Right, I made the assumption that most VPNs are using forward
   secrecy...
   which is obviously not the case.
   On 01/08/13 23:43, SiNA Rabbani wrote:

     For example, In Iran which is funny how its mentioned in slide 16,
     weak encryption is common.  Most VPN providers sell PPTP with MSCHAP
     (thanks to the built in windows client) which I think is as weak as
     the password set.

     Three VPN logins are being emailed from providers to users in plain
     text.
     It can't be too difficult for NSA or anyone analyzing the traffic to
     decrypt the VPN content.

     --SiNA

   On Aug 1, 2013 4:38 AM, "Faraz" <[1]faraz_mah@lavabit.com> wrote:

     What's are peoples take on slide 17?
     "Show me all VPN startups in country X, and give me data so I can
     decrypt and discover user"
     [2]http://www.theguardian.com/world/interactive/2013/jul/31/nsa-xkey
     score-program-full-presentation

   Before digital, there was mechanical. View and purchase fascinating
   mechanical
   antique pocket watches and vintage wrist watches. Visit Bogoff Antiques
   today.
   [3]http://www.bogoff.com

References

   1. mailto:faraz_mah@lavabit.com
   2. http://www.theguardian.com/world/interactive/2013/jul/31/nsa-xkeyscore-program-full-presentation
   3. http://www.bogoff.com/