Internet security is still evolving and a recent discovery by Ahmed Nafeez, a security researcher revealed that even VPNs are vulnerable. This discovery is worth panicking but not yet, first take your time and read the whole article. VORACLE is an attack that can recover data sent via a VPN. This data, however, must be using HTTP traffic.
VORACLE
VORACLE has been around for sometimes and what makes it somehow unique is that it uses a variation of cryptographic attacks. According to the researchers, earlier attacks could recover data from TSL encryption given that the data was compressed before the encryption. In 2012 and 2013, fixes were introduced, and people have had nothing to worry about when using HTTPS connections. But theoretically, according to Nafeez, the attacks are still valid and can even recover data from some VPN traffic. Like earlier attacks, VORACLE works on VPNs that compress and then encrypt HTTP traffic via TSL.
VORACLE如何恢復VPN上的數據
VORACLE如何恢復VPN上的數據VORACLE attack can be used to leak secrets from pages and cookies that contain sensitive info. Here are conditions that must hold for the attack to be successful;
- 攻擊者和使用者都 在同一網路上。
- 您的瀏覽器 容易受到 VORACLE 的攻擊。
- 您正在使用 HTTP 連接。
- 您正在使用啟用了壓縮的OpenVPN 。
- 最後,您正在訪問一個由駭客控制的網站。
From the above conditions, there are slim chances that the VORACLE attack could reveal your data unless maybe you are using public WIFI. That’s why we always advice you to stay away from public WIFI. Sometimes such as in this case, a VPN can be useless in a public WIFI.
為什麼選擇OpenVPN協定
Most VPNs and experts regard OpenVPN as the most secure and reliable VPN protocol. But the researcher shocked everyone when he said that the VORACLE attack works with the OpenVPN protocol. Here is the reason why; OpenVPN compresses data before encrypting it.
防止 VORACLE 攻擊
Good news, the VORACLE attacks can be avoided by simple measures. Since the attack relies on the OpenVPN protocol, users need to change to a non-OpenVPN protocol such as the IKEv2 or IPSec which are also secure. Users also need to avoid HTTP websites and use the ones with HTTPS. HTTPS traffic tunnelled through a VPN is immune to VORACLE. Lastly, the VORACLE attack is not viable in Chromium-based browsers such as Chrome. Unlike non-Chromium browsers, HTTP requests in Chromium browsers are split into header and body packets, and this makes the requests immune to VORACLE.
簡而言之,為了安全起見,在訪問HTTP網站時,請在VPN中使用具有非Open VPN協議的基於Chromium的瀏覽器。畢竟,您不必驚慌。
Nafeez notified the OpenVPN project and some VPNs about the findings. OpenVPN project has now added a warning about using compression and then encrypting data in the OpenVPN protocol. Most reputable VPNs have also patched the pre-encryption compression while others have done away with the compression part.
For utmost security, check with your VPN service provider to see if their OpenVPN protocol is safe to use, you can’t afford to lose the speeds that are offered by OpenVPN.
