Internet security is still evolving and a recent discovery by Ahmed Nafeez, a security researcher revealed that even VPNs are vulnerable. This discovery is worth panicking but not yet, first take your time and read the whole article. VORACLE is an attack that can recover data sent via a VPN. This data, however, must be using HTTP traffic.
VORÁCULO
VORACLE has been around for sometimes and what makes it somehow unique is that it uses a variation of cryptographic attacks. According to the researchers, earlier attacks could recover data from TSL encryption given that the data was compressed before the encryption. In 2012 and 2013, fixes were introduced, and people have had nothing to worry about when using HTTPS connections. But theoretically, according to Nafeez, the attacks are still valid and can even recover data from some VPN traffic. Like earlier attacks, VORACLE works on VPNs that compress and then encrypt HTTP traffic via TSL.
Cómo VORACLE puede recuperar datos en VPNs
Cómo VORACLE puede recuperar datos en VPNsVORACLE attack can be used to leak secrets from pages and cookies that contain sensitive info. Here are conditions that must hold for the attack to be successful;
- Tanto el atacante como el usuario están en la misma red.
- Su navegador es vulnerable a VORACLE.
- Está utilizando la conexión HTTP.
- Está utilizando OpenVPN con la compresión activada.
- Por último, está accediendo a un sitio web controlado por piratas informáticos.
From the above conditions, there are slim chances that the VORACLE attack could reveal your data unless maybe you are using public WIFI. That’s why we always advice you to stay away from public WIFI. Sometimes such as in this case, a VPN can be useless in a public WIFI.
Por qué el protocolo OpenVPN
Most VPNs and experts regard OpenVPN as the most secure and reliable VPN protocol. But the researcher shocked everyone when he said that the VORACLE attack works with the OpenVPN protocol. Here is the reason why; OpenVPN compresses data before encrypting it.
Prevención de ataques VORACLE
Good news, the VORACLE attacks can be avoided by simple measures. Since the attack relies on the OpenVPN protocol, users need to change to a non-OpenVPN protocol such as the IKEv2 or IPSec which are also secure. Users also need to avoid HTTP websites and use the ones with HTTPS. HTTPS traffic tunnelled through a VPN is immune to VORACLE. Lastly, the VORACLE attack is not viable in Chromium-based browsers such as Chrome. Unlike non-Chromium browsers, HTTP requests in Chromium browsers are split into header and body packets, and this makes the requests immune to VORACLE.
En pocas palabras, para estar seguro, utiliza un navegador basado en Chromium con un protocolo VPN no abierto en tu VPN cuando accedas a sitios HTTP. Después de todo, no tienes por qué alarmarte.
Nafeez notified the OpenVPN project and some VPNs about the findings. OpenVPN project has now added a warning about using compression and then encrypting data in the OpenVPN protocol. Most reputable VPNs have also patched the pre-encryption compression while others have done away with the compression part.
For utmost security, check with your VPN service provider to see if their OpenVPN protocol is safe to use, you can’t afford to lose the speeds that are offered by OpenVPN.
