Your Privacy is at Risk From Using a VPN: An Interview With Scott Arciszewski

[nir]

We recently interviewed security engineer Scott Arciszewski, and asked him a few questions about security and weak cryptography issues in popular VPN providers and software. His insights from a technical and practical perspective, he throws light into the rampant ongoing business and marketing, lead by popular VPN providers who falsely claim that their products are offering the most secure solutions, even going as far as quoting their security as “military-grade encryption”(Courtesy of NordVPN)

 

A hard-coded key is a total game over for this protection. Says, Scott Arciszewski

 

Together with Scott Arciszewski, we have analysed and unraveled various prospects of (practical) weaknesses and security issues affecting commonly used VPN software like NordVPN. The most important question that pops up is:

 

Are these VPNs really as safe as they claim to be?.

Key advice from the interview

• Never trust VPN providers, and avoid using them altogether
• As an alternative, consider using WireGuard for supporting critical corporate infrastructure
• For personal privacy and anonymity use Tor
• VPNs don’t offer the safety, privacy or, the level of encryption and anonymity which they commonly claim to. They simply can’t do so, speaking practically. Most of them not being open source makes matters even worse. Hence, their software’s code quality  in terms of security is quite understandable, they simply try to hide this aspect.
• Don’t fall for advertising clickbait without further analysing and doing personal research into them.

Read the full interview below:

[...]

 

Read the full article at the source.

 

Source

 

[Recruit]

There are not any proofs to sustain this article.
It seems like a composition from the kindergarten about autumn !

[jabrwky]

"Since a handful of primes are so widely reused, the payoff, in terms of connections they could decrypt, would be enormous," researchers Alex Halderman and Nadia Heninger wrote in a blog post published Wednesday. "Breaking a single, common 1024-bit prime would allow NSA to passively decrypt connections to two-thirds of VPNs and a quarter of all SSH servers globally. Breaking a second 1024-bit prime would allow passive eavesdropping on connections to nearly 20% of the top million HTTPS websites. In other words, a one-time investment in massive computation would make it possible to eavesdrop on trillions of encrypted connections."

 

Researchers show how mass decryption is well within the NSA's $11 billion budget.

[steven36]

2 hours ago, jabrwky said:

"Breaking a single, common 1024-bit prime would allow NSA to passively decrypt connections to two-thirds of VPNs and a quarter of all SSH servers globally. Breaking a second 1024-bit prime would allow passive eavesdropping on connections to nearly 20% of the top million HTTPS websites. In other words

This dont have nothing to do with vpns that has too do with NSA breaking HTTPS i use a 2048-bit prime on my vpn witch is 2 times as strong as what there trying to crack.. Will it would crack really shitty  VPNs were  they don't have a option   to  use a strong RSA key.

 

Quote

 

Using a common DH prime doesn't by itself compromise a system. But using a DH prime that is potentially within computational reach of an organization, especially one that is widely used, is. The authors estimated that cracking a 1024 bit prime might be possible for an organization such as the NSA, given a huge amount of resources (several hundred million dollars) and time (1 year).

 

Attacking DH is done by computing the discrete log, using an algorithm called NFS. It turns out that for the classical DH (using the multiplicative group of integers, modulo a prime $p$), the attack can be amortized over all discrete logs in a group. In other words, most of the work needed to solve the discrete log using NFS only requires knowledge of the group (defined by the prime $p$), and not the computed value $g^a$ (different for every connection). This means that the attacker can do a huge amount of precomputation and then attack individual connections very quickly.

 

So the authors suggest that since most of the internet uses only 1 or 2 specific 1024 bit primes, an organization could invest heavily to do the necessary precomputation. Then individual connections can be broken quickly, by computing the last step in NFS. If you want to know how that works, read the link K.G. gave, or learn how NFS (Number Field Sieve) for the discrete log works.

 

All this can be prevented in a couple of ways. One, simply use larger primes. Even if the entire world used one specific 2048 bit prime, it would (probably) be impossible for an organization to crack encryption in this manner, amortization or not. Better yet, switch to elliptic curve DH. Elliptic curves don't suffer from the same precomputation woes, meaning attacks on parameters that are barely within computational reach only compromise one connection, rather than all those using that group.

 

https://crypto.stackexchange.com/questions/39227/the-problem-of-common-dh-primes

 

HTTPS  being the most widely used 1024-bit prime is in danger of being cracked but really it's not private no way all the have to do is go to Google , Microsoft , etc   or take Clouldflare to court and they will hand your info over. Only thing HTTPs does is hide what you do from your ISP  but also you need to change DNS.

 

But the info in the OP is hog wash anybody who uses there full name on the internet like Scott Arciszewski does  don't care about privacy no how he wants the whole world to know who he is are he would only use a handle lol hes talking about privacy while using his real name . People who want to be famous sold there privacy out..  1st time they mess up the Feds know who they are and were to find them. even famous people know better than use there real names if they want any privacy  .  thats why many leaks the source tells the journalist not to say who they are they don't want in the news. Some vpns that offer a 2048-bit prime have even been proven in court not to keep logs. 2048-bit prime is default protection in most VPNS  Mine if i switch to maximum protection uses a 4096-bit prime 3 times stronger than 1024-bit prime.

 

Quote

. The NIST recommends 2048-bit keys for RSA. An RSA key length of 3072 bits should be used if security is required beyond 2030.

But already people are using the larger 4096-bit keys you can read more on it here

Should We Start Using 4096 bit RSA keys?

https://www.jscape.com/blog/should-i-start-using-4096-bit-rsa-keys

 

[dMog]

scary stuff....still,if you are doing stuff the nsa wants to know about...they will find a way to spy on you....they do not have a budget the size that they have to catch you or me stealing a song or a movie...🙄

[steven36]

32 minutes ago, dMog said:

scary stuff....still,if you are doing stuff the nsa wants to know about...they will find a way to spy on you....they do not have a budget the size that they have to catch you or me stealing a song or a movie...🙄

Most people dont do nothing on VPNs but download a movie , but if your a journalist  or even a whitehat hacker  who exposes there spyware   you need to be worried  about the NSA and the FBI it's not just bad guys there watching. The NSA are like Google   you can just use certain words  and they will watch you even posting topics on privacy and security  is enough to make them watch you. Just now after they was exposed by Snowden they have to be extra careful  about how they do it but they know the law better than we do and how to get around it.. Right now is not a good time they gave the NSA and the others the go ahead to hack  the other day.

 

 

 

[Appline]

17 hours ago, Recruit said:

There are not any proofs to sustain this article.
It seems like a composition from the kindergarten about autumn !

 

This. If you've read the twitter thread then you know that he's talking about the OLD version of NordVPN and not the recent ones and admits that it is fixed now. And even then it is really difficult to exploit. I liked one comment in the article's comment section 'Only a true professional rages on Twitter before reaching out to the vendor asking at least any details on their PAST mistakes.