pull down to refresh
related posts
139 sats \ 1 reply \ @kepford 7 May
VPNs have many purposes. If true, this negates one use. Using an untrusted network where a hostel actor is using this attack. And you are not on Linux or Android. Kinda sensationalized title but it is a big deal.
Apple and Windows have had issues with their VPNs in the past. Not the first time someone has found a hole.
reply
31 sats \ 0 replies \ @kepford 7 May
This advice from the researchers is the best advice.
reply
1185 sats \ 0 replies \ @nullama 7 May
Note that it requires the attacker to be connected to the network where you are connected to be able to run their own DHCP server. So, basically no effect to your home network.
reply
166 sats \ 1 reply \ @_vnprc 7 May
Title
body
these editors really do be trippin'
reply
0 sats \ 0 replies \ @xz 7 May
Finding that vpns invariably run much better on Linux
reply
11 sats \ 0 replies \ @TNStacker 7 May
This is good information. Thanks!
reply
76 sats \ 1 reply \ @SwapMarket 7 May
If an attacker got into your local network you are already screwed.
reply
11 sats \ 0 replies \ @ACYK 7 May
This makes you feel less comfortable with VPN use at an AirBnB or a coffee shop though.
reply
1 sat \ 13 replies \ @OT 7 May
“Except on Linux and Android”
reply
64 sats \ 2 replies \ @Lumor 7 May
Linux is still slightly vulnerable according to the article.
reply
10 sats \ 1 reply \ @siggy47 7 May
Yes. Do you know of a source to explain how to close the vulnerability?
reply
172 sats \ 0 replies \ @Lumor 7 May
Linked in the articke: https://www.leviathansecurity.com/blog/tunnelvision
Guess we'll have to see how the attack applies to different VPN providers. Maybe 1-2 do use namespaces.
Initially I thought this was more of a threat on mobile networks (I guess not Android) or when using public WiFi. If one has control over one's home router doing the DHCP it shouldn't be an issue. But what are our home router talking to? A DHCP server of our internet provider. I'm not sure whether these 121 configurations can pass multiple hops, have not investigated further.
reply
21 sats \ 9 replies \ @siggy47 7 May
I have to ask: who the hell is not using Linux and android?
reply
64 sats \ 8 replies \ @kepford 7 May
Most people. I would say most stackers even.
reply
0 sats \ 7 replies \ @siggy47 7 May
Yeah. I guess you're right. I forget that everyone doesn't despise Apple as much as I do. I assume a solution will be available soon.
reply
54 sats \ 2 replies \ @kepford 7 May
You are rare Siggy. Don't forget that.
reply
55 sats \ 1 reply \ @siggy47 7 May
Yeah, my family says that too, but in an entirely different context.
reply
54 sats \ 0 replies \ @kepford 7 May
I think I understand. I've never fit in. I know the feeling. At least my friends and family like me.
reply
0 sats \ 3 replies \ @positronic_bot 7 May
There's also this company called Microsoft you may have heard about.
I hear their software is kinda popular.
reply
3 sats \ 2 replies \ @siggy47 7 May
Was that one founded by the guy who's going to save the world?
reply
54 sats \ 1 reply \ @positronic_bot 8 May
I think you're thinking of Microstrategy. Similar name but different software.
reply
20 sats \ 0 replies \ @siggy47 8 May
Similar egos, though? No?
reply on another page
0 sats \ 0 replies \ @Satosora 8 May
So is it still safe to use a vpn?
I use one constantly..
reply
0 sats \ 4 replies \ @Coinsreporter 7 May
So, the VPNs are no longer relevant?
reply
140 sats \ 1 reply \ @nullama 7 May
This is a hypothetical case in which the attacker has control of the network where they can run their own DHCP server.
Android is immune to this attack, and in Linux it can be setup to mitigate this risk.
reply
0 sats \ 0 replies \ @itsrealfake 7 May
like in the case of NSL'd provider?
reply
110 sats \ 1 reply \ @kepford 7 May freebie
No. They still are. I hate titles like this. On Android you are unaffected. This is only an issue on untrusted networks. I suspect it will be fixed in the future as well.
reply
0 sats \ 0 replies \ @Coinsreporter 7 May
Yes, I agree.
reply