityKISS Tunnel software (Windows only) is using OpenVPN while there are also PPTP and L2TP options available.

What is the difference between OpenVPN and PPTP?

It is explained in this article.

What is the encryption strength of your tunnel?

We use 128-bit Blowfish algorithm for session encryption. For the session keys exchange we employ 1024-bit RSA certificates. Session keys are renegotiated once per user per hour.

Is 1024-bit RSA key long enough to feel secure? I've seen applications using 2048-bit key.

It really doesn't matter. 1024-bit key is good enough.

Using 2048-bit RSA key is often a publicity stunt made by some companies to promote their products. A key length is one of few parameters in the overall security which is easy to compare for non-experts so some companies use 2048-bit RSA keys and announce it in a flomboyant way although it really does not make sense.

Let's repeat and highlight:

Using 2048-bit key instead of 1024-bit key does not improve security of a system and it only slows down key negotiation process.

It may be compared to the situation where we are buying a door lock worth $2000 instead of other one worth $1000 to secure our house. They both are high-end top quality locks and no sane burglar would even bother trying to break such a lock. The burglar will simply break the window, smash the door or bribe the key delivery man to get the copy of the key.

In other words breaking RSA key is a last idea the attacker can come up with, regardless it is 1024-bit or 2048-bit key.

Why SecurityKISS Tunnel is more secure than other VPN providers?

Each SecurityKISS Tunnel program downloaded from our website is different. Every user receives an unique individually generated application with secretly generated 1024-bit pair of signed keys: public and private.

The idea is that the private key should be known only to you and we destroy client's RSA private key soon after downloading the program. We don't store the private key as it should be known only to you and it is not needed for the server to establish a secure tunnel. Since every user has a different private key they are really secret and the established tunnel is resistant to all known types of attacks including 'Man in the Middle' attack (providing that you do not disclose the private key).
Because every user has a different key there is also one more advantage - we don't need user names and passwords to identify users.

Other VPN providers provide only one instance of VPN program which has the same pair of RSA keys for all users.
It means that the allegedly private key is publicly known!

Those VPN providers identify users by user name and password which means that the entire security is based on the password which becomes the real key in the communication channel. Effectively 1024-bit or 2048-bit RSA key or even a single session 128-bit security is reduced to 8 - 40 bit security depending on password strength.

When using SecurityKISS Tunnel, is DNS still done the 'regular' way outside the tunnel, or does SecurityKISS do it for me?

When connected with SecurityKISS Tunnel, the DNS queries and responses are sent inside the tunnel.

It means that DNS info is protected in the same way as every other data transmitted in the tunnel - completely opaque to a third party.

Can you briefly explain the difference between using TCP vs UDP servers?

SecurityKISS Tunnel can use TCP or UDP protocol to connect to the servers.

TCP was designed as a stateful, reliable protocol with error checking, retransmissions, connection and congestion control.
UDP is lightweight, connectionless (each packet is handled individually) and faster.

SecurityKISS Tunnel supports both methods to give users option if one of the protocols is blocked in their network however, it is recommended to use UDP because it is faster.
It may happen that UDP is blocked on Internet Provider firewall so then TCP is the alternative option. Usually TCP's performance penalty is low and connection speed is almost the same as in UDP.

Should I compress the data before sending in the tunnel?

No. It will give you no advantage in speed because we use compression anyway.

The compression factor depends on the type of data you are sending and whether you use our OpenVPN client, PPTP or L2TP.

Other

May I distribute your software?

There is no point in doing it since every downloaded instance of SecurityKISS Tunnel is a different binary.

Please do not share copies of downloaded binaries nor make them available on sharing websites. The shared binary is not going to work. Moreover it is in your interest not to share downloaded program because it will stop working for you. If you want to recommend it to someone - share the news and redirect people to our download website where they can get software for free.

Your software is one of the best ideas I've ever seen. Excellent work.

Thank you. You can help to improve it by sending suggestions and issues you found. Also any suggestions related to the website and its content are welcome.

We are going to expand the Articles section so if you have any ideas or texts you would like to publish - let us know!

Especially we are interested in making it as intelligible as possible since we want to reach a wide audience.