Earlier this week, BitDefender has demonstrated the telescope technique, which allows an attacker to decrypt TLS communication between a target and a virtualized server. Means TLS Transport Layer Security and is widely used. The technique of the telescope is both operating and crypto library agnostic agnostic system. Any TLS key that is generated on a virtualized server is sensitive to this technique. This security alert reminder that your VPN service should use their own bare metal servers.
teleScope reminds us the Cloud is not secure
Common knowledge has always dictated that if you use a virtual machine remotely, who has access to the real hardware is clearly able display your activity if they really want. Users have always known techniques Snooping criticism which would defeat the encryption using TLS as possible. The revelation Telescope BitDefender reminds us of the particular situation. A similar attack cache also allows malicious access to your RSA keys and other important cryptographic keys. This is not only a possibility we have to trust Amazon not to exploit -. Anyone with a VM that is used on the same physical machine as yours can spy these articles
Use VPN instead of a VPS
Many people and businesses worldwide rely on TLS and virtualization to run essential services - but teleScope is unnecessary VPS to a dedicated attacker. Private Internet Access reminded VPS and VPN users around the world who are affected by this news:
If you use a VPS or VPN on the virtualized hardware (ie, a VPS such that Digital Ocean, Amazon, Azure, etc.), you should assume that your traffic has been and is decrypted.
private ™ Internet access is secure by default this vulnerability since we use real bare metal servers.
0 Komentar