NSA Surveillance Can Penetrate VPNs

Information Week ^ | 8/1/13 | Thomas Claburn

[Travis McGee]

[Resolute Conservative]

Duh. I have been telling folks that for a while that security is a joke. If you use the cloud you are giving it away for free and they don’t even have to work for it.

[Jim Robinson]

1984 was only 30 years late, but it’s here now under comrade Chairman Obama.

[CarmichaelPatriot]

If NSA can penetrate VPN’s, so can hackers.

[Graewoulf]

Impeachment File on Benghazi Coward “B. Hussein Obama,” formerly known as Barry Soetoro, currently a Legal Citizen of the Sovereign Nation of Indonesia.

[Graewoulf]

Impeachment File on Benghazi Coward “B. Hussein Obama,” formerly known as Barry Soetoro, currently a Legal Citizen of the Sovereign Nation of Indonesia.

[unixfox]

If NSA can penetrate VPN’s, so can hackers.

Remember, the NSA is run by government employees. Mostly, lazy, sorry assed, pathetic boot lickers. Mark my word, they WILL get hacked.

Then we will see who gets the last laugh.

[LibWhacker]

It seems like privacy is an obsolete concept in this country, that’s for sure! The once robust constitutional constraints on government are thread-bare nowadays, not worth the paper they’re written on.

[DuncanWaring]

Ping.

[johniegrad]

It seems like privacy is an obsolete concept in this country, that’s for sure!

Less obsolete than selectively applied. The entire argument for legalizing abortion is based on a right to privacy found nowhere in the Constitution.

[LibWhacker]

To my mind, the Ninth Amendment has always seemed to specifically refer to a right to privacy, first and foremost, but only a right to privacy in one’s personal and business affairs that are otherwise legal, certainly not in the murdering of people. No one can claim that their right to privacy (if it’s ever affirmed) means the government has no business snooping into murders that one may be committing. That was a complete, disgusting, deliberate perversion of its intent (like most things the Left touches). imo

[Political Junkie Too]

The article is calling out PPTP encryption. It doesn't mention L2TP/IPSec... yet.

[Durus]

Penetrating all but the weakest VPNs would require them to crack the VPN standard encryption plus any additional encryption that the client and service share. I call BS.

[MarkL]

One "standard" of VPNs is "triple DES." DES is an encryption scheme developed by IBM, and IIRC, the original implementation was going to be a 64bit encryption scheme. However, the government stepped in and pretty much told IBM they'd never sell another computer to the government if they didn't release it as a 56bit scheme. So it was released as a 56bit encryption scheme.

Triple DES just runs the data through the encryption 3 times, but it wouldn't surprise me in the least bit if the NSA were able to break the encryption relatively easily.

Mark

[Red Steel]

Double DES has been shown to be defeated by a plaintext “Meet-in-the-Middle” attack so triple DES is used for stronger encryption.

And the government went to an Advance Encryption Standard (AES) about a decade or so back. They adopted Rijndael block ciper, which has up to possible 256 bit keys.

[fatima]

I wonder if they can read what you put through Fax machines.

[Red Steel]

Yup. :-)

[fatima]

What the heck.

[CodeToad]

“Penetrating all but the weakest VPNs would require them to crack the VPN standard encryption plus any additional encryption that the client and service share. I call BS.”

They can crack ANY encryption that you have in real-time.