Jump to content
Not connected, Your IP: 52.15.223.239
Sign in to follow this  
macang

Eddie's start-up and login vulnerable?

Recommended Posts

It seems that Eddie's start-up process (the "phoning home") part could get disrupted rather easily.

Although I haven't studied the code, it seems that Eddie (as of 2.13.6) contacts a remote server to update system information, as shown in the following start-up log. Of course, it does so when the user authenticates. However, when the connection to the server is severed by a hostile party in the middle (for example by the nation-state), Eddie will timeout at this and many things break. You're essentially prevented from connecting to any server, because you're not logged in.

 

Is there anything we can do to prevent this?

I 2017.10.24 18:54:05 - Eddie version: 2.13.6 / macos_x64, System: MacOS, Name: 10.13, Version: Darwin --- 17.0.0 Darwin Kernel Version 17.0.0: Thu Aug 24 21:48:19 PDT 2017; root:xnu-4570.1.46~2/RELEASE_X86_64 x86_64, Mono/.Net Framework: v4.0.30319
. 2017.10.24 18:54:05 - Reading options from /Users/---/.airvpn/AirVPN.xml
. 2017.10.24 18:54:06 - Command line arguments (0):
I 2017.10.24 18:54:07 - OpenVPN Driver - Expected
I 2017.10.24 18:54:07 - OpenVPN - Version: 2.4.3 - OpenSSL 1.0.2l  25 May 2017, LZO 2.10 (/Applications/Eddie.app/Contents/MacOS/openvpn)
I 2017.10.24 18:54:07 - SSH - Version: OpenSSH_7.5p1, LibreSSL 2.5.4 (/usr/bin/ssh)
I 2017.10.24 18:54:07 - SSL - Version: stunnel 5.40 (/Applications/Eddie.app/Contents/MacOS/stunnel)
I 2017.10.24 18:54:08 - curl - Version: 7.54.0 (/usr/bin/curl)
I 2017.10.24 18:54:08 - Certification Authorities: /Applications/Eddie.app/Contents/MacOS/cacert.pem
. 2017.10.24 18:54:08 - Updating systems & servers data ...
! 2017.10.24 18:54:08 - Ready
. 2017.10.24 18:54:10 - Systems & servers data update completed

Share this post


Link to post

It seems that Eddie's start-up process (the "phoning home") part could get disrupted rather easily.

 

Although I haven't studied the code, it seems that Eddie (as of 2.13.6) contacts a remote server to update system information, as shown in the following start-up log. Of course, it does so when the user authenticates. However, when the connection to the server is severed by a hostile party in the middle (for example by the nation-state), Eddie will timeout at this and many things break. You're essentially prevented from connecting to any server, because you're not logged in.

 

That's totally correct (except for the fact that the remote servers are four in different countries). Eddie developers are aware of it and the next version of Eddie will address this weakness.

 

The problem is not in updating the information (Eddie can very well use the old ones on the HDD when it can't download new ones) but to log the account in the service the first time, download servers information the first time and so on.

 

EDIT: remember that you can configure Eddie to connect over Tor or some SOCKS or HTTP proxy. This could be useful to download info the first time you run Eddie in those networks where the "bootstrap" Eddie servers are blocked but Tor or some third-party proxy is not.

 

Kind regards

Share this post


Link to post

Hello staff member,

 

Thank you for the information and the reassurance that you are working on this. I look forward to the updates!

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...