Google 之前發表的 BeyondCorp 採用不同的認證方式，改變企業會假設「內部網路是可信任」的這件事情：「Google 推的 BeyondCorp」，而 Cloudflare 也照著這個概念實作出一套產品，包成服務來賣：「Introducing Cloudflare Access: Like BeyondCorp, But You Don’t Have To Be A Google Employee To Use It」。
Access integrates out of the box with most of the major identity providers like Google, Azure Active Directory and Okta meaning you can quickly connect your existing identity provider to Cloudflare and use the groups and users already created to gate access to your web applications.
也可以走 TLS 的 client certificate 架構認證：
You can additionally use TLS with Client Authentication and limit connections only to devices with a unique client certificate.
而企業內部的服務剛好可以透過 Cloudflare 之前推出的 Wrap 串上去，不需要用 VPN 打通內部網路 (參考先前寫的「Cloudflare 推出的 Wrap 讓你不用在本地端開對外的 Port 80/443」)：
If you want to use Access in front of an internal application but don’t want to open up that application to the whole internet, you can combine Access with Warp. Warp will make Cloudflare your application’s internet connection so you don’t even need a public IP.
Access takes 5-10 minutes to setup and is free to try for up to one user (beyond that it’s $3 per seat per month, and you can contact sales for bulk discounts).
ExpressVPN 在土耳其的 VPN server 被抄，為了調查大使的刺殺案件：「VPN Server Seized to Investigate Russian Ambassador’s Assassination」。
A VPN server operated by ExpressVPN was seized by Turkish authorities to investigate the assassination of Andrei Karlov, the Russian Ambassador to Turkey. Authorities hoped to find more information on people who removed digital traces of the assassin, but the server in question held no logs.
ExpressVPN 官方的回覆在「ExpressVPN statement on Andrey Karlov investigation」，主要的部份是：
As we stated to Turkish authorities in January 2017, ExpressVPN does not and has never possessed any customer connection logs that would enable us to know which customer was using the specific IPs cited by the investigators. Furthermore, we were unable to see which customers accessed Gmail or Facebook during the time in question, as we do not keep activity logs. We believe that the investigators’ seizure and inspection of the VPN server in question confirmed these points.
話說 WPA2 也撐了十三年了：
WPA2 became available in 2004 and is a common shorthand for the full IEEE 802.11i (or IEEE 802.11i-2004) standard.
這次的漏洞可以參考「Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping」這邊。
PoC 稱作 KRACK (Key Reinstallation Attacks)，漏洞將會在十一月正式發表，從會議的標題名稱大概可以知道方向，是對 Nonce 下手：「Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2」。另外站台 www.krackattacks.com 已經放好，等後續的發表更新了。
對於無線網路的各種漏洞，老方法還是目前最有效的方法，也是這次的 workaround 之一：上強度足夠的 VPN。
Update：補上論文「Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2」。
這應該是這幾天鬧得蠻大的事情：「PureVPN Logs Helped FBI Net Alleged Cyberstalker」。
起因在於 PureVPN 的廣告寫著他們不會記錄：
但在證詞裡卻提到 PureVPN 有記錄：
“Significantly, PureVPN was able to determine that their service was accessed by the same customer from two originating IP addresses: the RCN IP address from the home Lin was living in at the time, and the software company where Lin was employed at the time,” the agent’s affidavit reads.
然後回頭看 PureVPN 的 Privacy 條款發現他們在條款裡面寫著他們會記錄連線資訊：
Our servers automatically record the time at which you connect to any of our servers. From here on forward, we do not keep any records of anything that could associate any specific activity to a specific user. The time when a successful connection is made with our servers is counted as a ‘connection’ and the total bandwidth used during this connection is called ‘bandwidth’. Connection and bandwidth are kept in record to maintain the quality of our service. This helps us understand the flow of traffic to specific servers so we could optimize them better.
然後被告 Ryan S. Lin 就幹剿了：
“There is no such thing as a VPN that doesn’t keep logs,” Lin said. “If they can limit your connections or track bandwidth usage, they keep logs.”
以後挑 VPN 還得仔細看條款裡面留 log 的部份啊...
算是為什麼企業要提供 Full Routing VPN 的一個攻擊管道的說明...
這篇介紹了在飯店裡透過 WiFi 攻擊企業的高階主管，想辦法塞木馬取得資訊，或是滲透進企業內部的網路：「Hackers are using hotel Wi-Fi to spy on guests, steal data」。
Those behind the campaign have continually evolved their tactics and malware payloads, blending phishing and social engineering with a complex Trojan, in order to conduct espionage on corporate research and development personnel, CEOs, and other high-ranking corporate officials.
有點介於 APT 與一般性的攻擊中間...
看到「The OpenVPN post-audit bug bonanza」這個只有苦笑啊...
作者在 OpenVPN 經過一連串的安全加強後 (包括 harden 計畫與兩個外部單位的程式碼稽核找到不少問題)，決定出手挖看看：
After a hardening of the OpenVPN code (as commissioned by the Dutch intelligence service AIVD) and two recent audits 1 2, I thought it was now time for some real action ;).
可以看到作者透過 fuzzing 打出一卡車，包含了不少 crash XDDD：(然後有一個是 stack buffer corruption，不知道有沒有機會變成 RCE)
- Remote server crashes/double-free/memory leaks in certificate processing (CVE-2017-7521)
- Remote (including MITM) client crash, data leak (CVE-2017-7520)
- Remote (including MITM) client stack buffer corruption
- Remote server crash (forced assertion failure) (CVE-2017-7508)
- Crash mbed TLS/PolarSSL-based server (CVE-2017-7522)
- Stack buffer overflow if long –tls-cipher is given
在「Facebook recommended that this psychiatrist’s patients friend each other」這邊報導了 Facebook 推薦好友機制的演算法意外的拉出了奇怪的東西：
[...], such as this story from Lisa*, a psychiatrist who is an infrequent Facebook user, mostly signing in to RSVP for events. Last summer, she noticed that the social network had started recommending her patients as friends—and she had no idea why.
“I haven’t shared my email or phone contacts with Facebook,” she told me over the phone.
精神科醫師被 Facebook 推薦他的病人... 而更慘的是病人也收到的推薦包括了其他的病人：
Another one of her female patients had a friend recommendation pop up for a fellow patient she recognized from the office’s elevator. Suddenly, she knew the other patient’s full name along with all their Facebook profile information.
“It’s a massive privacy fail,” said Lisa. “I have patients with HIV, people that have attempted suicide and women in coercive and violent relationships.”
Lisa lives in a relatively small town and was alarmed that Facebook was inadvertently outing people with health and psychiatric issues to her network. She’s a tech-savvy person, familiar with VPNs, Tor and computer security practices recommended by the Electronic Frontier Foundation–but she had no idea what was causing it.
最新的攻擊算是實戰類的攻擊，理論基礎以前都已經知道了，只是沒有人實際「完成」。算是近期少數直接對演算法的攻擊，而這些演算法剛好還是被用在 TLS 與 OpenVPN 上，所以嚴重性比較高：「SWEET32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN」。
攻擊的條件是 block cipher 的 block size，而非 key length，所以就算是 256 bits 的 Blowfish 也一樣也受到影響。
這次順利打下 Blowfish 與 3DES。這兩個 cipher 的 block size 都是 64 bits，所以對於 birthday attack 來說只要 232 就可以搞定：
This problem is well-known by cryptographers, who always require keys to be changed well before 2n/2 blocks. However it is often minimized by practitioners because the attacks require known plaintext, and reveal only little information. Indeed, standard bodies only recommend to change the key just before 2n/2 blocks, and many implementations don't enforce any limit on the use of a key.
在 OpenVPN 打 Blowfish 的部份 (Blowfish 是 OpenVPN 預設的 cipher)：
In our demo, it took 18.6 hours and 705 GB, and we successfully recovered the 16-byte authentication token.
以及 HTTPS 打 3DES 的部份 (為了相容性問題)：
Experimentally, we have recovered a two-block cookie from an HTTPS trace of only 610 GB, captured in 30.5 hours.
都是有可能的等級。也該來拔掉對 IE8 的支援了... orz