NSA Says They Have VPNs In a 'Vulcan Death Grip'

An anonymous reader sends this quote from Ars Technica: The National Security Agency's Office of Target Pursuit (OTP) maintains a team of engineers dedicated to cracking the encrypted traffic of virtual private networks (VPNs) and has developed tools that could potentially uncloak the traffic in the majority of VPNs used to secure traffic passing over the Internet today, according to documents published this week by the German news magazine Der Speigel. A slide deck from a presentation by a member of OTP's VPN Exploitation Team, dated September 13, 2010, details the process the NSA used at that time to attack VPNs—including tools with names drawn from Star Trek and other bits of popular culture.

Re: What IP address ranges are in the US?

[TimMD909]

I'm pretty sure the NSA has technology to use foreign IPs. Just block all traffic by slicing all cables.

Re:*sigh*

[Irate+Engineer]

Win.

Re:What IP address ranges are in the US?

[Midnight_Falcon]

Good luck with that. You can block all IPs assigned to ARIN in the US, but thanks to IP address shortages, you'll find many of those sites with ARIN-allocated IPs are actually located geographically in Europe...and some APNIC IPs are located in the US...etc etc

Re:A little help here.

[mSparks43]

I'd say its because they've been influencing it at the school level CS classes.

"Its too hard" - "its too easy to make mistakes"
-"let those who know what they are doing handle it"
ubiquitous.

Re:4 years ago?

[khasim]

It's not so much the VPN technology as it is the failure to correctly implement and secure it.

TFA leaves the real content until the end of the article:

The data is then replayed from the repositories through a set of attack scripts, which use sets of preshared keys (PSKs) harvested from sources such as exploited routers and stored in a key database ...

So if the NSA wants to "crack" your VPN session they first record it (we know how they do that) then they try to brute force that recording using what is, essentially, a dictionary attack.

TFA seems more entranced by the cutesy names than by the technology.

Re: What IP address ranges are in the US?

[dpilot]

Plus don't forget, the NSA simply must be the only agency in the world trying to do this sort of thing. I'm sure that no other nation has any interest whatsoever in gathering this type or depth of information, for any reason at all.

Re: What IP address ranges are in the US?

[bragr]

That is harder than you'd think. A surprising amount of data ends up going through the US. A lot of the EU-Asia traffic ends up going through the US as the indian ocean routes are relatively slow, and AFAIK Russia hasn't built any extensive cross continent fiber networks.

Sigh.

[ledow]

So if they have the PSK, then they can decrypt your VPN connection?

Yeah, not surprising.

Nowhere does it say they actually have effective techniques for extracting the PSK from, say, a Diffie-Hellman exchange. Because.... well... pretty much, nobody can.

But, sure, if you plug in your VPN PSK into a router that's then compromised, your PSK is then public knowledge. Hell, in most places it's listed in your Cisco CLI and extractable if you have access to it (http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/82076-preshared-key-recover.html).

Isn't this why we have several things, not least SSL VPN with proper keychains, certificate revocation, passphrase-protected keys, etc.?

You can try to scaremonger all you like (this is, what? The fourth of fifth article this month with scaremongering like this about Tor, SSL, etc.?). Fact is nobody has demonstrated, or even pointed to suspicious circumstances that may hint, that the NSA or anyone else are doing anything different to the bad guys out there - finding out that compromising the devices is generally easier than decrypting proper TLS security. And nobody's been seen to actually have a shred of evidence that they can decrypt TLS by any way other than being handed the keys.

All this does is tell me the exact OPPOSITE of what the little guy (and presumably anyone reading this article, shame on you Slashdot) would take home. The NSA aren't able to do anything more than I thought they could. That the encryption is serving it's purpose to the point that it's easier to compromise the routers en-masse than it is to break the encryption.

All this does is say to me "Keep doing what you're doing". Use proper PKE with decent size keys and secure them as much as humanly possible.

All I've thought about these kinds of articles for the past year is "What are you trying to scare me onto?" Truecrypt, SSL, PFS etc. It all points towards a certain set of algorithms which are hailed as the "solution" to all these problems - Elliptic Curve. Strangely, one of the "official" curved was designed in co-operation with these people and they won't provide justification for it, and their track-record in this area is quite well-known. These are the people who paid RSA to weaken their encryption, the people who didn't want us to be able to have large-bit encryption available in any case, and who wanted us to have backdoored chips protecting our devices.

PKE is doing it's job at the moment. I'd hate to think that we all jump-ship to the thing that's ACTUALLY broken, in our haste to secure things against this kind of propaganda.

Re:Sigh.

[ledow]

Your choice of OS, if you have something worth encrypting and hiding, is the least of your worries.

If you have any brains at all, all key generation is done offline on a clean machine and then that machine destroyed. Only a specific, purpose-built target on YOU would stop that working as intended without informing the NSA, and then they may as well just listen in to the room anyway.

What you are falling into is the "movie hackers" fallacy - "Gosh, everything hackable therefore everything is hacked all the time". If you have a clean, from-disk OS, even, and keep it off the net, and sign your messages with your pre-generated private key on a device that goes NOWHERE and only gets turned on when you need to use it - fuck 'em. Quite what power do you think they have over that?

The problem with modern day stuff is ALL Internet-access-based. Hell, most people think a computer isn't a computer unless it's on the Internet nowadays.

Don't get me wrong, if you're targeted by the NSA, I'm sure they can get to you somehow. But I can assure you they were targeting Bin Laden and he survived, what, a decade with the whole world looking for him? He was found to be couriering USB keys down to the local cybercafe.

Targeted malware only works if you're stupid enough to expose the machine to the net, or run programs that aren't verifying content. Fuck trying to "infect" someone who only reads their mail via "mutt", for example. It's all Hollywood tripe.

If there's a terrorist with a brain out there, and they are trying to avoid the NSA's glare, I'd be quite annoyed at their stupidity if they aren't using read-only boot media, a bunch of random devices bought in shops, PKE, and programs that aren't mainstream enough to have exploits written for them.

Fuck, even I know how to encrypt mail offline and have read my mail accounts via telnet in the past.

If you're targeted, malware is the fucking least of your worries, and easily countered by not allowing your PC to come into contact with it. Even that stuff about some malware making computers "talk" over audio channels to cross air-gaps only works when computers are infected in the first place.

We even have double-compilation-verification built operating systems, and you can boot some old shit off a floppy image from pre-Windows days if you're really paranoid.

The problem is not that - it's not encrypting, generating, or securing your message. It's how do you get your message to the wider net from there, and that identifies your location quite quickly. However, as pointed out above, you can sit in the same location for ten years with a willing stooge to courier to nearby cybercafes and NEVER get caught that way.

It lacks in imagination to think that the NSA, or indeed any intelligence agency, is really as good as you think they are. I'm a massive fan of GCHQ history, for instance, and I quite believe that today's GCHQ is a shadow of it's former self forced to resort to asking Facebook for copies of its data. Given that they invented this type of stuff to prevent EXACTLY what they are trying to do now, it's hilarious that it's backfired to the point where they are having to convince you they really can listen to everything, everywhere, always.

If they could do that, you would never hear of it. Because, you see, they'd know about all the leaks and be able to stop them in their tracks - legally or illegally.

Good news

[Charliemopps]

This is actually good news. The clearly state that "Ubiquitous Encryption" is a threat to the NSA. They are currently assuming that encrypted traffic is something they should target so if everything's encrypted... viola.

So go out, encrypt everything you can. I'm looking directly at you SlashDot. Fix your 10yrs out of date website for christs sake. You want me to start using "Beta"? Secure it!

Re:Good news

[wbr1]

To what end should slashdot secure itself? Are you storing confidential info here? It is a public forum. Anyone, including an NSA agent can browse all your postings regardless of any encryption used between you and this site.

There would need to be a compelling business/financial reason for any site to do so. Helping others hide their traffic is not all that compelling from a beancounters point of view.

Re:Good news

[Charliemopps]

To what end should slashdot secure itself?

To keep me as a viewer.

Are you storing confidential info here?

Yes. Everything I do is confidential until I explicitly declare it's not. This text is displayed publicly for all to see. But how it got here, from where I'm logging in and who I am in real life is none of your business until I say I'm ok with that.

It is a public forum. Anyone, including an NSA agent can browse all your postings regardless of any encryption used between you and this site.

But linking them to me is an entirely different thing. Sure, anonymity doesn't gain me a lot currently. But we've no idea what the next US administration is going to look like do we? And what of my friends in China? I'd like to hear their thoughts on this as well. Oh... they can't even remotely post here... I guess Slashdot doesn't need 1/3rd of the worlds audience... oh well.

There would need to be a compelling business/financial reason for any site to do so. Helping others hide their traffic is not all that compelling from a beancounters point of view.

being a tech site, and the ever increasing consumer demand for secure communications, I think the rather trivial effort it would take to implement HTTPS would forever mar this "Tech" website as being ridiculously out of date. It doesn't really matter if you ever use the intermittent wipers in your car... it makes a new car look pretty stupid not to have them either way.

Re:What IP address ranges are in the US?

[gatkinso]

My guess is that you overlooked the "USA, AUS, CAN, GBR, NZL" at the top of the slides.

Re: What IP address ranges are in the US?

[Richard_at_work]

Does any other nation have an intelligence budget that even approaches that of the U.S.?

Re: What IP address ranges are in the US?

[itsenrique]

With those ping times, you sure won't have the first laugh.

Re:4 years ago?

[ChunderDownunder]

I thought that was a reference to The Big Bang Theory.

You know, the show set in the Californian neighbourhood in which unemployed actors such as Levar Burton, Wil Wheaton and Brent Spiner dwell.

What a stupid idea ...

[CaptainDork]

... I downloaded the Tor browser and I'm, like going to cnn, disney, xvideos, and then I try going to my Facebook page and WHAM!!!!

I'm in validation mode,

That's much better than the "command mode" ("commode" for short), but I had to prove I am me by sending Facebook my passport and giving them my phone number.

The fucking NSA isn't allowed to blow their cover and stuff.

We should use the DMCA

[seeker_1us]

My content sent over VPNs is original work encrypted to protect it against those not authorized to have a copy. It is thus covered by copyright law. The NSA is circumventing encryption to obtain illegal access to copyright work.

Re:We should use the DMCA

[radarskiy]

Your EULA grants the ISP a perpetual transferable right to your data, or else it would be a copyright violation for them to transmit it anywhere. They can then sub-license to whomever in exchange for not being named an accessory for every criminal act that involved a communication that crossed their network.

SSH is blocked in lots of represive regimes

SSH is great technology because the certificate is self signed and relies on TIME to protect it, even the NSA can't travel back in time and do a man in the middle attack on the first SSH link and every subsequent SSH session between those computers, to swap that cert.

Likewise the documents said NSA was intercepting 10 million TLS (HTTPS) a day. By now, three years later that will be 100 million or a billion. The problem is the certificate authorities are US companies and all backdoored by the NSA. SSH doesn't have this problem, the certificate is self signed, we don't trust the certificate authority to verify the source of the certificate as us and not the NSA.

Also my port 22 SSH is blocked, and I live in one of those Asian repressive regimes, so I take it as a sign that SSH is considered secure by said repressive regime because they block it.

Re:Mother shot by 2-year child

Unless she has a twin sister, her genes are history.

Her genes are in the kid that shot her, unless the kid gets the death penalty.

No, that's not how it works. Her genes would only be in the kid if the kid was a clone.

Oh, good lord. Fine. Then by your pointlessly pedantic semantic lawyering, no mammal has ever passed on their genes, and every individual's genes are culled from the gene pool.

You can't split hairs by trying to disingenuously pretend the "passing on genes" synecdoche is understood differently than it is. People understand that children aren't clones, and they still call it passing on their genes.

Re: What IP address ranges are in the US?

[sound+vision]

You don't think there's still the old-school hacker way to break into systems, by hacking, not buying backdoors from corporations? I'd wager that a team of no more than 5 or 10 top-notch hackers could pull off a Stuxnet- or Sony-style attack. And it may only take the cost-equivalent of 50 soldiers-with-tanks-and-support-column to do it. Normal soldiers are actually really expensive when you think of all the supplies and equipment they need in addition to just the pay and benefits. To house and feed a literal army of men for years at a time probably costs much more than putting up a roomful of hackers. Have you ever heard of the term "asymmetric warfare"? Many countries are missing entire branches of military like navy and air force and their associated expenditures. Think of the R&D funding for that alone going to hackers - you could have a hacker army. All you need is the right recruiting program, which is probably easier to put together than the US military budget. I predict we will see many more high-profile breaches before people start taking security more seriously.