Category Archives: VPN

WPA2 安全漏洞

話說 WPA2 也撐了十三年了: WPA2 became available in 2004 and is a common shorthand for the full IEEE 802.11i (or IEEE 802.11i-2004) standard. 這次的漏洞可以參考「Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping」這邊。 PoC 稱作 KRACK (Key Reinstallation Attacks),漏洞將會在十一月正式發表,從會議的標題名稱大概可以知道方向,是對 Nonce … Continue reading

Posted in Computer, Murmuring, Network, Privacy, Security, VPN|Tagged , , , , , , , , , , , , , , |Leave a comment

VPN 保留連線記錄幫助 FBI 抓犯人

這應該是這幾天鬧得蠻大的事情:「PureVPN Logs Helped FBI Net Alleged Cyberstalker」。 起因在於 PureVPN 的廣告寫著他們不會記錄: 但在證詞裡卻提到 PureVPN 有記錄: “Significantly, PureVPN was able to determine that their service was accessed by the same customer from two originating IP addresses: the RCN IP address from the home … Continue reading

Posted in Computer, Murmuring, Network, Privacy, Security, VPN|Tagged , , , , , , , , , |Leave a comment

VPN 的評價

文章的作者試了很多家 VPN 服務,然後文章的標題有點長,有種輕小說的感覺...:「I tested the most recommended VPN providers using my credit card to find the best ones — and which ones you should avoid.」。 不過這種文章有很多東西很主觀,大家心裡有個底就是了... 作者比較滿意的是 TunnelBear 與 OVPN 這兩家,也許等手上 PIA 到期的時候再試看看要怎麼選好了,畢竟 PIA 還是目前最便宜的方案。

Posted in Computer, Murmuring, Network, Privacy, Security, Service, VPN|Tagged , , , , , , , , , , , , , |Leave a comment

在飯店裡攻擊企業的高階主管

算是為什麼企業要提供 Full Routing VPN 的一個攻擊管道的說明... 這篇介紹了在飯店裡透過 WiFi 攻擊企業的高階主管,想辦法塞木馬取得資訊,或是滲透進企業內部的網路:「Hackers are using hotel Wi-Fi to spy on guests, steal data」。 Those behind the campaign have continually evolved their tactics and malware payloads, blending phishing and social engineering with a complex Trojan, in … Continue reading

Posted in Computer, Murmuring, Network, Security, VPN|Tagged , , , , , , , , , , |Leave a comment

最近 OpenVPN 的安全性漏洞...

看到「The OpenVPN post-audit bug bonanza」這個只有苦笑啊... 作者在 OpenVPN 經過一連串的安全加強後 (包括 harden 計畫與兩個外部單位的程式碼稽核找到不少問題),決定出手挖看看: After a hardening of the OpenVPN code (as commissioned by the Dutch intelligence service AIVD) and two recent audits 1 2, I thought it was now time for some … Continue reading

Posted in Computer, Murmuring, Network, Security, Software, VPN|Tagged , , , , , , , , , , , , , , |Leave a comment

Facebook 推薦好友機制的演算法讓更多的隱私問題浮現...

在「Facebook recommended that this psychiatrist’s patients friend each other」這邊報導了 Facebook 推薦好友機制的演算法意外的拉出了奇怪的東西: [...], such as this story from Lisa*, a psychiatrist who is an infrequent Facebook user, mostly signing in to RSVP for events. Last summer, she noticed that the social … Continue reading

Posted in Computer, Murmuring, Network, Security, Social, VPN, WWW|Tagged , , , , , , , , |Leave a comment

SWEET32:攻 Blowfish 與 3DES

最新的攻擊算是實戰類的攻擊,理論基礎以前都已經知道了,只是沒有人實際「完成」。算是近期少數直接對演算法的攻擊,而這些演算法剛好還是被用在 TLS 與 OpenVPN 上,所以嚴重性比較高:「SWEET32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN」。 攻擊的條件是 block cipher 的 block size,而非 key length,所以就算是 256 bits 的 Blowfish 也一樣也受到影響。 這次順利打下 Blowfish 與 3DES。這兩個 cipher 的 block size 都是 64 bits,所以對於 birthday … Continue reading

Posted in Computer, Murmuring, Network, Security, VPN, WWW|Tagged , , , , , , , , , , , , , , , |Leave a comment

Cisco 與 Fortinet 防火牆的 RCE 漏洞

NSA 使用這些漏洞來大量監聽企業的流量:「Leaked Exploits are Legit and Belong to NSA: Cisco, Fortinet and Snowden Docs Confirm」。 Cisco 已經確認這個安全性漏洞了,全系列包括已經停產的 Cisco PIX、上個世代的 Cisco ASA 5500 (但還有些型號還在賣),以及目前主力的 Cisco ASA 5500-X,另外還包括了安全模組系列也中獎:「Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability」。 Cisco ASA 5500 Series Adaptive Security … Continue reading

Posted in Computer, Hardware, Murmuring, Network, Political, Security, Social, VPN, WWW|Tagged , , , , , , , , , , , , , , , , |Leave a comment

Ubuntu 桌機的 Split DNS

Split DNS 指的是某個 DNS domain 使用另外一組 DNS servers,常用在 Partial Route 的 VPN 上,讓內部網域的 DNS domain 正確的被解出來。一般商業的 VPN Software 都會處理掉這塊,不過有時候還是希望可以自己設定... Ubuntu 桌機上的 Split DNS 可以透過 Dnsmasq 做到,在我的機器上因為透過 ps awx | grep dnsmasq 可以看到 --conf-dir=/etc/NetworkManager/dnsmasq.d,表示設定的目錄在 /etc/NetworkManager/dnsmasq.d 下,所以我把檔案 mysplit 放到 /etc/NetworkManager/dnsmasq.d 下: # … Continue reading

Posted in Computer, DNS, Linux, Murmuring, Network, OS, Software, VPN|Tagged , , , , , , , |Leave a comment

最近三十天透過 Tor 上 Facebook 的人超過一百萬

Facebook 提供了透過 Tor 連上 Facebook 的人數:「1 Million People use Facebook over Tor」: In June 2015, over a typical 30 day period, about 525,000 people would access Facebook over Tor e.g.: by using Tor Browser to access www.facebook.com or the Facebook … Continue reading

Posted in Computer, Murmuring, Network, P2P, Security, VPN, WWW|Tagged , , , , , |Leave a comment