From 9feae8f81bc95527cfbb77516a43d8330fd091e6 Mon Sep 17 00:00:00 2001 From: Davide De Rosa Date: Fri, 22 Mar 2019 18:37:19 +0100 Subject: [PATCH] . --- disclaimer/index.html | 14 +++++++------- faq/index.html | 18 +++++++++++------- feed.xml | 2 +- index.html | 15 +++++++-------- privacy/index.html | 14 +++++++------- s/main.css | 13 +++++++++++++ 6 files changed, 46 insertions(+), 30 deletions(-) diff --git a/disclaimer/index.html b/disclaimer/index.html index ac7bfc1..af75279 100644 --- a/disclaimer/index.html +++ b/disclaimer/index.html @@ -21,7 +21,7 @@ - + @@ -31,23 +31,23 @@ - + - + - - + + - - + + diff --git a/faq/index.html b/faq/index.html index 1ba348a..0e15f31 100644 --- a/faq/index.html +++ b/faq/index.html @@ -21,7 +21,7 @@ - + @@ -31,23 +31,23 @@ - + - + - - + + - - + + @@ -75,6 +75,10 @@

Why is compression not supported?

+

UPDATE: due to user demands and broader compatibility, today Passepartout does support compression, but LZO only. Both --comp-lzo [yes] and --compress lzo are now legal options. Other algorithms (e.g. LZ4) are not supported and never will. All in all, the use of compression is still discouraged.

+ +

~

+

Some users may have noticed that Passepartout is not compatible with any compression algorithm supported by OpenVPN. This is intentional and comes from a logical reasoning. Besides being a relevant overhead against marginal gains -most protocols in the application layer (e.g. HTTP) already use compression nowadays-, compression is vulnerable to an attack that may be able to reveal the secret session keys.

The attack is called VORACLE and is extensively explained by the very authors of OpenVPN. Most major providers have taken action and fixed the issue, but many are still refraining to disable compression for no acceptable reason. In case this happens, you are warmly encouraged to report the issue immediately and possibly link to either the official resource you find above, as it comes directly from the software makers, or this page.

diff --git a/feed.xml b/feed.xml index caedb79..878d074 100644 --- a/feed.xml +++ b/feed.xml @@ -1 +1 @@ -Jekyll2019-03-05T22:04:28+01:00https://passepartoutvpn.app/feed.xmlPassepartout, OpenVPN client for iOS and macOSPassepartout is a non-official, user-friendly OpenVPN® client for iOS and macOS.Davide De Rosa \ No newline at end of file +Jekyll2019-03-22T18:37:18+01:00https://passepartoutvpn.app/feed.xmlPassepartout, OpenVPN client for iOS and macOSPassepartout is a non-official, user-friendly OpenVPN® client for iOS and macOS.Davide De Rosa \ No newline at end of file diff --git a/index.html b/index.html index 4e9c04b..dfefa50 100644 --- a/index.html +++ b/index.html @@ -21,7 +21,7 @@ - + @@ -31,23 +31,23 @@ - + - + - - + + - - + + @@ -73,7 +73,6 @@
  • Wise on battery.
  • Trusted networks.
  • Presets for major providers.
    • -
  • No compression vulnerability.
    • diff --git a/privacy/index.html b/privacy/index.html index 55dc6fb..373067a 100644 --- a/privacy/index.html +++ b/privacy/index.html @@ -21,7 +21,7 @@ - + @@ -31,23 +31,23 @@ - + - + - - + + - - + + diff --git a/s/main.css b/s/main.css index 72bd504..7f4b08d 100644 --- a/s/main.css +++ b/s/main.css @@ -30,6 +30,19 @@ p, ul { line-height: 1.5em; } +pre, code { + background-color: #ddd; + color: #515d71; +} + +p code { + padding: 0.2em; +} + +pre { + padding: 0.5em; +} + footer { color: lightgray; margin-top: 3em;