> all traffic has to exit the VPN's company's endpoint, and at that point it can be captured.
If the only thing they're dealing with is VPN's used as a private proxy for access to the public internet, you're right, and if so it's not so troubling (well, as in it is "only" just as troubling as having them access everyones web traffic).
But arguably most VPN traffic is exiting inside private networks and are intended for machines within those private networks. If they are capable of breaking or circumventing the crypto of those, then that's troubling at a whole different level because it potentially means massive unknown weaknesses in either specific crypto products, or in algorithms that have been assumed to still be reasonably safe.
Many corporate VPNs are secured via RSA SecurID and their keyfobs. Several years ago the SecurID source was compromised by hackers[1] and it was suspected the master seed/key was lost. Imagine if the NSA had access to that key -- it'd certainly be a juicy target for them.
The most reasonable assumption to make right now is to assume that the NSA does have the key. They may not, but but then again the recent revelations have been so absurdly horrifying that I wouldn't put it past them.
The slide talks about VPN startups. Some corporate VPN connections could be also compromised for a number of reasons. There are possibly undisclosed weaknesses in the "gold standard" VPN solutions, such as OpenVPN, as well as the protocols they use.
Security's dirty secret is that security is an unobtainable goal. The goal of designing secure systems isn't to create something impenetrable (i.e. secure), but something that's almost impossible to penetrate. 100% secure systems are about as common as rooster eggs.
I took that to mean establishment of VPN connections, rather than companies operating VPN services.
Of course total security is impossible. But it would still be troubling if breaking common VPN services is not only possible but also doable with small enough resources that "any analyst" at NSA can just request it.
If the only thing they're dealing with is VPN's used as a private proxy for access to the public internet, you're right, and if so it's not so troubling (well, as in it is "only" just as troubling as having them access everyones web traffic).
But arguably most VPN traffic is exiting inside private networks and are intended for machines within those private networks. If they are capable of breaking or circumventing the crypto of those, then that's troubling at a whole different level because it potentially means massive unknown weaknesses in either specific crypto products, or in algorithms that have been assumed to still be reasonably safe.