Internet security is still evolving and a recent discovery by Ahmed Nafeez, a security researcher revealed that even VPNs are vulnerable. This discovery is worth panicking but not yet, first take your time and read the whole article. VORACLE is an attack that can recover data sent via a VPN. This data, however, must be using HTTP traffic.
VORACLE
VORACLE has been around for sometimes and what makes it somehow unique is that it uses a variation of cryptographic attacks. According to the researchers, earlier attacks could recover data from TSL encryption given that the data was compressed before the encryption. In 2012 and 2013, fixes were introduced, and people have had nothing to worry about when using HTTPS connections. But theoretically, according to Nafeez, the attacks are still valid and can even recover data from some VPN traffic. Like earlier attacks, VORACLE works on VPNs that compress and then encrypt HTTP traffic via TSL.
Comment VORACLE peut récupérer des données sur des réseaux privés virtuels (VPN)
Comment VORACLE peut récupérer des données sur des réseaux privés virtuels (VPN)VORACLE attack can be used to leak secrets from pages and cookies that contain sensitive info. Here are conditions that must hold for the attack to be successful;
- L'attaquant et l'utilisateur se trouvent tous deux sur le même réseau.
- Votre navigateur est vulnérable à VORACLE.
- Vous utilisez la connexion HTTP.
- Vous utilisez OpenVPN avec la compression activée.
- Enfin, vous accédez à un site web contrôlé par des pirates.
From the above conditions, there are slim chances that the VORACLE attack could reveal your data unless maybe you are using public WIFI. That’s why we always advice you to stay away from public WIFI. Sometimes such as in this case, a VPN can be useless in a public WIFI.
Pourquoi le protocole OpenVPN ?
Most VPNs and experts regard OpenVPN as the most secure and reliable VPN protocol. But the researcher shocked everyone when he said that the VORACLE attack works with the OpenVPN protocol. Here is the reason why; OpenVPN compresses data before encrypting it.
Prévention des attaques VORACLE
Good news, the VORACLE attacks can be avoided by simple measures. Since the attack relies on the OpenVPN protocol, users need to change to a non-OpenVPN protocol such as the IKEv2 or IPSec which are also secure. Users also need to avoid HTTP websites and use the ones with HTTPS. HTTPS traffic tunnelled through a VPN is immune to VORACLE. Lastly, the VORACLE attack is not viable in Chromium-based browsers such as Chrome. Unlike non-Chromium browsers, HTTP requests in Chromium browsers are split into header and body packets, and this makes the requests immune to VORACLE.
En résumé, pour être sûr, utilisez un navigateur basé sur Chromium avec un protocole VPN non ouvert dans votre VPN lorsque vous accédez à des sites HTTP. Après tout, vous n'avez pas à paniquer.
Nafeez notified the OpenVPN project and some VPNs about the findings. OpenVPN project has now added a warning about using compression and then encrypting data in the OpenVPN protocol. Most reputable VPNs have also patched the pre-encryption compression while others have done away with the compression part.
For utmost security, check with your VPN service provider to see if their OpenVPN protocol is safe to use, you can’t afford to lose the speeds that are offered by OpenVPN.
