Internet security is still evolving and a recent discovery by Ahmed Nafeez, a security researcher revealed that even VPNs are vulnerable. This discovery is worth panicking but not yet, first take your time and read the whole article. VORACLE is an attack that can recover data sent via a VPN. This data, however, must be using HTTP traffic.
漩涡
VORACLE has been around for sometimes and what makes it somehow unique is that it uses a variation of cryptographic attacks. According to the researchers, earlier attacks could recover data from TSL encryption given that the data was compressed before the encryption. In 2012 and 2013, fixes were introduced, and people have had nothing to worry about when using HTTPS connections. But theoretically, according to Nafeez, the attacks are still valid and can even recover data from some VPN traffic. Like earlier attacks, VORACLE works on VPNs that compress and then encrypt HTTP traffic via TSL.
VORACLE 如何恢复 VPN 上的数据
VORACLE 如何恢复 VPN 上的数据VORACLE attack can be used to leak secrets from pages and cookies that contain sensitive info. Here are conditions that must hold for the attack to be successful;
- 攻击者和用户都在同一个网络上。
- 您的浏览器容易受到 VORACLE 的攻击。
- 您使用的是 HTTP连接。
- 您正在使用启用了压缩功能的OpenVPN。
- 最后,您正在访问一个由黑客控制的网站。
From the above conditions, there are slim chances that the VORACLE attack could reveal your data unless maybe you are using public WIFI. That’s why we always advice you to stay away from public WIFI. Sometimes such as in this case, a VPN can be useless in a public WIFI.
为什么使用 OpenVPN 协议
Most VPNs and experts regard OpenVPN as the most secure and reliable VPN protocol. But the researcher shocked everyone when he said that the VORACLE attack works with the OpenVPN protocol. Here is the reason why; OpenVPN compresses data before encrypting it.
防止 VORACLE 攻击
Good news, the VORACLE attacks can be avoided by simple measures. Since the attack relies on the OpenVPN protocol, users need to change to a non-OpenVPN protocol such as the IKEv2 or IPSec which are also secure. Users also need to avoid HTTP websites and use the ones with HTTPS. HTTPS traffic tunnelled through a VPN is immune to VORACLE. Lastly, the VORACLE attack is not viable in Chromium-based browsers such as Chrome. Unlike non-Chromium browsers, HTTP requests in Chromium browsers are split into header and body packets, and this makes the requests immune to VORACLE.
总而言之,为了安全起见,在访问 HTTP 网站时,请使用基于 Chromium 的浏览器,并在 VPN 中使用非开放 VPN 协议。毕竟,你不必惊慌失措。
Nafeez notified the OpenVPN project and some VPNs about the findings. OpenVPN project has now added a warning about using compression and then encrypting data in the OpenVPN protocol. Most reputable VPNs have also patched the pre-encryption compression while others have done away with the compression part.
For utmost security, check with your VPN service provider to see if their OpenVPN protocol is safe to use, you can’t afford to lose the speeds that are offered by OpenVPN.
