90% of All SSL VPNs Use Insecure Or Outdated Encryption

An anonymous reader writes: 90% of all SSL-based VPNs use insecure or outdated encryption. According to research conducted by information security firm High-Tech Bridge, almost three-quarters of all SSL VPNs use the outdated SSLv3 and SSLv2. In addition, another three-quarters use untrusted certificates exposing users to MitM attacks. 74% use SHA-1 to sign certificates, while 5% of all SSL VPNs still use MD5. All of a sudden, VPNs don't look that secure anymore.

Pot calls kettle black

Says the site that doesn't have SSL support.

Re:Pot calls kettle black

[Opportunist]

RTFA, it's useless anyway 'cause everyone uses outdated ciphers.

Re:Pot calls kettle black

That's as stupid as saying just because people can pick locks that locks are useless. SSL (even with outdated shitty ciphers) is still better than nothing as it prevents all hosts of casual attacks.

Re:Pot calls kettle black

[AchilleTalon]

I don't see your point here. This site, I suppose you are talking about news.softpedia.com here, is an informational site only. There is no need to encrypt communication between your browser and this site. You do not exchange credentials and/or password and/or any confidential information. In case you haven't notice. SSL/TLS and encryption are useful only to prevent someone to eavesdropping the conversation and to authentify one or both parties. I don't see any usage for this here.

SSL doesn't prevent hosts from casual attacks. You can use SSL/TLS all the way and still have all your hosts vulnerable to casual attacks.

Re:Pot calls kettle black

[skegg]

>> SSL/TLS and encryption are useful only to prevent someone to eavesdropping the conversation and to authentify one or both parties

Another benefit of SSL-done-right:
preventing a third-party from injecting additional content -- e.g. a dangerous payload -- into the stream.

It may not even be a malicious payload. Perhaps just commercial

Re:Pot calls kettle black

[dcollins117]

...There is no need to encrypt communication between your browser and this site... In case you haven't notice. SSL/TLS and encryption are useful only to prevent someone to eavesdropping the conversation and to authentify one or both parties.

Those sound to me like very good reasons for using encryption regardless of whether it is "needed" or not. If i always use encryption, then I don't have to think about when to switch it on and off. It's always on.

I don't think anyone thinks it will prevent a targeted attack, but it does keep my ISP from sending me emails regarding all the Scooby Doo parady porn someone keeps downloading using my account.

Re:Pot calls kettle black

If i always use encryption, then I don't have to think about when to switch it on and off.

You don't have to think about switching encryption on and off... The triggers are built into the software "web browser" that you already use.

Re:Pot calls kettle black

There is one advantage in running TLS (HTTPS) for an information site like Slashdot, it makes it vastly harder for an ISP to inject ad content onto the page.

Re:Pot calls kettle black

[Bengie]

SSL with outdated ciphers can leak your private keys. Sometimes something is worse than nothing.

Is there a rankings site?

[AbRASiON]

or a guide which defines what the best ones are? Many Australians will want to know in the coming 12 months.

Re: Is there a rankings site?

[man+bash]

The Qualys SSL labs site is pretty useful: https://www.ssllabs.com/

Literally any VPN is better than no VPN

Even a bad VPN is like WEP encryption on your wireless: It stops people from just reading your traffic without effort, prevents businesses from manipulating your traffic as it passes through their networks, and makes any attempt to do either a crime.

Re:Literally any VPN is better than no VPN

Exactly. You will not defeat state supported snooping but will be ahead of everything else.

Re:Literally any VPN is better than no VPN

[TWX]

WEP does not prevent people from reading traffic. WEP is broken to the point that it can be decrypted with a userland program that merely has to be run. It's harder to actually capture network traffic than it is to break WEP.

Otherwise I would agree, provisionally, with your statement. Making the traffic hard to view is normally good enough for the vast majority of cases, it doesn't hve to be impossible to view. The problem though, like the aforementioned WEP example, is when the tools to break that weak encryption become automated user processes that don't even need technical expertise. It's one thing if someone has to fire-up a bunch of cloud-hosted virtual machines or has to build a significant box full of GPUs to break a password after several weeks or months of effort, but if their tablet or smartphone can run software that exploits a fundamental flaw in the encryption itself such then clearly weak encryption is not useful.

Re:Literally any VPN is better than no VPN

I use a VPN service, and even if it were relatively breakable, it forces an attacker to be actively attacking the connection. Passive sifting is blocked, which is what I aim for. I use a VPN service for several reasons:

1: So the local link doesn't have access to all traffic. Some ISPs used to stick identifying headers into every web page request via active MITM. With a VPN, this is blocked.

2: Crap like Phorm is blocked, so in-flight ads and possibly malvertising is stopped cold.

3: Passive filtering for headers is nullified.

4: Block geolocaters. They can use timing attacks to guess, but it does help obfuscate things.

It may not stop a determined snoop, but like a decent lock, it keeps the amateurs at bay.

Re:Literally any VPN is better than no VPN

[Aighearach]

This is exactly the reason I use a VPN at work for "everything" not customer-facing. I don't really care if a sophisticated attacker could get in; I have backups and would never pay anybody for that data. I'm more worried about casual access, and confidential business data ending up in web caches or other databases.

Doesn't mean I leave things less secure than practicable, it just means that I don't get snooty about having it locked down well. The important thing is having it locked down at all!

Heck, my car isn't entirely locked down either; a professional could break in a few seconds. If my car got stolen it would cause me more grief than if my webservers got p0wned; I can't just re-install my car the same day.

Re:Literally any VPN is better than no VPN

Buddy, read the full sentence. WEP does stop people from just reading your traffic without effort. I'm not going to go into what it takes to crack WEP or an MD5 VPN, but neither is as easy as just capturing unencrypted traffic and running it through Wireshark. And that's my point: Even causing an attacker to take that little extra effort, which as a side effect makes reading or manipulating your traffic a crime, is better than no protection at all.

Re:Literally any VPN is better than no VPN

[vux984]

There are 2 parts to this; and I'm not sure which applies, or perhaps both:

  If 90% number applies only to VPN Proxy services for the purposes you mention; to simply give you 1 hop bridge past whatever nonsense your ISP is doing and to cheese off advertisers and region restricting geolocates and so forth that's one thing.

But

If if the 90% number also includes actual SSL VPNs protecting remote access to private networks, (or perhaps SSL VPN remote access to YOUR network), that's pretty horrifying.

Re:Literally any VPN is better than no VPN

[TWX]

My point is that the effort to read WEP traffic is almost nil. The effort to capture packets and interpret them is greater.

Or to put it another way, if they're coming equipped to capture your traffic, WEP is absolutely no barrier whatsoever.

Re:Literally any VPN is better than no VPN

[Bengie]

His point was you can't even get out of bed without effort. The barrier to entry to crack WEP is with the same difficulty of installing Chrome and even less difficulty than installing Wireshark. That's their point. I have not even tried to research this topic other than "it's easy" according to researchers.

Re:Literally any VPN is better than no VPN

[thegarbz]

The anonymous GP has a point none the less. You can capture and break WEP, but you can't read the traffic "inadvertently". Now you have intent on your side of the law.

Re:Literally any VPN is better than no VPN

If your intent is to prevent an attacker from reading your traffic specifically, then WEP is shit, and with better options available at no extra cost, nobody should still use WEP. But it's a shitty lock, not no lock. The state of the art in breaking WEP still requires tens of thousands of captured packets for a 50% chance of cracking the key and almost a hundred thousand packets for a 95% chance. You don't get that kind of traffic without active injection attacks or waiting a long time. If you had ever tried to do this, you would know that it is too easy to stop a curious person, but not quite as easy as you think. It is not point-and-click easy yet. At the very least you have to find that the attack exists, which of the many attacks is the quick one, where to get a "script-kiddie friendly" implementation, get it to work with your hardware, etc. Go download a Kali ISO, setup a router with WEP and crack your own password. Stop guessing, start knowing.

Untrusted certs

[rtkluttz]

I'm not sure he is talking about what I think he is talking about with untrusted certs. Self signed certs are MORE secure as long as the party at both ends understands the process. You simply cannot have a true secret when there is a 3rd party. Certificate authorities are only there to make the process acceptably easy for those who don't know what is going on.

Re:Untrusted certs

This story is shite. The article gives only summary statistics with no data to back it up as far I can tell. Just an advert.

Re: Untrusted certs

[JourneymanMereel]

I'm pretty sure that my SSL VPN would not be included in this survey as we don't publish it and only give the URL to those that need it... But if it were, it would be in this insecure category because of an untrusted certificate. Except it's not. The certificate is signed using our internal CA which is trusted on all company computers. We don't want people connecting using their personal computers so I'm not at all concerned with putting a globally trusted cert on it. Other than that, it is secure. We don't use SHA1, we do use TLS rather than SSL, and we use FS. So while they would call it a fail, I would not.

Re:Untrusted certs

except you don't send your private key to the CA, a cert signing request is a copy of your PUBLIC key, and they just sign it to give it a trusted chain.

Re:Untrusted certs

[xxxJonBoyxxx]

>> I'm not sure he is talking about what I think he is talking about with untrusted certs

I had that impression too. When I've used VPNs with certs, it's been in situations where mutual authentication of specific certificates was used - no CAs necessary. Anyone who's used client keys with SSH or even just PGP would be familiar with the situation.

Re:Untrusted certs

[Aighearach]

Never click the story. This is slashdot.

Instead, research the subject independently and come back here to discuss things more interesting than whatever vapid shit the story went on and on about.

Re:Untrusted certs

[khasim]

I'm pretty sure that the journalist who wrote this did not understand the material. From TFA:

High-Tech Bridge experts say that most of these untrusted certificates are because many SSL VPNs come with default pre-installed certificates that are rarely updated.

The rarely updated part can be bad. Particularly if we're talking about SSL2 and so on.

But unless the vendor is using the same certificate on all the boxes they sell, I'm not seeing a big problem.

Re:Untrusted certs

[vidarlo]

I'm not sure he is talking about what I think he is talking about with untrusted certs. Self signed certs are MORE secure as long as the party at both ends understands the process. You simply cannot have a true secret when there is a 3rd party. Certificate authorities are only there to make the process acceptably easy for those who don't know what is going on.

You don't give your certificate to a third party by getting a signed certificate. You generate a signing request, which contains a check sum of your certificate and the details of the certificate. Then your upstream CA signs this signing request.

The private part of the certificate never leaves your computer. Clearly you do not have the faintest idea how the SSL protocol works

Re:Untrusted certs

But it is not a secret that you have a private key that matches said public key. And in many cases, it is a wide-open announcement to get your key signed as more and more CAs publish a digest of all their key-signing activities.

Re:Untrusted certs

[Fnord666]

Self signed certs are MORE secure as long as the party at both ends understands the process.

I'm not sure how that can be since all root certs are simply self signed certs. There's just the ones that someone else has told us to trust such as the ones that come by default in your browser, and the ones that you deliberately choose to trust. There's also nothing that says you can't delete any "trusted" certs that you choose not to trust.

Re:Untrusted certs

Ummm... NO cert, whether signed by the root CA's, or self signed... is 'more' secure, or secure against mitm... UNLESS you pin it down in your app using the strong cryptographic fingerprint of the cert itself... ie: sha1 (common, md5 legacy, sha256 new).

If your apps do not support certificate pinning by fingerprint... DEMAND to the makers of your app that they do support that function.

If this is gibberish to you, websearch it until it makes sense.

isn't this by design?

[known_coward_69]

I mean how else are no name companies supposed to sell you bandwidth for $5 or $10 a month unless they are mining your data?

Re:isn't this by design?

Bandwidth is cheaper than you think, especially in central locations.

Re:isn't this by design?

[sims+2]

You mean like how verizon wireless charges up to $15/GB and embeds a tracking cookie in your web traffic by default?

Re:isn't this by design?

[known_coward_69]

yeah, but hardware costs money along with paying people to run the business. 10,000 customers may give you $100,000 of revenue a month at most but there will be a lot of bills to pay

Re:isn't this by design?

[known_coward_69]

a lot of those towers cost a lot of money to operate, even when not in use. rent, power, etc. lots of expenses not related to bandwidth. so you are paying for a lot of infrastructure that may be used maybe 40 hours a week at most

Re:isn't this by design?

[sims+2]

Just to be clear are you saying VZW is injecting tracking information in my traffic to save me money?

Re:isn't this by design?

a lot of those towers cost a lot of money to operate, even when not in use.

Well boo fucking hoo, they went into the cellular business, that's one of the costs of being there. I pay Verizon $80 a month, and there are many millions of people doing the same, I think they can afford the towers.

Re: isn't this by design?

[guruevi]

Most of those expenses have been offloaded to the localities. It would be a LOT more expensive to have a cell phone if they all had to pay their fair share in physical space, taxes, spectrum and energy but most of that is subsidized. The real savings would come if they were actually forced to share the stuff the government gave them through your tax money.

Most machines running VPNs

[ls671]

Most machines running VPNs haven't updated their SSL libraries could be more precise. Maybe some VPNs bundle their own SSL libraries within their product but in that case, it would make more sense if they used the system wide libraries.

Example, you don't need to update OpenVPN, only the SSL libraries:

https://community.openvpn.net/...

Re:Most machines running VPNs

[Burz]

Problem is, their test site doesn't seem to recognize openvpn... claims these sites don't use openvpn.

It may also be possible that -- since the PIA domains I gave it likely support protocols other than openvpn -- their tool saw something else on another port and stopped concluded "SSL/TLS not supported".

So far, it seems like a junk study to me which is too bad.... I would have liked some accurate feedback about VPN services I'm interested in (including the service that /. is pushing).

Re:Most machines running VPNs

[Burz]

Correction: "... claims these sites don't support TLS." Sorry.

Re:Most machines running VPNs

Well... Personally, my openvpn actually doesn't support TLS...

I figured it was because it links to openssl 1.0.0, as unlikely as it seemed.. but I see that there are now some more comprehensive guides I'll have to try out, like this one:
https://www.linode.com/docs/networking/vpn/set-up-a-hardened-openvpn-server

Another note is that there is a special flag required on your CA cert that is impossible for us mere mortals to get.. I don't think you can use a regular wildcard cert to sign your OpenSSL with so it basically has to be a self signed cert. However... I suspect that this is really only true when you are using client certificate verification. I am not..

TL;DR - this shit is fairly complicated for a noob like me to understand.

Re:Most machines running VPNs

[ls671]

You just create your own CA cert and you use it to sign the other certs. So you are your own CA. Very accessible to mere mortals... ;-)

As always, you need to put your CA cert and the signing machine in a safe, without internet connection. I am only half kidding here. The CA cert is not required to run openvpn, only to sign certs.

https://openvpn.net/index.php/...

Re:Most machines running VPNs

I opted for the login method because I didn't like being prompted that I might be monitored every time i booted up my phone.. but I did try using my wildcard cert and that didn't work. Basically I do need to make my own CA and cert, no way around it, but at least I don't have to add it to the system's trusted certs and thus triggering the warnings!

Surely not the ones for sale below?

To which I am now a "life member" ?

Re:Surely not the ones for sale below?

[stephenmac7]

I did buy one of those, because I don't have the money to pay for a nice VPN, but also know that any VPN is better than no VPN (as mentioned above).

Re:Surely not the ones for sale below?

[Traksius+Egas]

because I don't have the money to pay for a nice VPN

Not sure how much money you have but I highly recommend CryptoStorm. Very inexpensive, plenty of payment options, and they even have a free, limited to 128kbps, option you can use if you can't afford the higher. Read about their unique token-based authentication that separates the user account/payment information from the company.

Snake oil runs security business

So what exactly is so wrong with SHA-1? It is still more secure link of chain than any of those vendors who sell the certificates to anyone with a functional credit card number and a fax machine. This all is just a smoke screen around the fact that technology is stronger than the business around it.

Re:Snake oil runs security business

[Bengie]

SHA1 is no longer considered secure is should be immediately moved off of. It's not MD5 bad, but there have been proofs of concepts and theoretical attacks that are claiming to be able to break any key for a $250k of cloud compute time.

Uh, just what are they talking about??

[Burz]

I'm typing VPN domains into their testing tool and its telling me "This site doesn't support SSL/TLS".

Last time I checked, most VPNs based on openvpn use TLS, like the ones I tried. My VPN config for privateinternetaccess.com requires "tls-client" directive and it uses a certificate to validate the server.

So I don't know what this article is talking about. If openvpn (which uses TLS) is too 'different' a protocol for their tools to examine, then there is something very wrong with the study its based on.

Re:Uh, just what are they talking about??

Don't type your VPNs into their tool. It's a sting that's been set up to discover lesser-known VPNs.

Funny note: Captcha word: Demolish.

Sign of disqualification by laziness

Can we make intenet competely inaccessible for non-updated secure access? :O

90% of VPN users don't really want security

They just want an end-point IP address in the USA so that they can get the good Netflix content that Netflix can't licence outside of the USA.

They were never secure to States

Your VPN was always crackable, the encryption is there to prevent some dbag network admin from sniffing you, which these "outdated" encryption schemes still do.

There is no secure SSL

SSLv1 SSLv2 and SSLv3 all have known issues, the correct term is TLS!

Re: There is no secure SSL

Damn, I'm used to saying "need ssl certs set up". Need to change that phrase now otherwise I might get a protocol that's only 99.9999% secure instead of 99.99995% secure

Dumb; VPN providers != security from government

The best a VPN can provider do is protect your privacy from a local admin, ISP, and the general internet / troll. It can't protect your connection once it leaves the VPN either. For all intensive purposes for the use case of most people even weak or no encryption is probably adequate depending on who your trying to protect against / what your motivation is. The reality is a lot of users are merely trying to get around geo-blocking and/or protect themselves from trolls. No encryption is needed for either use case.

Re:Dumb; VPN providers != security from government

Hard to read you as an authority on the matter when "for all intents and purposes" is glaringly wrong ...

Six quarter?

[thsths]

So 3/4 are insecure one way, "another" 3/4 are insecure another way.

And the remaining -50% are fine?

Re:Six quarter?

[Lunix+Nutcase]

Both groups do not have to be mutually exclusive. Never seen Venn Diagrams before where two groups have overlaps between each other?

Re:Six quarter?

[Desler]

Yes, it's called a union of two sets.

90% VPN users don't give a shit

Hello netflix, hello Facebook...ok, life's good... click

Security services

[AHuxley]

VPNs not mentioned once in UK’s terrifying new internet powers draft bill (4 Nov 2015)
https://thestack.com/security/...
".. force UK ISPs to keep an Internet Connection Record (now jargonised into ‘ICR’) for the previous 12 months for all of its customers, and also for the fact that it begins to deliver on prime minister David Cameron’s frequently-aired misgivings about zero-knowledge consumer-level encryption ... "

Why the disinterest in VPN's when all other network encryption will be under total gov and mil scrutiny until weakened, designed with a gov backdoor, trapdoored or keys are handed over?

Would be nice

if they would mention the a few of the secure and insecure ones by name. Kind of useless scarmongering otherwise.