"OpenVPN by design has incorporated PFS (Perfect Forward Secrecy) since the beginning, even before the Heartbleed issue first appeared..."
Pleasanton, California (PRWEB) April 16, 2014
“After being informed of a major threat, dubbed 'Heartbleed' (CVE-2014-0160), within one of the Internet's most significant security libraries (OpenSSL), we needed to make clear to all of our users and customers using OpenVPN Access Server and Private Tunnel service that they are protected against the Heartbleed threat,” said Francis Dinha, CEO of OpenVPN Technologies Inc. “An extraordinary number of services across the internet may be affected by Heartbleed, but actually even before Heartbleed, we had already taken extraordinary measures to prevent this type of threat due to our product development and design,” stated Dinha.
CEO Dinha made the following points why OpenVPN is secure:
- Private Tunnel relies on OpenVPN technology, and although the OpenVPN uses OpenSSL library, OpenVPN by design has incorporated PFS (Perfect Forward Secrecy) since the beginning, even before the Heartbleed issue first appeared two years ago, which means even if your private key is somehow stolen, it cannot be used to decrypt past or future VPN sessions.
- Even though our exposure is minimal, we have made sure all our Private Tunnel web servers and OpenVPN servers are using the latest versions of OpenSSL library fix which is not vulnerable to the Heartbleed issue. In addition, we are working on an enhanced version of OpenVPN to enable our customers the ability to select various SSL methods which will include OpenSSL, PolarSSL, and more.
- Private Tunnel will also protect you against MITM (Man-In-The-Middle) attacks in case you are accessing other websites who have had private keys stolen via the Heartbleed threat. The Private Tunnel client uses DNS protection methods to shield you from DNS spoofing or router hijacking, which are the most common attack methods used for MITM.
About OpenVPN Technologies, Inc.
OpenVPN Technologies Inc. is a privately held company based in Pleasanton, California, integrating a suite of leading-edge networking and software technologies. OpenVPN, our award-winning open source VPN product, has established itself as a de-facto standard in the open source networking space, with over 10 million users since inception. OpenVPN is the provider of next-generation secure and web scalable communication services, implementing its business plan by offering its enterprise software product targeting businesses of all sizes and Private Tunnel product targeting all consumers around the globe.
OpenVPN Technologies, Inc.
Francis Dinha, CEO & Founder
Forward-looking statements made in this release made pursuant to the "safe harbor" provision of the Private Securities Reform Act of 1995. Forward-looking statements made by OpenVPN Technologies, Inc. are not a guarantee of future performance.