Jump to content
Not connected, Your IP: 3.15.239.145
AirVPN
Sign in to follow this  
Followers 0
Samad

In light of the NSA leaks, is AirVPN Secure?

By Samad, ... in General & Suggestions

Recommended Posts

Samad    2

Samad
Posted ...

The leaks in this Guardian article are troubling, specifically the following line:

 

The document reveals that the agency has capabilities against widely used online protocols, such as HTTPS, voice-over-IP and Secure Sockets Layer (SSL), used to protect online shopping and banking.

 

Is the default configuration of the AirVPN client still secure? Are there changes that we should make to how the client functions to ensure our privacy online?

 

Thanks for any and all responses.

Share this post

Link to post

zeep    3

zeep
Posted ...

Also relative to Samad's post and from the same article at the Guardian:

 

"Documents show that Edgehill's initial aim was to decode the encrypted traffic certified by three major (unnamed) internet companies and 30 types of Virtual Private Network (VPN) – used by businesses to provide secure remote access to their systems. By 2015, GCHQ hoped to have cracked the codes used by 15 major internet companies, and 300 VPNs."

 

300 VPN's. My, they are ambitious, aren't they?

 

How would/could they accomplish this?

 

The article is suggesting that GCHQ would "crack" the codes, not coerce the Internet comapnies to get the information as the NSA does through the Patriot Act.

Share this post

Link to post

Staff    9972

Staff
Posted ...

Hello,

 

currently there are more than 300 VPN services out there that actually offer a low security service. Just think of PPTP with MS-CHAP v1 or MS-CHAP v2 or MPPE authentication: cracking it is relatively easy and does not even require NSA capabilities. 

 

Then think about VPN services that run OpenVPN configured in Static Key Authentication mode. Obtaining the static keys in any way (sometimes it might be enough to just ask...) would give immediate capability to decrypt all past (if captured), present and future data streams. So the alleged purpose does not seem unrealistic at all.

 

Kind regards

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...