Logjam TLS Attack and VPN sites

Vulnerability information from weakdh.org: The Logjam attack allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography. This allows the attacker to read and modify any data passed over the connection. The attack is reminiscent of the FREAK attack, but is due to a flaw in the TLS protocol rather than an implementation vulnerability, and attacks a Diffie-Hellman key exchange rather than an RSA key exchange. The attack affects any server that supports DHE_EXPORT ciphers, and affects all modern web browsers. 8.4% of the Top 1 Million domains were initially vulnerable.

In this article we will post the results of the Logjam test against several, well-known VPN provider websites. Testing was made on May 21, 2015 and the vulnerability is known to the public since May 19.

2 Comments

  1. Jake June 9, 2015
    • vpnreviewer June 10, 2015

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.