Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

[BleepingComputer] VORACLE Attack Can Recover HTTP Data From VPN Connections

Industry news items concerning VPNs, darknets, crypto, surveillance and secure computing.
User avatar

Topic Author
parityboy
Site Admin
Posts: 1232
Joined: Wed Feb 05, 2014 3:47 am

[BleepingComputer] VORACLE Attack Can Recover HTTP Data From VPN Connections

Post by parityboy » Tue Aug 21, 2018 9:58 pm

VORACLE = CRIME for VPNs

VORACLE is not a new attack per-se, but a variation and mix of older cryptographic attacks such as CRIME, TIME, and BREACH.

In those previous attacks, researchers discovered that they could recover data from TLS-encrypted connections if the data was compressed before it was encrypted.

Fixes for those attacks were deployed in 2012 and 2013, respectively, and HTTPS connections have been safe ever since.

But Nafeez discovered that the theoretical points of those attacks were still valid when it came to some type of VPN traffic.

Nafeez says that VPN services/clients that compress HTTP web traffic before encrypting it as part of the VPN connection are still vulnerable to those older attacks.
Source

...and that, ladies and gents, is why HTTPS is so important. :)

User avatar

Fermi
Site Admin
Posts: 210
Joined: Tue Jun 17, 2014 11:42 am

Re: [BleepingComputer] VORACLE Attack Can Recover HTTP Data From VPN Connections

Post by Fermi » Tue Aug 21, 2018 11:22 pm

We did study this attack and will take appropriate actions to disable pre-encryption compression.
Twitter and this forum will keep you up to date on the changes we are planning.

/Fermi


User avatar

df
Site Admin
Posts: 380
Joined: Thu Jan 01, 1970 5:00 am

Re: [BleepingComputer] VORACLE Attack Can Recover HTTP Data From VPN Connections

Post by df » Thu Jan 03, 2019 9:03 pm

@parityboy
No, it's always been enabled, at least until Oct of last year

User avatar

Topic Author
parityboy
Site Admin
Posts: 1232
Joined: Wed Feb 05, 2014 3:47 am

Re: [BleepingComputer] VORACLE Attack Can Recover HTTP Data From VPN Connections

Post by parityboy » Mon Jan 14, 2019 3:24 pm

@df

Really? All of the security-related posts here on the form have all pointed to compression being disabled (at least according to PJ and the earlier configs).

Post Reply