30 Aug 2023
Bulletproof TLS Newsletter is a free periodic newsletter bringing you commentary and news surrounding SSL/TLS and Internet PKI, designed to keep you informed about the latest developments in this space. Received monthly by more than 50,000 subscribers. Written by Ivan Ristić.
Virtual private networks (VPNs) have been the cornerstone of personal and corporate security for several decades now, but we still can’t get them to work properly. This has been highlighted by TunnelCrack, a combination of two widespread vulnerabilities released under a single brand name. When either weakness is exploited, attackers end up redirecting user traffic outside the protected tunnel. The researchers tested a great number of products and report that every VPN product is vulnerable on at least one device.
In the LocalNet attack, adversaries trick victims into connecting to their malicious Wi-Fi networks. Most such networks are configured to use a private address space, one of several IP address ranges reserved for this purpose, but LocalNet turns things around by deliberately using the actual public IP addresses of the services that are being attacked. Because VPN clients tend to ignore local traffic, in the ensuing confusion the traffic that is supposed to be protected actually isn’t.
The other attack, called ServerIP, is conceptually similar in the sense that it also tricks VPN clients to send traffic without encryption to an address they deem to be “safe.” Apparently, many VPN clients don’t encrypt traffic to their VPN server, expecting that they will be the only party communicating with it. But if the client refers to the VPN server by name (e.g., vpn.example.com) and the adversary is able to intercept the DNS lookup that converts that name to an IP address, then ServerIP is successful. In the attack, the adversary returns the IP address of the service they wish to attack. Any traffic sent to this IP address will bypass the secure tunnel.
Having spent some time in the past working with OpenVPN, the description of the current state of VPN clients matches my experience. Correctly configuring a VPN requires a significant amount of expertise in encryption and routing, and the fact that most documentation out there is either obsolete or wrong doesn’t help. WireGuard improved things a lot when it comes to encryption, but the problem with the routing still remains.
It is very unfortunate that even the VPN clients don’t work correctly on mobile devices, because most users aren’t experts or can’t even configure anything at the local level.
However, it’s devastating that none of these attacks are exactly new. The knowledge of these attack vectors existed (a blog post from Andrew Ayer, for example, describes the problems in some depth), but we collectively failed to preserve it and transfer it to the new generations of programmers when VPNs started to take off.
There is a silver lining, which is that none of these VPN attacks work against properly configured services that rely on encryption. A combination of TLS, valid certificates, and HTTP Strict Transport Security will do the trick.
If you think that none of this is very likely to happen in the real world, perhaps the work of the MoustachedBouncer cyberespionage group will convince you otherwise. It’s been reported that this group, active since 2014, targets foreign embassies in Belarus. Their approach to hacking is to execute active network attacks that hijack plaintext HTTP traffic to deliver malware using fake Windows updates.
There is only one conclusion: all network traffic must be authenticated and encrypted.
This subscription is just for the newsletter; we won't send you anything else.
Here are some things that caught our attention since the previous newsletter:
Designed by Ivan Ristić, the author of SSL Labs, Bulletproof TLS and PKI, and Hardenize, our course covers everything you need to know to deploy secure servers and encrypted web applications.
Remote and trainer-led, with small classes and a choice of timezones.
Join over 2,000 students who have benefited from more than a decade of deep TLS and PKI expertise.