VPN Services Respond to Heartbleed

A critical bug in OpenSSL has left nearly two thirds of the web vulnerable.  This latest threat to our privacy is huge considering how wide spread the bug is and its impact.  An attacker can use the bug to decrypt your sensitive data like the username and password you use to access your bank and brokerage accounts online.  The same is true for VPN services.  In a moment we’ll list the providers that have publicly addressed the issue.

OpenSSL Heartbeat bug

Here’s a list of responses we’ve seen from VPN services.  We’ll list them in alphabetical order so you can more easily find your provider.  Note that we will only list those who publicly address the issue.  Preferably on their own sites but we will also rely on Reddit for those that are active there.  We will also post responses from Twitter as long as they come from the providers official account.  Please send us any additions to the list – @VPNSP

12VPN (source)

12VPN Heartbeat

ActiVPN (source)

By configuration, we already disabled the SSL heartbeat even before the CVE-2014-0160 Heart-Bleed was disclosed!

AirVPN (source)

Warning: this document could be updated by the technical staff if necessary. Please consult it again in the near future.

After a deeper analysis we would like to inform you about problems, solutions, what we did and what you need to do, in compliance with our transparency policy. The OpenSSL 1.0.1a–>f vulnerability is huge, but several factors in our infrastructure design made the menace a minor threat, without any potentially catastrophic consequence.

  • some of our OpenVPN servers used a vulnerable OpenSSL version. They have been all updated and upgraded between 3 PM and 6 PM 08-Apr-14 CET+1. The non-updated VPN servers running branches of OpenSSL like 0.9.8 were not and are not vulnerable. Assuming that an attacker could steal your user.key during the handshake on those servers, the worst damage is that he/she will connect with your account in the future (see below for a solution to this problem). He/she will not be able to decrypt your OpenVPN Data Channel. Various factors help mitigate the problem even on those vulnerable VPN servers: the attacker could not perform an attack through the exit-IP address (he/she should have known the entry-IP) and Perfect Forward Secrecy does not allow the attacker to decrypt your data
  • the primary frontend (the web site you normally visit) used a vulnerable OpenSSL version which has been upgraded at 3 PM 08-Apr-14 to a non-vulnerable version. All sessions were reset. The vulnerability allowed an attacker to dump a memory portion of the server which could disclose information useful to exploit future access of those users using browsers or web clients not supporting DHE or ECDHE: Internet Explorer 6, Internet Explorer 8, YandexBot 3, or browsers manually forced NOT to use Perfect Forward Secrecy.
  • the backend servers and other vital parts of the infrastructure were not and are not vulnerable, since they were NEVER running a vulnerable OpenSSL version

What we have already done:

  • we replaced on every part of the infrastructure the vulnerable OpenSSL versions (if any) with non-vulnerable ones between 3 PM and 6 PM 08-Apr-14 CET+1
  • we changed in advance all administrative accounts passwords (this was not strictly necessary, but it has been performed anyway)
  • we updated the internal SSL certificates
  • we reset connections of clients connected to VPN servers running OpenSSL vulnerable version and rebooted the server to make sure that no old dynamically linked SSL version was still used by OpenVPN
  • we performed attacks against our servers, even with the help of independent attackers as peer review, to check that the vulnerability has been resolved
  • we have ordered the revocation of the frontend web server previous SSL certificate (this will go into effect in 72 hours according to authority policy)
  • UPDATE 11.15 PM 08-Apr-14 CET+1 we changed the SSL certificate and private key of our frontend servers
  • UPDATE 12.40 AM 09-Apr-14 CET+1 we released a new package for Windows with OpenVPN using non-vulnerable OpenSSL

What we will additionally do:

  • we’re going to add the option to generate new user.key from the client side, with no more need of our manual intervention, just in case someone wishes to use our service for free with your account
  • UPDATE 1.50 PM 9-Apr-14 CET+1 We are planning a major change in the system with new RSA and DH keys, new certificates and more. The operation is complex and will cause interruptions to the service. You will need to re-download configuration files, certificates and keys, re-configure DD-WRT/Tomato/pfSense etc. so we are planning it with care. A discussion about it is still ongoing and will go on probably for hours, so we can’t provide more details. Please stay tuned.

What YOU need to do:

  • change your account password and your API key (if you used our API) and do it as soon as possible especially if you use Internet Explorer 6, Internet Explorer 8 or YandexBot 3 or any other browser that you specifically configured NOT to use TLS with DHE-ECDHE in any way to log in our web site. On this occasion, please consider to drop once and for all Internet Explorer 6 and 8 and prefer browsers supporting PFS
  • change your user.key when this option will be available
  • Windows users only download and install new package with OpenVPN using non-vulnerable OpenSSL https://airvpn.org/windows Allow Air client to upgrade OpenVPN version if required
  • OS X Tunnelblick users only download and upgrade to new Tunnelblick with non-vulnerable OpenSSL http://code.google.c…k/wiki/RlsNotes
  • Remain in touch because we have planned modifications to the service which will require your attention and intervention.

BlackVPN (source)

A critical bug in OpenSSL – known as the Heartbleed bug – has been discovered which affects web, email, instant messaging and VPN services.

Only customers connecting using OpenVPN are affected – L2TP/IPsec users do not need to do anything. Hopefully nobody is still using PPTP for private communications as it is only useful for stuff like unblocking websites.

Our website blackvpn.com was NEVER vulnerable because it was running an unaffected version of OpenSSL (0.9.8g). We’ve now updated OpenSSL there anyway.

Initially we thought that no VPN servers were vulnerable as most were using an older unaffected version of OpenSSL. Unfortunately we did find some servers that were vulnerable so we updated all servers on April 8th as soon as we find out about the bug. All OpenVPN sessions were reset on 8th April as we upgraded.

Since we use ephemeral session keys the data sent and received over the VPN (aka your OpenVPN Data Channel) should be safe from this attack. The worst that could have happened is your VPN username and password were compromised which would allow someone else to use your account, so we suggest that you reset your VPN password just to be safe.

We cannot be sure that our server keys were safe from attack so we will be generating new keys and client configs to be on the safe side. Once new client configs are released we recommend everyone to download them to prevent possible Man-In-The-Middle (MITM) attacks.

Updated versions of OpenVPN for Windows and Tunnelblick for Mac OS X have now been released and we recommend everyone upgrade immediately. Linux users need to upgrade to the latest version of OpenSSL as soon as possible. We’re working on updated blackVPN Easy Installer versions for Windows and Tunnelblick and these will be released shortly.

BolehVPN (source)

How does it affect you as a BolehVPN customer?

In short, it doesn’t. We have reviewed our servers and implementation and our customer portal implementation does not use the affected OpenSSL versions.

Our OpenVPN implementation implements Perfect Forward Secrecy (PFS) would protect past communications from retrospective decryption so the risk is mitigated. Furthermore, OpenVPN does not rely on SSL/TLS only as SSL/TLS is used once the tunnel is secured with DH and HMAC and with our implementation, PFS as well.

We are however monitoring developments closely and will implement patches as they become available.

CryptoStorm (source)

We have updated all nodes to OpenSSL 1.0.1g and recompiled OpenVPN and restarted all servers.

ExpressVPN (source)

From their Facebook page on April 11th:

Since last Tuesday the Internet has been abuzz about a security bug called “Heartbleed” that affected the majority of all Internet servers. A subset of our systems was using software that might have been affected, so we reacted immediately:
1) we patched those systems
2) to protect our customers, we also briefly disconnected all VPN sessions on those systems. In our view, ensuring the security of our customers justified the brief service disruption in this case.

We completed these steps on the same day that the issue was made public, so the Heartbleed bug cannot be exploited on our systems.

Expect a blog post with more background information about Heartbleed coming next week.

From the ExpressVPN blog on April 13th:

We’d like to give some more insight into how we dealt with the Heartbleed security bug that affected most of the Internet last week.

The key points are:

  1. For any of our systems using OpenSSL, we patched those servers on the same day as when the issue was announced.
  2. Confirmation that our webservers are patched: http://filippo.io/Heartbleed/#expressvpn.biz
  3. As a pre-caution, we re-keyed server certificates and briefly disconnected all connected users to apply the patch on affected systems
  4. Our OpenVPN servers use tls-auth, which helps prevent man-in-the-middle attacks and mitigated some of the Heartbleed risks even before the patch.

Here is a more detailed technical explanation of Heartbleed that also shows how difficult it was to exploit Heartbleed to steal private keys.

In summary, we reacted quickly to protect our customers and ensure our systems are not susceptible to Heartbleed attacks.

Hide My Ass (source)

On April 7, the OpenSSL project issued a security advisory that detailed a vulnerability in the encryption software in use by a large portion of the internet. This vulnerability (nicknamed “Heartbleed”) would potentially allow attackers to retrieve information from encrypted SSL endpoints.

At Hide My Ass! we take security very seriously. We keep our user credentials on a separate server from hidemyass.com domain, which means our user credentials were never vulnerable and completely unaffected by the Heartbleed issue.

We’re taken steps to address any potential vulnerability to our hidemyass.com domain from Heartbleed and will continue to safeguard our services to you.

Given the abundance of the issue on the internet, we would advise any customer that uses their VPN password on another service (which we wouldn’t recommend) to change their password

ibVPN (source)

The new discovery regarding OpenSSL vulnerability showed that major businesses and about 60% of the web was affected by this bug. Among these, VPN services were also affected depending on precautions that were taken by each.

Status from ibVPN

Even though no information was released yet, in the last two days our specialists and technicians researched this issue and took needed measures in order to protect our users to further avoid the described vulnerability. After we’ve analysed the reports we now come and inform our users how we stand. But don’t worry, some measures were taken prior to the vulnerability discovery.

ibVPN Website

Our website, especially the Client Area, which uses SSL over http was not affected. This is because we always want to keep a secure service we are always up-to-date with the latest security updates, thus our website security was updated prior to the vulnerability discovery. More information about this can be seen here:

Our users’s private information such as usernames and passwords (Client Area) were not compromised.

ibVPN Servers

Our VPN servers were updated yesterday to the non-exploitable version 1.0.1g. From our specialist’s report we can assure you that we had no exposure between the time of discovery and the time we made updates.

ibVPN clients

As for our VPN clients, these are still safe for now. This is because our servers got the update in time and malicious requests, like HeartBleed bug, are blocked. We’ll be also releasing new versions with the updated OpenVPN version (2.3.3), in order to keep up with the updates.

What we recommend

We recommend our users to “lay-low” from your day-to-day internet activity until things settle. Furthermore we encourage you to use ibVPN at all times, especially when using public hot spots. Rest assured that we’ll monitor any further developments of the HeartBleed vulnerability.

IPVanish (source)

As an IPVanish user, you may have heard about the OpenSSL heartbeat (heartbleed) exploit.  Well, you can rest assured because IPVanish does not support the TLS extension 15 (heartbeat) so we are not affected by this exploit.  Our users are safe!

Just in case you want to test OpenVPN you can use public tools such as http://possible.lv/tools/hb/ –  just enter the IPVanish server name you are using and it will show you we are clean.

We appreciate your business and we understand how important Internet privacy is to you, please feel free to direct any questions or concerns you may have to support@ipvanish.com.

iVPN (source)

iVPN Heartbeat

LiquidVPN (source)

All of our servers have been patched and new keys generated. Software update has been published to update Liquid Viscosity. We recommend you update OpenVPN software if you are using that.

Mullvad (source)

A serious vulnerability in the popular OpenSSL cryptographic software library was disclosed 30 hours ago. In short it allows (among other things) anyone on the Internet to extract the private keys used for encrypting traffic and identifying service providers to their users. A more complete description can be read on heartbleed.com. This affects a lot of different services including web, email, instant messaging and OpenVPN (which Mullvad uses).As of a few hours ago all our servers have been patched and are no longer vulnerable. We are also releasing a new Mullvad client for all supported operating systems (OSX, Windows, Linux) and an updated configuration package if you use OpenVPN without the Mullvad client.

On the server side OpenSSL has been upgraded, and since we could not rule out a leak of one or all of our servers’ private keys we have revoked all of them and generated new ones. The new client includes a Certificate Revocation List with all revoked certificates and a patched version of OpenSSL (for Windows and OSX users). Our Linux client doesn’t bundle OpenSSL and relies on the user’s Linux distribution.

To protect yourself against a so called man-in-the-middle attack when connecting to Mullvad you should upgrade to the new client immediately. If you use OpenVPN without using our client you should download a new configuration package from our website.

Private Internet Access (source)

At Private Internet Access, we consider our customers’ privacy and security to be our highest priority. That is our business. That is our expertise. We wanted to take a brief break from our ongoing research and development to discuss a few of the decisions we made to prepare for attacks like Heartbleed, as well as how we reacted to Heartbleed itself, post public disclosure.

Our Website
As we stated earlier on our forum and social networks, our website was not and continues to not be vulnerable to the Heartbleed bug. This is the case, because our hardware load balancers are not running the vulnerable OpenSSL implementation. However, we still went ahead and revoked, re-keyed and rotated our certificates as a precautionary measure.

Our VPN Servers
All of our VPN gateways were patched within 4 hours (UTC 23:17:15 on Apr 7 2014) of the public disclosure of Heartbleed (UTC 19:00:00 on Apr 7 2014). We moved from OpenSSL 1.0.1f to the non-exploitable version 1.0.1g. In terms of our keys, the original researcher who discovered Heartbleed, Neel Mehta, says that private keys are safe, and we agree with his conclusion.

Additionally, the keys are used for the DHE/ECDHE key exchange, which means posession of the certificate doesn’t expose the actual keys used to encrypt your data. What this means is that assuming someone has a 0day exploit of any kind that compromises our certificates, they would still not be able to decrypt and read your network data.

It’s also worth noting that, after the Heartbleed disclosure, a number of POCs (proof of concepts) have been made available to the public. Those scripts only attacked TLS running over HTTP (HTTPS) and don’t work with OpenVPN’s custom protocol over which it runs TLS, which is far more complex than running TLS over TCP like HTTPS does. As far as we know, there were no exploits in the wild for OpenVPN’s custom protocol implementation of TLS, especially not in the window from the announcement of the exploit to the fix by our team.

Our VPN Clients
Our clients do not require any updates, because the application has preventive measures to protect against connecting to a malicious server. Additionally, assuming that for a different reason a VPN client could connect to a malicious VPN server, the fact that the VPN client is vulnerable to heartbleed does not harm it in any additional way. Given that all modern operating systems we support through our client have memory protection that prevents a process from reading memory from a different process, the malicious server would only be able to read data that belongs to the OpenVPN client, that is, the data that the client is already sending to the server.

To be clear, even if for some reason your adversary was able to obtain your Private Internet Access login credentials, they still would not be able to decrypt your data transfer.

Peace of Mind
Please rest assured that we’re constantly researching security to ensure the highest levels of privacy for our users. While no single website/service can guarantee 100% security, we assure you that we are second to none in striving to achieve said levels. However, in the event that we’re not perfect, we have many safeguards in place. Finally, if you are a security researcher and believe you have discovered an exploit, please participate in Private Internet Access WASP.

We will continue to monitor Heartbleed for any new revelations and update if necessary.

PureVPN (source)

Heartbleed Bug Update # 2 [April, 11th 2014]

All server side upgrade activities have been done. PureVPN will keep you posted with further updates.

Heartbleed Bug Update # 1 [April, 11th 2014]

This is a short update that Client Side patches and upgrades have been posted in the Client Area. However the Server Side configurations are being upgraded. If things went as planned we expect the upgrades to complete within 3 hours.

We’ll keep you posted with further updates.

Heartbleed Bug – PureVPN is Secured

On 8th April 2014, serious vulnerability was discovered in OpenSSL 1.0.1. Termed ‘Heartbleed’, this vulnerability affects the cryptographic library of the OpenSSL platform. As OpenSSL is widely used across 70% of the internet, majority of websites, emails, IM services and more are vulnerable to data thefts of its users. This data theft can come in the form of stolen passwords, usernames, financial information, personal emails, private messages and more. Needless to say, it has quickly become a worldwide scare. If you’d like to read further about this menace, please visit: BBC Technology News.

Despite all the brouhaha, if you’re with PureVPN, you got nothing to worry about!

Sabai Technology (source)

Four days ago, a major security vulnerability affecting a popular encryption standard (SSL) was disclosed to the public. This vulnerability, nicknamed “Heartbleed,” put personal data at risk. Read more about its implications here.

What you need to know:

  • Sabai Technology takes security extremely seriously. A thorough investigation by our development team concludes that Sabai customer data was never at risk, as we never supported the SSL version vulnerable to Heartbleed on our website. Our findings have been verified through a third-party test (Qualys SSL Labs).

SecureTunnel (source)

SecureTunnel Heartbleed

StrongVPN (source)

With an abundance of caution based on new information coming out on the OpenSSL “Heartbleed” bug, we have revoked and reissued all of the ssl certificates being used on our websites.

This includes websites that were not affected by the “HeartBleed” bug.

We are also in the process of updating the ssl certificates used by our sstp servers.  This update requires a reboot of each sstp server which will occur during the week of April 14th.

A Note to all StrongVPN users, as a precautionary measure to the latest Heartbleed vulnerability,it is recommended that you change your billing password on the customer portal.

To update your billing password, please go to https://intranet.reliablehosting.com/services/intranet/ and log into the customer portal to change your password.Once you have logged in, navigate to the My Details tab, and choose the Change Password link at the top.

You may also reset your password from this location, https://intranet.reliablehosting.com/services/intranet/reset_billing_password/

To all StrongVPN Client Software users:  Once you change your billing password, please exit the StrongVPN Client Software, then re-open the StrongVPN Client and log in with your new password

Ton VPN (source)

Ton VPN Heartbeat

TorGuard (source)

After TorGuard’s engineering team carefully reviewed our network, software and website infrastructure, we would like to publicly update our clients on the results of these findings. While the threats posed by the OpenSSL 1.0.1a HeartBeat vulnerability are wide reaching and potentially very serious, our team can confidently say this development will have no impact on the security of TorGuard or its services. This post may be updated in the coming days as we continue to analyze and conduct our own private testing across our network.

TunnelBear (source)

TunnelBear heartbleed

Viking VPN (source)

What we are doing:

Emergency patching OpenSSL on all VPN servers to close the security hole. We are also updating the hardened server that generates customer keys and certs.

How this impacts our users:

Because we use ephemeral keys, and our website does not use OpenSSL, and our root CA for the VPN was not exposed by this vulnerability, the impact to the user is far less serious than it could have been. It is not possible through this vulnerability that a security key could have been exposed server-side, because the OpenVPN server build we use does not utilize a vulnerable version of OpenSSL (it uses the 1.0.0 fork, not the 1.0.1 fork).

Because we use the tls-auth directive for the “HMAC Firewall” setting in OpenVPN, and we do not allow it to be disabled, there is no risk of a client side data breach.

What user action should be taken:

– If you have any apps that rely on OpenSSL, you’ll want to upgrade to the latest version of OpenSSL as soon as possible. This vulnerability is going to get ugly fast, because it is very clear how the exploit works, and it is only a matter of time before an app is written specifically to exploit it.

– Although it is likely entirely unnecessary, the best step that our users can take right now would be to get a new set of keys and certs from our website. You can do this by signing in to the website, and visiting the profiles area. There you can generate a new set of config files that will contain entirely new keys and certs, and it will revoke all of the existing keys and certs for your account.

– A patch for the Windows OpenVPN Client has been issued that closes this vulnerability. You can download and install the latest version (2.3.2 I004) here. OpenVPN 2.3.3 is going to be released Thursday April 10th, which will contain the same fix, plus additional security enhancements and features.

– If you are using a non-windows client, OpenVPN does not have a built in OpenSSL library. You will just need to update the OpenSSL build to current via your repositories.

VyprVPN (source)

In the wake of the Heartbleed Bug, many Golden Frog customers have reached out to see if Golden Frog’s services were affected and whether customers need to take any action. First and foremost, rest assured all Golden Frog services are currently safe from the Heartbleed Bug. VyprVPN and the Golden Frog website have not ever used SSL libraries vulnerable to the TLS heartbeat exploit. Dump Truck’s SSL libraries were patched on April 8, 2014, and new SSL keys for the service were generated and deployed successfully. However, due to the nature of the bug, we still recommend all customers change their password, especially if you have used Dump Truck. Change your password »

Are the VyprVPN Apps Vulnerable?

Our apps use OpenSSL 1.0.1e, which is vulnerable to the Heartbleed Bug, for OpenVPN connections. However, even though the apps use a vulnerable version of OpenSSL, customer information is not at risk. To be compromised, the apps would need to connect to servers that send malicious heartbeat packets. Our apps only connect to VyprVPN servers, which do not send malicious packets. Even if the VyprVPN apps were somehow tricked into establishing a connection with a malicious server, the apps do not possess any information they are not already sending to the server. There is nothing a malicious server could gather from the client that it wouldn’t receive anyway.

We will be preparing updated versions of our apps that use non-vulnerable versions of OpenSSL, but at this time, customers are not at risk using the existing versions of the apps.

What is the Heartbleed Bug?

The Heartbleed Bug is a bug in OpenSSL’s implementation of the TLS heartbeat extension. When exploited, it allows an attacker access to the contents of the SSL server and client memory. This memory may include the SSL keys, the content of the data traversing the connection, and usernames and passwords transmitted or stored within the memory of the client and server. Because of the complete compromise of the SSL session and secret key data necessary to keep communications secure, this is considered an extremely critical bug. A full overview can be found at http://heartbleed.com/

What Action Do I Need to Take?

If you have used Dump Truck we highly recommend you change your password. To change your password visit this page: https://www.goldenfrog.com/controlpanel/account/password.

  • Log in to your Control Panel
  • Click Account
  • Click the Change link next to Password
  • Type your new password
  • Click the Change Password button

At Golden Frog we strive to keep our customers secure and appreciate all the questions we have received. We are happy to see our customers value their privacy and security and will continue to provide any updates necessary regarding heartbleed. If you have any further questions please don’t hesitate to contact our 24x7x365 support team via email or live chat.

If your VPN provider isn’t in our list then I strongly suggest you contact their support and inquire as to whether or not they have addressed Heartbleed.  If they aren’t clear that their site and servers have been patched then I’d suggest you look at alternatives.  You can start with those listed above since they are no longer vulnerable to the OpenSSL Heartbeat bug.  You can visit our main site at vpnsp.com for a full list of alternatives.

We will continue to add to our list as more responses come in.  We’re bound to miss a few so if you notice a response before we do please contact us @vpnsp and we’ll be more than happy to quickly update the list.