So you think your VPN is secure

E

evilsofa

[H]F Junkie
Joined
Jan 1, 2007
Messages
10,078
You'll have to scroll down past a few very interesting pages to get to the VPN cracking stuff, but the NSA can pretty much compromise whatever VPN they want to:

http://www.spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361.html

One of those interesting bits is what it takes to actually give the NSA a real problem:

"Things become 'catastrophic' for the NSA at level five - when, for example, a subject uses a combination of Tor, another anonymization service, the instant messaging system CSpace and a system for Internet telephony (voice over IP) called ZRTP. This type of combination results in a 'near-total loss/lack of insight to target communications, presence,' the NSA document states."
 
I'm just going to throw it out there. I take this report and anything the NSA says, good or bad, with a grain of salt. They're an agency so elusive it could easily fall within the realm of psyops where do you believe they can't crack these technologies and use them, or are they're fooling you into using weaker implementations not listed because you fear they actually have cracked the list they're perpetrating as impenetrable. They would gain nothing from telling people the truth. They haven't for over 40 years now lol. They're a U.S. Agency with their own agenda.

See, it's the never ending wheel that keeps turning. If you believe anything come from a Shadowy "Intelligence" agency as fact, you're a fool. VPN is only as secure as the endpoints as far as we know. Compromise either system: Company Servers, or Customer's machine via Malware and it's fundamentally insecure.
 
Liger88 said:
I'm just going to throw it out there. I take this report and anything the NSA says, good or bad, with a grain of salt. They're an agency so elusive it could easily fall within the realm of psyops where do you believe they can't crack these technologies and use them, or are they're fooling you into using weaker implementations not listed because you fear they actually have cracked the list they're perpetrating as impenetrable. They would gain nothing from telling people the truth. They haven't for over 40 years now lol. They're a U.S. Agency with their own agenda.

See, it's the never ending wheel that keeps turning. If you believe anything come from a Shadowy "Intelligence" agency as fact, you're a fool. VPN is only as secure as the endpoints as far as we know. Compromise either system: Company Servers, or Customer's machine via Malware and it's fundamentally insecure.
Click to expand...

Agreed, as a former government employee they are only looking out for themselves and I wouldn't believe anything they said.
 
If they struggle with truecrypt and pgp as the article indicates, then it's likely they would struggle with ipsec or openvpn as well. It sounds like they try to do an end run around the encryption and attack the endpoints, which makes sense if they can't actually decrypt.
 
dave99 said:
If they struggle with truecrypt and pgp as the article indicates, then it's likely they would struggle with ipsec or openvpn as well.
Click to expand...

Ipsec was compromised by NSA day 1. NSA employees were on the draft committee and diluted its security from the get go.
 
sounds a lot like lying to protect their funding under the guise of usefulness.

if you told your boss that you can't do something he'd fire your ass.
 
Skripka said:
Ipsec was compromised by NSA day 1. NSA employees were on the draft committee and diluted its security from the get go.
Click to expand...

The NSA also helped select Rijndael as the AES cipher, doesn't mean a thing. The government uses IPsec, weakening it would make them vulnerable to enemies. That is the fundamental problem with backdoors (particularly in such basic crypto systems) is you can't guarantee will be only used by you.
 
You must log in or register to reply here.
Back
Top