**Peter Todd** @pete@petertodd.org · 2021-02-02T17:12:59Z

Peter Todd @pete@petertodd.org

http://blog.zorinaq.com/my-experience-with-the-great-firewall-of-china/

tl;dr: Someone tests ExpressVPN and other methods to get past the Great Firewall. Turns out ExpresVPN uses weak 1024bit RSA keys, which can probably be cracked by about $10 million worth of specialized hardware... and ExpressVPN actually fixes the problem.

Feb 02, 2021, 17:12 · · Web · · ·

**1.21 jigawatt** @121@jigawatt.io · Feb 02, 2021, 18:23

**1.21 jigawatt** @121@jigawatt.io · Feb 02, 2021, 18:23

Feb 02, 2021, 18:23

1.21 jigawatt @121@jigawatt.io

@pete interesting article... frankly had no idea they "allow" VPNs at all, it should be easy to block them, don't VPNs use a fixed (or infrequently updated) pool of IP addresses?

**orionwl** @orionwl@x0f.org · Feb 02, 2021, 18:26

**orionwl** @orionwl@x0f.org · Feb 02, 2021, 18:26

Feb 02, 2021, 18:26

orionwl @orionwl@x0f.org

@121 @pete yes and no, it's fairly easy to block specific VPN providers, but there are quite a lot of them and many do shift IP ranges over time, so it will always be a cat and mouse game

**Free Pietje** @FreePietje@x0f.org · Feb 03, 2021, 18:25

**Free Pietje** @FreePietje@x0f.org · Feb 03, 2021, 18:25

Feb 03, 2021, 18:25

Free Pietje @FreePietje@x0f.org

@pete
The article, including the claim of $10m to crack 1024RSA, was from 5 years ago.
Not an insignificant detail.

Probably just me, but I hold it against them that in 2016 they used 1024RSA keys, while I already used 4096RSA keys by then. And I am/was not running a business where ppl think they get (extra) security.

Resources

Developers

What is Mastodon?

petertodd.org

More…