Regarding the 'port fail' vulnerability
Recently, there was a blog entry about a vulnerability that affects VPN providers offering port forwarding such as OVPN does.
The vulnerability can expose the real IP address of a user connected to VPN service if the hacker shares the VPN service IP with this user. The hacker opens a port at his VPN provider and then tries to get the victim to visit the assigned IP address as well as the newly opened port. The victim will then connect with his real IP address to the hacker’s computer, revealing his IP address in the process.
However, we want to inform all our users that we are not affected by this vulnerability. Many other VPN providers have had this vulnerability for a long time, but we have known about it and have fixed this security issue.