https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/
At Defcon 20 last weekend, David Hulton and I gave a presentation on cracking MS-CHAPv2.[...]
It shows up most notably in PPTP VPNs, and is also used quite heavily in WPA2 Enterprise
environments ? often in cases where its mutual authentication properties are being relied upon.
For the talk, we put together a list of the hundreds of VPN providers which depend on PPTP.
This included some high profile examples such as iPredator, The Pirate Bay's VPN service, which
is presumably designed to protect communication from state-level observation:[...]
As an example, based on the analysis of the Schneier paper, Riseup.net, a security-focused
VPN provider, went so far as to generate uniformly random 21-character passphrases for their
users, without ever allowing the user the opportunity to choose their own, in order to ensure
that they could deploy their PPTP VPN service safely.
- --
"Per trasmettere 1 bit di informazione in un ambiente a temperatura T si necessitano kTln2 joule di energia"
gpg --keyserver pgp.mit.edu --recv-keys E25ED3A9
web site http://www.autistici.org/packz
blog http://packz.noblogs.org
