Anybody here talking about: "A Glance through the VPN Looking Glass"

A new study published that discusses issues with most of the leading consumer VPNs, including possible issues with PIA. Among them the potential for IPV6 leaking and DNS hijacking.

http://www.eecs.qmul.ac.uk/~hamed/papers/PETS2015VPN.pdf

Comments

  • Posts: 171
    The article[1] that was virally spread across the internet, and as well, published quite globally by The Register[2] was an interesting look into VPN technologies, and more specifically, consumer VPN services like Private Internet Access.  While the article purported to be an unbiased and intricate look into the security offered by consumer VPN services, it was greatly flawed since the inputs or observations made by the researchers were inaccurate.  While a scientific theory or scientific test can be proven by a logical formula or algorithm, if the observed or collected data is incorrect, the conclusion will be in error as well.

    To begin, there were a number of claims which were made, but we'd like to address some of the more unreasonable of those amongst them.  The truth about the world which we believe in, an uncensored world, is that often times data will be published without being checked for accuracy.  Journalists in this world are amazing at reporting news.  They are the best at digesting and reporting news in laymen's terms.  However, they may not necessarily be subject matter experts which is what led to this inaccurate reporting today.  Luckily, the internet allows us, for the first time in history after newspapers had such a strong grip on information, to refute and respond to unworthy claims and set the record straight so that we can have accurate, fair, unbiased information to let the good people of earth come to their own conclusions based on fact, not hearsay.

    nulla. The authors heroically state, "They have been applied
    to a wide range of use cases, with commercial providers often
    making bold claims regarding their ability to fulfil each
    of these needs,"[1]

    Lest this be known herein; we are responding to the paper because it is inaccurate.  We would like to clear misconceptions that were erroneously put into play by this paper.


    I. The authors state,

    "It is important to note that, worryingly, the insecurity of
    PPTP (with MS-CHAPv2), as well as IPv6 and DNS leakage
    in VPNs are not new to the community [17–20]. Despite this,
    our study reveals that many commercial VPN services still fail
    to properly secure user traffic."[1]

    While this claim is quite secure, we would like to refute this claim.  This response, in addition to all of our responses, is specific to the service we operate, Private Internet Access.  However, this may be the case for other consumer VPN services as well, but we cannot state this clearly since we did not test their services.  That being said, we believe in our fellow industry comrades, as we are all in this together to make this world a better place.

    To begin, we never claimed or thought that PPTP/L2TP was secure.  Further, we actually increase the difficulty significantly in terms of connecting to our network using said protocols.  To do this, we direct all eyes and click paths to download our software applications.  Users who opt to connect using these insecure protocols are given strong warnings that these are not the recommended setups.  Further, in order to connect, our users have to login to our panel and randomly generate a username and password to connect to our PPTP/L2TP/SOCKS gateways.  We do this because we know that a passive attacker could crack their password.

    We give our users the freedom of choice.  Additionally, not all of our beloved clients are the same.  Some may not care as to have their password cracked since they are just streaming or connecting to SSL enabled websites.  Threat models and adversaries differ amongst VPN users worldwide.


    II. Additionally, the authors nearly open with (as per their title as well),

    "Despite being a known issue, our
    experimental study reveals that the majority of VPN services
    suffer from IPv6 traffic leakage"

    We released IPv6 Leak Protection on or about October 2013.  We were the first to do so.


    III. On page 79, in Table 1., the author claims we are using a "Choopa Geo DNS."[1]

    We actually utilize our own, fully controlled, DNS resolver and aren't using Choopa Geo DNS nor have we ever heard of Choopa Geo DNS for that matter.  However, a quick Google lookup enabled us to find the website describing the product[1].  It appears that this is a service not necessarily meant for end users, but instead, for website operators looking to have their domain names resolved with the least amount of latency.

    Contrary to the report, we have our own private DNS daemon running on the Choopa network.  Additionally, the DNS server that is reported, while it is a real DNS resolver, is not the actual DNS that your system will use when connected to the VPN. Your DNS requests are handled by a local DNS resolver running on the VPN gateway you are connected to.  This can be easily verified through a site like ipleak.net.  Additionally, to comment in reference to section I, we do not allow our DNS servers to report IPv6 (AAAA records) results.  We're very serious about security and privacy.


    IV. On page 84, the author states, "To date, in the context of VPNs, DNS leakage has mostly
    been related to Windows systems."[1]

    Our client offers DNS leak protection for OS's that are susceptible to said issue.  


    V. On page 79, in Table 1., the author claims that Private Internet Access has 18 servers[1].  In addition, the author states that "All the experiments were carried out during the
    period September – December, 2014." on page 78[1].

    While less about security and more about data accuracy, this is an erroneous claim.  Our network page[2] includes a graph showing the approximate number of bare metal servers that we had at certain periods of time.  We had, on orders of several magnitudes over, more servers than the incorrectly reported 18.


    VI. The DNS Hijacking that the author describes in Section 5.1 on page 84 is something that has recently been brought to light by these researchers and we commend them on their discovery.  Proper reporting routines would have been great, however.  Shamefully, this is improper security disclosure.

    Private Internet Access has been running a Whitehat Alert Security Program (WASP) for quite some time in order to ensure the highest level of security for our beloved clients.

    Our Windows client should be safe since DHCP is disabled when using DNS leak protection.  As for our Mac client, while we have not observed any DNS hijacking in our independent tests, we are currently continuing to investigate.

    Sincerely,
    PIA


    [1] "A Glance through the VPN Looking Glass: IPv6 Leakage and DNS Hijacking in Commercial VPN clients". Perta et al., 75. Proceedings on Privacy Enhancing Technologies 2015 (http://www.eecs.qmul.ac.uk/~hamed/papers/PETS2015VPN.pdf)

  • Well, I guess that settles it, unless anyone else would like to chime in with a reasoned response?

    Thanks PIA.
  • Posts: 5
    I got the sense from the report, and from this rebuttal that all of this hubbub primarily applies to openvpn clients. I use ipsec/l2tp built into the OS of the system I'm using (android, mac, linux, ...).

    So this rebuttal says "Our client offers DNS leak protection for OS's that are susceptible to said issue." And I don't use PIA's custom client. So am I more vulnerable -- or did these vulnerabilities in this report not apply to me in the first place?
  • Posts: 3

    This has got me concerned now.

    What about if your running the OpenVPN client v2.2.2 OR higher, (not the PIA Windows client), are you vulnerable ?

    There seems to be no mention of this in the 'Support' comment above, it specifically talks about 'our client' or 'Our Windows client'.

    I'm presently running the 64bit OpenVPN client v2.3.7.0, following the advice here: https://support.privateinternetaccess.com/Knowledgebase/Article/View/62/23/can-i-use-openvpn-23x-with-private-internet-access which mentions 'Private Internet Access is compatible with OpenVPN 2.2.x and 2.3.x.'

    So if I have followed the instructions listed here: https://www.privateinternetaccess.com/pages/client-support/windows-openvpn)  am I vulnerable ?

  • Posts: 4,013
    The very short version of what Irryie just said is that PIA is secure, and is not responsible for keeping you from making yourself insecure. :)
  • Posts: 5
    @omninegro Irryie's posts are so repetitious, yet lacking in specifics,  that I am would not be surprised if s/he turned out to be a bot.

    At any rate, Irryie said multiple times that l2tp is insecure, and yet I haven't found any hard evidence of that on my own. Maybe s/he is confused with pptp, which has been proven to be vulnerable. (?)

    I am still looking for a clarification from a reliable source comparing the security of openvpn and ipsec/l2tp, and also a clarification about which one(s) the security report was referring to.

  • Posts: 1,103
    l2tp/ipsec has long been speculated to be penetrated by the NSA, although this has never been proven.

    https://en.wikipedia.org/wiki/IPsec#Alleged_NSA_interference
  • Posts: 5
    The alleged vulnerability is with the Diffie Helman key exchange. DH is used in ipsec,  but it's also used in TLS, which is what openvpn and PIA's custom client is built on.

    So all the vpn clients are equally vulnerable to the nsa penetration for now.

    I still want to know if the protocols are equally vulnerable to the DNS hijacking and IPv6 leakages mentioned in the report.
  • edited July 2015 Posts: 1,103
    The alleged vulnerability is with the Diffie Helman key exchange. DH is used in ipsec,  but it's also used in TLS, which is what openvpn and PIA's custom client is built on.

    So all the vpn clients are equally vulnerable to the nsa penetration for now.

    I still want to know if the protocols are equally vulnerable to the DNS hijacking and IPv6 leakages mentioned in the report.
    OpenVPN utilizes ephemeral (temporary) key exchange, so no, OpenVPN is not susceptible to NSA interception.
    Post edited by catcher749 on
  • edited July 2015 Posts: 3

    lrryie


    This paper has you "concerned"?

    If PIA says the OpenVPN you are using is compatible they have already taken into account its proper operation in the PIA system and would not be telling people its compatible if it did introduce the issues in the paper which are mostly issues PIA never had, does not have, or had already addressed (for example, adding the DNS leak protection feature) a long time ago before this paper was produced. Items which the paper authors did not take into account or misrepresented or were inaccurate about among other things for PIA and for the other VPN services included in the paper.

    so, taking your concern over this paper into account can you please define what has you concerned in terms of PIA and to what you are concerned about being 'vulnerable' to? Asking only if you are 'vulnerable' covers a lot of territory, so being a little more specific would help because the mind reading cloud servers are currently off line.  



    Firstly, I wouldn't be too concerned about your mind reading cloud servers.

    So in reply to your comment 'taking your concern over this paper into account can you please define what has you concerned in terms of PIA and to what you are concerned about being 'vulnerable' to?'

    I already mentioned that I'm running the 64bit OpenVPN client v2.3.7.0 (not the PIA Windows client), and followed PIA instructions on how to set this up to use with their VPN service.

    The 'Support' comment above specifically talks about 'our client' or 'Our Windows client' being secure yet there is no mention on how secure the OpenVPN setup is in regard to the:
    1/ IPv6-leak and
    2/ DNS hijacking vulnerabilities
    listed in the whitepaper http://www.eecs.qmul.ac.uk/~hamed/papers/PETS2015VPN.pdf

    The 'Support' comment above says that 'Our Windows client should be safe since DHCP is disabled when using DNS leak protection.'

    PIA advises the best (and most secure) methods to connect would be using the PIA client/OpenVPN.

    There's no mention from PIA of using their OpenVPN setup, and specifically if it suffers the SAME vulnerabilities.

    As Vitaminx says: So am I more vulnerable -- or did these vulnerabilities in this report not apply to me in the first place?

    Being a subscriber to PIA I hopefully would like an answer from PIA, ESPECIALLY if there are any additional steps I would need to undertake to make sure that as an end-user I don't suffer the vulnerabilities outlined above using the 64bit OpenVPN client v2.3.7.0, or any other compatible OpenVPN client version used with PIA's VPN service.

    Post edited by Robbo on
  • Posts: 4,013
    The alleged vulnerability is with the Diffie Helman key exchange. DH is used in ipsec,  but it's also used in TLS, which is what openvpn and PIA's custom client is built on.

    So all the vpn clients are equally vulnerable to the nsa penetration for now.

    I still want to know if the protocols are equally vulnerable to the DNS hijacking and IPv6 leakages mentioned in the report.
    OpenVPN utilizes ephemeral (temporary) key exchange, so no, OpenVPN is not susceptible to NSA interception.
    Diffie Hellman Key Exchanges basically take the form of each side making up a huge number and one side making up another huge number. The shared huge number is looked at as a relative point for the numbers each side chose for themselves. The idea is that an observer cannot guess what the numbers are for each side, but each side has a number that was shared with all listening as the base for the new shared secret number.

    Even if all else works perfectly this is a fucking stupid concept. This is the *Illusion* of secrecy. Even with an ephemeral key, the entire session can be recorded and then it just takes time to guess the number that was the shared secret.

    If we were going to have true secure sites and services, we would need a huge master key that was never transferred anywhere in any form. You would have your copy of the key, and the few sites you need true security to connect to like your bank would have the other copy. And when you connect to your bank, your banks server chooses a psuedo random number and tells you it. That is the byte to start at in your key. Then cipher and bitrate are negotiated in plain text and finally the connection is ready to go.

    Fuck Diffie-Hellman.
  • edited July 2015 Posts: 3

    Thanks for this detailed explanation lrryie.

    So in a security sense how does this information look to you ?

    ie Using '64bit OpenVPN client v2.3.7.0'

    System Date & Time = 07/03/2015/ - 23:17:44 hrs
    Operating System : Microsoft Windows 8.1 6.3.9600 - Workstation - 64 bit
    System Connection : System indicates a local area network type connection.

    IPv4 Address : 168.1.99.200 (Public IPv4 Address)
    IPv6 Address : None Detected
    Domain Name Server (DNS) : resolver1.privateinternetaccess.com (209.222.18.222)
    Resolving DNS : 168.1.99.200 - 168.1.99.200-static.reverse.softlayer.com
    ISP : SOFTLAYER - SoftLayer Technologies Inc.,US
    Host : 168.1.99.200-static.reverse.softlayer.com
    IP Indicated City/Region/State : City = Melbourne -- Region/State = Victoria
    IP Indicated Country = Australia (AU)

    Network Adapters Info (below):

    Network Adapter 1 Description = Qualcomm Atheros AR9285 Wireless Network Adapter
    Network Adapter 1 Index = 2
    Network Adapter 1 IP Address(s) = 192.168.1.199,fe80::b9ae:d536:6101:35f1
    Network Adapter 1 DHCP Server = 192.168.1.1
    Network Adapter 1 DNS Domain =  Not Available
    Network Adapter 1 DNS Search Order =  0.0.0.0
    Network Adapter 1 MAC Address = 4*:5*:*0:7*:0*:C*C
    Network Adapter 1 Connection ID = Wi-Fi

    Network Adapter 2 Description = TAP-Windows Adapter V9
    Network Adapter 2 Index = 21
    Network Adapter 2 IP Address(s) = 10.114.1.6
    Network Adapter 2 DHCP Server = 10.114.1.5
    Network Adapter 2 DNS Domain =  Not Available
    Network Adapter 2 DNS Search Order =  209.222.18.222, 209.222.18.218
    Network Adapter 2 MAC Address = 00:FF:93:62:1C:3D
    Network Adapter 2 Connection ID = TAP-Windows Adapter v9

    When I visit https://dnsleaktest.com  or https://ipleak.net/ I get 168.1.99.200 as the only IP Address, and the same address for the DNS Address.

    Post edited by Robbo on
  • edited July 2015 Posts: 5
    I owe a big thank you to Robbo for running and suggesting https://dnsleaktest.com and https://ipleak.net/
    These are the tools I need to answer my question myself. And in case
    anyone was wondering, both respond with only my public vpn ip. Which
    means that ipsec/l2tp are fine. (and Robbo's results also indicate that updated openvpn clients are fine too).
    L2TP which is not a PIA recommended method and they even say so in their previous post in this thread

    As I and others have indicated, there is zero hard evidence that ipsec/l2tp has been compromised. The fact that this company doesn't recommend it is not proof of anything.
    PIA system the L2TP protocol its self is insecure because it does not provide encryption and thus introduces a 'vulnerability' not introduced in the PIA system
    I said multiple times that I'm using IPSEC over l2tp. Ipsec does encrypt every packet. That's how the protocols work together. Look it up.
    Post edited by vitaminx on
  • Posts: 4,013
    I owe a big thank you to Robbo for running and suggesting https://dnsleaktest.com and https://ipleak.net/
    These are the tools I need to answer my question myself. And in case
    anyone was wondering, both respond with only my public vpn ip. Which
    means that ipsec/l2tp are fine. (and Robbo's results also indicate that updated openvpn clients are fine too).

    L2TP which is not a PIA recommended method and they even say so in their previous post in this thread

    As I and others have indicated, there is zero hard evidence that ipsec/l2tp has been compromised. The fact that this company doesn't recommend it is not proof of anything.
    PIA system the L2TP protocol its self is insecure because it does not provide encryption and thus introduces a 'vulnerability' not introduced in the PIA system
    I said multiple times that I'm using IPSEC over l2tp. Ipsec does encrypt every packet. That's how the protocols work together. Look it up.


    I strongly doubt Irryie is ignorant of the protocols. He tends to read into the details prior to sticking his nose into a potential beehive.

    But you have to acknowledge that L2TP And / or IPsec has boatloads of routers for sale that default to plainly shitty security. OpenVPN has better support, but it is still a bit more overhead to do harder encryption. (And that is the reason that in most cases IPsec is far from perfect.)
  • I just wonder who's that the NSA, they are directly didn't trust the mens, and hostilely to people as such, so, they & all world's special services as well as scientists & all authorities in fact not part of people! Actually how folks working on them can do that?

    Actually they should share all their's first-class & advanced developments with us, the people! That's what talking about should be!


Sign In or Register to comment.