Surf the Web using a Different IP with TunnelBear – Simple, Free VPN

Want a fast, reliable, and super easy to use VPN solution? Look no further than “TunnelBear“.

I was checking my Twitter feed the other day and saw a Tweet about “TunnelBear” from one of my old friends Bill Mullins. Bill runs one of the best computer tech blogs in existence. (Check it out!)

TunnelBear was created to allow people from foreign countries to surf the web as if they were in the US or the UK. Supposedly it was meant to help people get the “Western” appearance of the web from countries that are locking down or restricting internet access.

It is one of the best, and easiest to use proxy type programs that I have ever seen.

After you download and install TunnelBear you will be asked to create an account. TunnelBear offers 500 MB of free bandwith a month and an additional 1GB/month if you Tweet an add for the service. You can also purchase an unlimited account for $4.99 a month or a year of unlimited service for $49.99.

Once you have an account, you are presented with the simple and easy to use TunnelBear interface:


An On/Off button and a US/UK selector. That’s it!

Simply select the country you want to have an IP address in and turn it on. Your computer will then be configured to use TunnelBear’s VPN service in the country that you specified.

So, for instance I set mine to the UK. When I did a search to find where my IP was located I got this:

Tunnelbear London

With a flick of a switch, my computer was now using an internet address near Leeds, UK!

Switching to the US position and my internet address was immediately changed to an address located in the United States, just outside of San Francisco:

Tunnelbear US

Once the country you want to use is selected, just open up your browser of choice and you will experience the web as if you are physically located in that country.

But how do you verify that it worked? Simple – before you turn it on, just surf to

Your current IP address will be listed and your location will be displayed on a Google Map. Then turn TunnelBear on and refresh your browser. Your IP address and physical location will change on the map!

It is that easy!

You can track your monthly usage right from the control panel:


TunnelBear worked great in tests. It was fast, and responsive. The only problem I had was when I tried switching from the US to UK without turning TunnelBear off in between. I had an address in Leeds, UK and switched it to the US. I was then given an address in Ireland!

But turning it off in between worked flawlessly.

TunnelBear – What a great and simple to use product!

Chapcrack and CloudCracker unlock MS-CHAPv2 based VPN Traffic

For those of us who missed David Hulton and Moxie Marlinspike’s Defcon 20 presentation on cracking MS-CHAPv2, here is an overview:

1) All users and providers of PPTP VPN solutions should immediately start migrating to a different VPN protocol. PPTP traffic should be considered unencrypted.

2) Enterprises who are depending on the mutual authentication properties of MS-CHAPv2 for connection to their WPA2 Radius servers should immediately start migrating to something else.

That is all, have a nice day…

Wait a minute, “PPTP traffic should be considered unencrypted,” what???

A recently released article by Moxie explains in detail how they are able to crack MS-CHAPv2 communication, used in many PPTP based VPNs with a 100% success rate. But that is not all, the protocol is also used in WPA2 enterprise environments for connecting to Radius authentication servers.


When VPNs started to become popular I remember the constant mantra that remote VPN communication is safe because it uses PPTP, safely encapsulating your traffic before sending it over the web. Well, it looks like this may not be the case anymore.

From Moxie’s article the weakness lays in the user password hash and three DES keys used in the encoding operation:

“The hash we’re after, however, is used as the key material for three DES operations. DES keys are 7 bytes long, so each DES operation uses a 7 byte chunk of the MD4 hash output. This gives us an opportunity for a classic divide and conquer attack. Instead of brute forcing the MD4 hash output directly (a complexity of 2128), we can incrementally brute force 7 bytes of it at a time.

The keys come from the output of the MD4 of the password, which is only 16 bytes. Microsoft fills in the difference by padding the last key with zeros:

In doing so, this can significantly reduce the cracking time. Moxie created a tool called Chapcrack that will pull the necessary information from a network packet capture and cracks the third DES key. But this still leaves the first two DES keys, which could take a long time to crack.

Unless, that is, you take the output from Chapcrack and upload it to CloudCracker.

Cloudhacker is an online password cracking service that connects to a mean FPGA based box built by Pico Computing that they claim can crack any DES key within 24 hours:

“They were able to build an FPGA box that implemented DES as a real pipeline, with one DES operation for each clock cycle. With 40 cores at 450mhz, that’s 18 billion keys/second. With 48 FPGAs, the Pico Computing DES cracking box gives us a worst case of ~23 hours for cracking a DES key, and an average case of about half a day.”

So basically, if you can get a network packet capture, you can use Chapcrack to pull the DES key from it, and then pass it to CloudCracker to crack it within 24 hours. Then you can decrypt the entire network packet capture, or login to the users VPN or radius server.


Looks like it is time to move on from MS-CHAPv2 based security products.