Stalinium 44 Posted ... (edited) Hot off the press! Arstechnica 'VPN servers seized by Ukrainian authorities weren’t encrypted' Quote On June 24th 2021 our monitoring systems alerted us that two servers in Ukraine had gone offline. When engaging with our provider for those servers, we were informed that the two servers had been seized as part of an investigation of activity that occurred 12 months prior. The hosting provider failed to inform us of a preliminary hearing that took place earlier this year, during which a judgement was rendered to seize the two servers in question. Why did they wait almost 2 weeks? The post was published on July 9th. The blog post seems to rather be in full damage control mode than to admit how much of a failure it was that it apparently contained the single VPN certificate shared across all servers. (looks like I got it wrong read first reply) On top of that a technically incorrect explanation of when this acquired certificate can be successfully exploited. I don't wanna rant right now but will expand on my points when asked. I'm also curious whether AirVPN actually keeps all sensitive data in RAM as stated in the Torrentfreak article: Quote The main countermeasures are: exclusive access to IPMI etc. via our own external IP addresses or a specific VPN for the IPMI etc.; reboot inhibition; USB support eliminated from kernel; all data stored in RAM disk, and some other methods we prefer not to disclose. Although I don't see that Windscribe had actually lied about any of their stuff (beyond omissions in current damage control), can we be sure AirVPN actually has all of the above implemented? Though I like how specific the response in the description. Also AMD's Zen CPUs are currently the only ones on the market (in x86 space fore sure) with actual RAM encryption. Having data on RAM disk wouldn't be enough for a prepared attacker due to technical possibility of extracting the data in a cold boot attack. Such an upgrade would not only take a while for the infrastructure and but be costly. Edited ... by Stalinium integrity is important Quote Share this post Link to post
go558a83nk 362 Posted ... AirVPN uses the same CA for their whole network same as Windscribe did and does. Windscribe have updated theirs now due to this incident and now nobody would be in danger from this incident unless they haven't updated their manual configs...and in that case they wouldn't be able to connect to Windscribe's network Individual server certs are different and my understanding is that those are unique to each server for AirVPN and Windscribe. P.S. what did Windscribe omit in the current damage control? Quote Share this post Link to post
Stalinium 44 Posted ... On 7/27/2021 at 8:52 PM, go558a83nk said: Individual server certs are different and my understanding is that those are unique to each server for AirVPN and Windscribe. Oh that's what I was getting at. I have fuzzy memory of how I interpreted the articles: so they had the root aka CA certificate rolled out on all servers and that one ended up being seized too? (your first sentence) still mind boggling then. (oh yeah this appears to be the case) With the "omitting" (probably an inaccurate word here) I meant the two most striking parts: Quote The hosting provider failed to inform us of a preliminary hearing that took place earlier this year, during which a judgement was rendered to seize the two servers in question. I fail to see how this is a hosting provider's liability to inform them of a legal (court-like?) hearing taking place. Unless these wits really did not forward some email (questionable). This must've been the job of a legal contact or representative in the country for Windscribe to handle the matters from the beginning to the end. The only excuse is that the seizure was done purposefully without notification, secretly. Quote Although we have encrypted servers in high sensitivity regions, the servers in question were running a legacy stack and were not encrypted. Let's agree that the servers were indeed "legacy" and all else was on a higher standard. It's not a good sign to have a fragmented infrastructure for a security/privacy-sensitive service that VPNs often advertise themselves as. Quote The Ukrainian authorities have the hypothetical ability to impersonate a Windscribe OpenVPN server only if all 4 of the following conditions are met: The attacker has control over your network and can intercept all communications (privileged position for MITM attack) You are using a legacy DNS resolver (legacy DNS traffic is unencrypted and subject to MITM) The attacker has the ability to manipulate your unencrypted DNS queries (the DNS entries used to pick an IP address of one of our servers) You are NOT using our Windscribe applications (our apps connect via IP and not DNS entries) This is the biggest pile. Sure we're probably not talking about an "intelligence service"-level authority here but: nothing stops an authority to demand traffic redirection within data centers. No need for MITM on "your network" (the wording implies the attacker is close to the user's last mile), no need for DNS trickery, and most importantly their app will NOT help unless they hotpatch it to eliminate the possibility: either exclude the server (belief that authorities don't cooperate internationally, other servers and DCs) or revoke certificates on the spot or introduce a second factor authentication to make server impersonation impossible with the acquired data. Yes this is hugely hypothetical, but since they had all the certificates and software delivered on a silver platter it was not totally impossible. Not that it'd have helped them in that particular case (they, the authorities, were going after a one year-old criminal case). I have good faith they will improve but all of the above still leaves a poor aftertaste. You've gotta think ahead of time. Quote Share this post Link to post