Connect with us

Hi, what are you looking for?

Tech

VPNs and Encryption Do Work: A Response

I recently came across another article on TechSling about spying, firewalls, and VPN use. I found it to present a very simplistic and dismissive approach to the topics at hand. It also provided no support or backup for the claims presented.

I’m going to be looking specifically at that article’s most dismissive claim about VPNs by looking at key quotes from a few sources who know a thing or two about security.

The first claim that is difficult to understand about VPNs

If you followed the link you would have come across a phrase saying ‘that the idea that it is impossible to track your web browsing because you are using a VPN service is not true, but it does take some sophisticated monitoring technology that the likes of MI6 in Britain may use.’€

To look at the basics of this: first, there is no MI6, it is now known as SIS. Furthermore, the job of government intelligence gathering in an internet context is more the job of the GCHQ than SIS.

When the author states “sophisticated,” that is correct. It takes incredibly complex and expensive equipment to break the encryption that strong – and that all adds up to time being taken to actually break anything. To quote a recent Torrent Freak article, a group of people who need to know and make it their business to know what works:

‘€œFrom a technical point of view it’€™s nearly impossible to break the most secure forms of VPN encryption in real-time.’€

The quote goes on to read that some older algorithms have been cracked. A modern VPN knows to update its algorithms – sitting still leaves you vulnerable.

A key takeaway from this is best summed up by security expert Bruce Schneier, writing for Wired. ‘€œWhatever the NSA has up its top-secret sleeves, the mathematics of cryptography will still be the most secure part of any encryption system,” such as the encryption provided by a VPN, “It’€™s very probable that the NSA has newer techniques that remain undiscovered in academia. Even so, such techniques are unlikely to result in a practical attack that can break actually encrypted plaintext.”

Has the NSA actually cracked any encryption?

The claim that the NSA can get into any encryption is simply untrue. What they have done, however, is steal security keys and work with vendors to sabotage their own security.

To summarize it quickly, a tweet from internet security speculator, digital rights campaigner, and writer for Boing Boing, Cory Doctorow says in 140 characters or less:

The NSA can not do real-time decryption of 128-bit technology. It can’€™t. The NSA will, however, work with vendors and steal security keys from servers, but it can’€™t crack the 128-bit encryption used by the best VPN providers.

Conclusion on VPN and encryption as a viable security measure

I wanted to quote just one more security expert on the matter of encryption before ending this:

‘Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on.’

The person who said that was Edward Snowden speaking with The Guardian in regards to the NSA’s capabilities, an organization that he famously once worked for.

He goes on to speak about how endpoint security, your computer, is weak. This validates the claim made by the author in the article under discussion about firewalls. They are an endpoint technology that can increase your security further, but can do little once you are past the firewall itself – this is when a VPN service will be your best security measure.

Written By

Matthew is the writer for the Devumi Blog, the topics up for discussion on this blog are marketing on Twitter, YouTube, SoundCloud and recent Google developments.

7 Comments

7 Comments

  1. Henry

    March 20, 2014 at 12:56 pm

    I am agree with you but I am still afraid of that. NSA is a powerful organization, and I am barely sure that they can bypass almost any infrastructure. In France for example, you cannot use a security algorithm, before it has to be checked and certified by our government to ensure national security…

  2. Matthew Y

    April 1, 2014 at 9:39 am

    I can’t speak for France, but the NSA just doesn’t have the capability to do a live hack of any current algorithm. Older ones, yes, given time they can potentially crack it if you’re a bad enough person and they really want you.

  3. Matt

    April 9, 2014 at 8:31 am

    Unfortunately the NSA doesn\’t need to crack the current encryption standards for a VPN not to be completely secure. It\’s likely that they\’ve built backdoors into many of the most popular VPN providers networks. On the upside, the NSA probably isn’t looking for you, so any VPN will greatly increase your security online.

    • Matthew

      May 9, 2014 at 10:26 am

      A basic summary of our comment: “It doesn’t work, because likely maybe, and you don’t have to worry.” You know that scene in the third Austin Powers movies where Austin is trying to figure out time travel. “I’ve just gone cross-eyed.” That’s how I feel now.

      To address your comment, I stated numerous times (and even included a quote from another expert) that the NSA can’t do a live crack of current VPN encryption, but that they have indeed stolen security keys and generally acted like people who aren’t government employees. Or they have acted exactly like dishonest government employees, and…I’ve gone cross-eyed again.

  4. myles

    May 3, 2014 at 7:52 pm

    The first thing that came to my mind, after reading the title that had “VPN” was web hosting. And i seriously did not know any thing else about it. Good post there, though.
    🙂

    • Matthew

      May 9, 2014 at 10:19 am

      VPN tech is just one of those things that isn’t quite as public as it should be. Glad you’re better informed!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You May Also Like

Tech

Are you looking for a quality Virtual Private Network for you? There are many options out there. Picking the best one isn’t easy at...

Tech

Users who can find the right Kodi add-ons love to use Kodi. It is a complete media player you can use to access free,...

Tech

"VPN" stands for "Virtual Private Network." Let’s learn all about it from the secure VPN services experts at VPNgeniX!

Tech

To help you figure out which VPN will be best for your needs, we have compiled a list of providers for Firestick users.