Outrunning NSA’s Bullrun
Following the latest rumors about NSA and its connected Intelligence Services, many of you Ghosties are concerned about the decryption program called ‘Bullrun’ which is said to be able to hack SSL and VPNs – along with the equal alarming news that a lot of US companies have been forced to implement backdoors to their services.
But, and it’s a big ‘BUT’ here, we need to differentiate between an eligible concern and unfounded fears. The encryption line of battle has not been broken yet. It’s under heavy attack, no doubt about that, but good encryption still works the way it should: Protecting your data!
It’s true, that an encryption program called ‘Bullrun’ exists, and it really seems it’s able to compromise security barriers like SSL (as you use with your online banking) – but it doesn’t work as good as the NSA hoped it would. That’s why they force companies to implement backdoors and influence the programming of encryption standards (so they can easily break it). In a way that bad news is a good news, because it shows that despite all the money and the man power that goes in there, less than expected came out.
Regarding CyberGhost we’d like to ensure you that CyberGhost VPN is still a good friend:
1. We don’t use any of the maybe hacked or unsafe technologies, instead we began even before ‘Bullrun’ became public, to provide the VPN tunnel to and on ALL our servers (Free and Premium) with AES with 256 bit key length. There are no hints that AES-256 is even near to be hacked. In fact, at present it’s much more likely the earth will fall into the sun than the NSA will be able to decrypt 256 bit AES secured data. (This goes also for TrueCrypt, so don’t fall for any propaganda claiming TrueCrypt is a threat and guiding you to real unsafe technologies like Psyop.)
2. Our Windows client as well as the announced Mac OS X and Android client are based on OpenVPN. This protocol is Open Source and controlled by a worldwide community of programmers and therefore backdoor free.
3. We run our business under the Romanian legislation and can’t be forced by the NSA to take part in their goal for worldwide espionage. No backdoors included!
4. Some still in use SSL components will steadily be exchanged and updated – even though they are commonly not yet be seen as unsafe.