Can you hear me now? Tales from a Cisco voice instructor

Jul 29 2012   4:06PM GMT

Your VPN May No Longer Be Private

Dave Bateman Dave Bateman Profile: Dave Bateman

If you use a VPN, a man named Moxie Marlinspike may have just ruined your day. He has create a piece of software that  allows your VPN traffic to be intercepted and decrypted. He announced his new product, which he calls CloudCracker, at the Def Con Hacking conference in Las Vegas this past Saturday. So now anyone with an extra 200 bucks can have a peek at what is being sent along your VPN.

The software alone doesn’t crack you encryption. Once the data is captured it must be sent to Marlinspike and his system will do the decryption and return it to you within 24 hours. At this point in time, Marlinspike says he will not be screening customers to determine whether their intent is honorable or not. His real purpose is to try to encourage software makers to enhance their security.

But before you unplug your computer from the Internet and wipe your hard drive clean, you should know that Marlinspike’s software only works on VPNs that use a point-to-point tunneling protocol. Many companies provide their employees VPN software made by Cisco which is still safe cannot be compromised by CloudCraker.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: