This depends on many factors. Your account type limits the maximum speed of your connection, but whether or not you will reach the maximum speed depends on your local network situation and the connection protocol.
Generally, "https" and "ftp" are very fast, "http" and "post" are fast, "udp" and "echo" are not so fast, "cgi" is rather slow (particularly through relays) and "dns" is slow. The maximum (typical) values you can expect in otherwise ideal conditions are: 50 Mbit/s (15 Mbit/s) for "https" and "ftp", 25 Mbit/s (6 Mbit/s) for "http" and "post", 2.5 Mbit/s (1 Mbit/s) for "udp", "echo" and "cgi", and 1.5 Mbit/s (500 kbit/s) for "dns". This is for multiple tunnelled streams with sustained data flow. Please note that "udp", "echo" and "dns" need to poll the server and use mechanisms to reduce traffic; these mechanisms can lead to slow connection set-up. You can fine-tune these protocols to better meet your needs.
It is important to recognize that you are probably using YF to make something work that your provider does not want to work, particularly if you use the more sneaky protocols like "dns". Do not expect miracles.
If in doubt, please test first. We offer free test upgrades.
Until very recently, the answer was "yes". It is no longer. Everyone can simply use username "unregistered" and password "unregistered" to get FreeFreedom access. Please note that if you want BasicFreedom, EnhancedFreedom or TotalFreedom, you still need a personal account.
Quite possible. If you find mistakes, please report them! You can use the reporting form to contact us and tell us about the problem. Please submit your report only once, we will certainly look into it.
How can I hide the Your Freedom installation on my PC?
My recommendation: install TrueCrypt on your PC. You can get it for free on the TrueCrypt homepage http://www.truecrypt.org/ (please consider a donation if you can afford it -- it is a fantastic tool and may save your butt, so it's worth a few bucks!).
In TrueCrypt, set up a virtual encrypted disk in "plausible deniability mode" (i.e. it shows two different contents depending on which password you
enter, so you can reveal one of them -- the other content is
steganographically hidden, and you put some private looking content that
won't get you in deep trouble in it with the "public" password. It is
impossible to tell whether or not there is a second password unless you actually know it). Copy the
"Your Freedom" folder from your C:\Program Files or C:\Program Files (x86)
there. Uninstall YF on your PC and delete the remains (if any) in the
program files folder and the downloads folder. To run YF, mount the
encrypted partition, go to the folder, and click "freedom.exe". YF does
not need any registry settings or whatever, it will happily run from any
folder. If you want to be super-safe, create a "run.bat" file with this
content: "freedom.exe --configfile=ems.cfg", if you run YF via this
batch file the config file will be stored in the encrypted file system
too and not in your home directory. Avoid openvpn mode, it currently
creates files in your home directory and leaves them there (on my list
of things-to-do).
If you need to wipe all traces, make sure you delete these files in your home directory (c:\users\yourname):
They are created by the YF client on-the-fly when using openvpn mode, it is safe to delete them.
Also, delete the "ems.cfg" file if it is there, it contains your client
config. When uninstalling YF, ensure that there are no leftovers in the c:\program files directory or your download directory. Empty your bin afterwards. This will at least make sure that a superficial inspection will not find anything.
How do I update my YF client installation? Why should I do it?
The YF client does not have an automatic updating facility, you need to update it manually from time to time. This way you will receive the latest bug fixes and features. Keeping your YF client installation up to date is key in staying connected, especially when you need to rely on YF's ability to get you connected.
We suggest that you follow this procedure to update your installation (Windows -- on other systems the procedure is similar -- download, uninstall, install):
If there is a newer version available, consider downloading it. We suggest you always keep the downloaded files of previous installations until you are sure that the new version is working properly for you so you can revert it not.
Once you've donwloaded the new version, disconnect, then exit the YF client.
Uninstall the current version through Start - Programs - Your Freedom - Uninstall or through the control panel of Windows. While it is safe to install new versions over previous versions if you ensure that you always use the same installer type, we do not recommend it. Your settings will not be lost by uninstalling the YF client.
Install the new version by running the downloaded file and following the steps on the screen.
If you find that the new version fails to do something properly that the previous version did, please let us know (include both version numbers if possible, and tell us which installer you are using, NSI -- the small one -- or JET -- the large one). Tell us too if it fixes a previous problem. (No need to tell us you are now able to get connected again when you weren't able previously -- we'll notice it statistically. :-)
The YF client can use IPv6 to connect to YF servers. IPv6 addresses can be reached through the SOCKS5 and local port forward facility, but not via OpenVPN mode or web proxy. Please note however that not all of our servers support IPv6.
If you are having problems connecting to YF servers (or even find them), it is a good idea to try and enable IPv6 on your PC (if it is not already enabled). Also, enable all kinds of tunneling mechanisms, you never know -- one of them might work where you are. :-)
On Windows Vista and Windows 7, both IPv6 and Teredo tunneling are enabled by default but unless your PC has a global IP address tunnel mechanisms won't work out of the box. To make it work, click on "Start", then type "cmd" but do not hit Enter. Wait until the "cmd.exe" application appears in the search list, then right-click on it and choose "Run as administrator" and confirm the dialog. In the black cmd window, type "netsh". In netsh, type this command:
interface ipv6 teredo show state
If "status" is "offline" try this command:
set state enterpriseclient
Wait a bit then check the state again:
show state
It should tell you that "status" is "qualified" or "dormant". When done type "exit".
With Windows XP SP1/SP2, Teredo is shipped as well but not installed by default. You can easily sort that though by opening a cmd window (click Start, then click Run and type cmd) and typing "netsh interface ipv6 install", then proceed as above (or just type "netsh interface ipv6 set teredo enterpriseclient").
You might want to use a different Teredo gateway than the default; if yes append it to the "set state enterpriseclient" command. If your PC is not behind a NAT router you can use "set state client" instead.
Unless someone filters Teredo this should give your PC full IPv6 connectivity. The YF client will automatically notice and try IPv6.
Yes, you can. But there are a few limitations.
First of all, you won't be able to use SSMTP (TCP port 465). We had to block this because otherwise spammers could make good use of our system. If you really, really need to use SSMTP with a certain IP address, contact us at support@your-freedom.net and we should be able to help you.
If you send email through SMTP (TCP port 25) you'll always end up on one of our email gateways, not the one you are trying to connect to. This is also an anti-spam measure. Our gateway is configured to accept email from you and relay it on, but your mail software configuration may have to be adapted if you require authentication and/or encryption in it. In other words, you need to disable all kinds of authentication and encryption when sending email. We are also filtering email sent through our gateway with a strict anti-spam ruleset and we scan for viruses as well. However we do not block attachments by type and we accept very large emails, and are probably more tolerant than the recipient's gateway.
You are unable to send email to more than 10 recipients -- by purpose. Again, this is unavoidable -- we just don't want spammers to be able to "fan out" that much through our system. And you are unable to send more than one email every few seconds. This is to discourage spammers -- it just doesn't work out for them this way. However, as an ordinary user you should not notice these restrictions at all, and we believe keeping the net clean of this filth is worth the hassle. We closely monitor our email gateway and we see the amount of spam that doesn't get sent because of this -- and feel proud about it.
Btw. you need not worry that anyone will read your emails -- up to our email gateway they are protected by the YF tunnel, and our gateway will send them on encrypted if the other end supports it. We certainly do not care about what you send in your emails as long as it's not SPAM, we're not Google after all.
Why does YF's RTT differ from what I see in games?
Why do apples differ from peas? It's a completely different measurement, measuring completely different things.
The YF RTT measures the worst case delay added by the YF system. It does it by enqueueing a "PING" frame at the end (!) of the output queue, to which the server responds with a "PONG" frame, also enqueued at the end of the output queue. The result is mostly influenced by these factors, in this order: Excess bandwidth use, IP packet round trip times between YF client and server, load on server and client. It's a worst case measurement because YF tries hard to enqueue frames in a clever way.
When games measure round trip times, they measure them between the game and the game server. The result will always be higher than the YF RTT of an idle connection, but it can be lower than the YF RTT of a connection exceeding the profile's bandwidth limit. In most cases however the game will measure a higher RTT than the YF client, simply because the round trip time between the game server and the YF server add to the overall RTT, and a loaded game server will add delay as well.
A general rule of thumb is this: if the RTT of YF is rather low and the value measured by the game is rather high, it's not our or your fault. If YF's RTT tends to be higher or almost as high as the game's you may not have enough bandwidth, either because of your Internet connection or because of your YF profile. If both are bursty (i.e. shoot up high, then fall down again) the most likely cause is packet loss. If the game's RTT skyrockets when you are getting yourself into a mess (battlegrounds etc.) you are likely lacking bandwidth.
It is important that all network supporting applications run with raised priority because games usually max out the CPU. Raise the priority of the YF client and the socksifier or the OpenVPN process or they might not get enough CPU cycles, even on fast systems.
Yes, it does. But that's only the short answer. The long answer is that you need to be aware of a few things and take appropriate measures.
Don't use the full installer version (that's the 28 meg one). The full installer version comes bundled with a version of Java that is not running very well under Vista, if at all. Install a current Java Runtime Environment (we recommend Sun's JDK6 available from Sun's Java page and use the installer version or the ZIP version of Your Freedom.
When using the installer version and you would like to run YF in dump mode, or if you are using OpenVPN mode, don't simply click on the start menu item to run it but right-click and choose "Run as administrator". If you don't YF won't be able to write the dump file in the install directory and it won't be able to install routes into the tunnel in the routing table.
If you are running a 64 bit version of Vista, you need to add a command line option. Edit the links in the start menu and on the desktop by right-clicking on them, then choose Properties. In there select the link tab and locate the "target". Edit the value and append (after the double quotes and with a leading space) "--noappwizard".
We will rectify these issues in the future so that Your Freedom will run on Vista without any corrective measures.
No. The servers and the clients both have a protection mechanism to reduce the significant load that rapid-fire stream opening would put on the servers, and to protect our servers and the Internet community from SPAM and denial of service attacks. There are several restrictions, and they are enforced in both server and client code:
You can only open 20 streams per second. If you exceed this,
future OPEN requests get delayed so that no more than 20 streams per second get connected.
You can only have 20 pending OPEN requests at any time. This means that if the server has received 20 OPEN requests from you and none of it has worked so far, future OPENs get delayed until one of them has connected or timed out.
Backoff mechanism, to make denial of service attacks through our servers impossible: If you open more than 3 streams to the same port within 1000 milliseconds, the next OPEN will get delayed by 1000 milliseconds, the next one by 1.2 times this (1200 milliseconds), the next by 1.2 times 1.2 times this (1440 milliseconds), and so on, up to 2000 milliseconds. This only stops if the next OPEN arrives after all previous delays have passed. These numbers are used for all TCP ports except port 25 (SMTP), where much more stringent rules apply (3 connections within 5 seconds, up to 60 seconds), to make the service useless for email spammers. All these values are configurable, and there are some more protection features in the code that only get activated when needed.
These restrictions should not limit normal use of the service. However we have found that some P2P programs misbehave. We believe that merciless rapid-fire stream opening is an abuse of the Internet and urge authors of such software to limit the connection rate in their applications. Many P2P programs have configurable values for the number of open streams, the number of pending streams, and the connection rate; please use them! Set the number of concurrently open streams to just a little bit below your profile's maximum (leave 2-3 spares for DNS lookups and tracker connections), limit the number of pending opens to 15-18, and set the connection rate to at most 5 per second or so, then you should be fine.
Again, these restrictions are necessary to guarantee stable operation of the service and to reduce the risk of denial of service attacks on us and others; we are not doing this to cause trouble. Thank you very much for your understanding.
Why should I use "Your Freedom" and not an open-source alternative?
I personally am a big advocate for Open-Source software, so if you find an open-source alternative which works well for you, there is no reason why you should not use it.
However, here are some "Problems" people experience with Open-Source alternatives (none mentioned in particular - some may apply, some may not).
The main reason is tunnel End/Server availibilty
Typically, what you find in the open-source community is a Server-Component and a Client-Component. However, most people don't have a public Internet Server available where they could install the Server-Component of the solution. Installing the client on your PC is the easy part, but trying to find somebody who provides the Server is not.
Then there are other reasons like features etc ...
All users do have a server stored profile that defines the maximum bandwidths they can use. Apart from this, the user can further limit the used bandwidth (but not extend it). Short bursts are possible but on a sliding average of approximately 10 seconds the maximum bandwidth used should equal the maximum bandwidth configured. Slight differences may occur because of IP encapsulation that is not accounted for, but that should be less than 1%. Another 1% may come from control traffic that is not limited but counted. These two effect are actually cancelling each other out partially so you should not really notice any of them. :-) Limiting works by delaying de-queueing of frames on the output queue. Only data frames are delayed, control traffic (such as messages, acknowledgements, open requests) are not, because this would possibly result in unnecessary retransmits and instability.
The output queue is fed by the stream queues, which do not do any traffic shaping but are responsible for retransmission. In order to do per-application shaping one would have to add this feature to the stream queues. Unfortunately this is already awfully complicated code as it is now (highly sophisticated queueing and retransmitting that tries to give best responsiveness for interactive traffic and best throughput for bulk traffic at the same time, under all congestion circumstances), and to make matters worse I am currently re-writing parts of it. :-) You will probably understand that I am a little bit reluctant to add this right now, especially since it would mean a lot more memory consumption and more CPU overhead on the servers.
If you are concerned about p2p uplink, most clients have features to limit the uplink bandwidth built in. You should use these if possible.
About DCC, please give it a try (but wait for the latest client, to be published probably some time today :-). It should work but cr is looking into issues with mIRC at the moment.
So, you think you have done the impossible and found a bug? - Well, might be.
Please read the Forums first, to see that if we are not already tracking this Bug - if that's not the case and you are the lucky one to find it, please post it in the "Bug Report" forum.
An application, which allows to bypass Firewalls, Content Filters and furthermore allows you to stay anonymous on the Internet by hiding your source IP address and encrpyting the data between your PC and our servers.
The technical answer is ...
"Your freedom" is an application that falls into the category of HTTP-Tunnels.
By forwarding ports from your local PC we can provide:
Socks Server (on localhost:1080)
Web Proxy (on localhost:8080)
Freely forward any local ports to a remote Server
Forward assigned server ports to your PC
In combining this we probably enable about 80-90% of your applications to bypass any firewall and proxy.
Yes, it does. Starting from version 20080214-01 the YF client should run again on Windows 98 and ME. Use Java 1.4.2_16 and download the Nullsoft installer of Your Freedom (that's the top-most download). You won't have the systray functionality but apart from this it runs fine.