NSA has VPNs in Vulcan death grip -- no, really, that's what they call it

The National Security Agency’s Office of Target Pursuit (OTP) maintains a team of engineers dedicated to cracking the encrypted traffic of virtual private networks (VPNs) and has developed tools that could potentially uncloak the traffic in the majority of VPNs used to secure traffic passing over the Internet today.

A slide deck from a presentation by a member of OTP’s VPN Exploitation Team, dated September 13, 2010, details the process the NSA used at that time to attack VPNs -- including tools with names drawn from Star Trek and other bits of popular culture. While some VPN technologies -- specifically, those based on the Point-to-Point Protocol (PPTP) -- have previously been identified as being vulnerable because of the way they exchange keys at the beginning of a VPN session, others have generally been assumed to be safer from scrutiny. But in 2010, the NSA had already developed tools to attack the most commonly used VPN encryption schemes: Secure Shell (SSH), Internet Protocol Security (IPSec), and Secure Socket Layer (SSL) encryption.