It's been known for years that (no surprise) the TLAs will target the keys, it's obviously easier than breaking encryption. VPN services will be one of the top targets for that, and most likely have been subverted by insiders who are moles for the TLA, or where they have successfully "hunted" the sysops. It's what they do. They probably do the same for the major hosting providers and the managed facilities operators. Of course, I imagine that over time, the more reputable VPN providers will have been improving their key integrity and systems administration procedures, so that they have to work harder and may sometimes "go dark" for varying lengths of time. Even there, if we're talking about in-country, it may not be much of a stretch to correlate source-destination using packet analysis/timing.
If you are still using these protocols you may as well be using WEP on your router too. At least the "generational age" of the technologies will match. LOL!
(S)he does state that they exploit OpenVPN: https://twitter.com/MKUltraSperg/status/849130351435825152
Yes, but nothing in the attached images seems relevant to OpenVPN. So, until someone links to actual OpenVPN documentation, I'm calling ********.