Hacker News new | past | comments | ask | show | jobs | submit login
NSA’s Internet taps can find systems to hack, track VPNs and Word docs (arstechnica.com)
66 points by shawndumas on Aug 1, 2013 | hide | past | favorite | 6 comments



Who wants to bet they can snapshot an instance on AWS and then boot it up on their own cloud?


Who wants to bet they wouldn't have to?


I'll take that bet.


I would too, being able to tap a stream of traffic and being able to pick an instance and boot it?

I think they are way out of bounds but they are not god. 


   "Show me all the VPN startups in country X, and give me
    the data so I can decrypt and discover users."
Can someone explain this bit to me please? I read this as:

  1) The NSA have a list of companies (grouped by country),
     which analysts can 'target' for further inspection.
  2) The NSA can 'decrypt' that encrypted data.
  3) The NSA can 'discover' users.
2) and 3) are weird and scary. This suggests that VPN traffic is not secure at all. It also suggests that they can target specific users exiting at that VPN provider. There is nothing stated about restrictions on particular VPN protocols, suggesting that all are decryptable. Hence, OpenVPN could be also as vulnerable as PPTP and L2TP/IPSEC.

To me this suggests that VPN's provide no privacy value against NSA spying.

How have other people interpreted this slide?


By VPN startups, they mean initiation of a VPN session. Specifically, this means they can grab the credentials at the beginning of a PPTP VPN session, and then decrypt it. PPTP has been known to be vulnerable to this sort of attack for some time.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: