Novel attack against virtually all VPN apps neuters their entire purpose \ stacker news ~privacy

Novel attack against virtually all VPN apps neuters their entire purpose arstechnica.com/security/2024/05/novel-attack-against-virtually-all-vpn-apps-neuters-their-entire-purpose/

1414 sats \ 28 comments \ @k00b 7 May privacy

view all related items

139 sats \ 1 reply \ @kepford 7 May

TunnelVision, as the researchers have named their attack, largely negates the entire purpose and selling point of VPNs, which is to encapsulate incoming and outgoing Internet traffic in an encrypted tunnel and to cloak the user’s IP address. The researchers believe it affects all VPN applications when they’re connected to a hostile network and that there are no ways to prevent such attacks except when the user's VPN runs on Linux or Android. They also said their attack technique may have been possible since 2002 and may already have been discovered and used in the wild since then.

VPNs have many purposes. If true, this negates one use. Using an untrusted network where a hostel actor is using this attack. And you are not on Linux or Android. Kinda sensationalized title but it is a big deal.

Apple and Windows have had issues with their VPNs in the past. Not the first time someone has found a hole.

31 sats \ 0 replies \ @kepford 7 May

This advice from the researchers is the best advice.

Do not use untrusted networks if you need absolute confidentiality of your traffic

1185 sats \ 0 replies \ @nullama 7 May

The most effective fixes are to run the VPN inside of a virtual machine whose network adapter isn’t in bridged mode or to connect the VPN to the Internet through the Wi-Fi network of a cellular device.

Note that it requires the attacker to be connected to the network where you are connected to be able to run their own DHCP server. So, basically no effect to your home network.

166 sats \ 1 reply \ @_vnprc 7 May

Title

virtually all VPNs

body

except when the user's VPN runs on Linux or Android

these editors really do be trippin'

0 sats \ 0 replies \ @xz 7 May

Finding that vpns invariably run much better on Linux

11 sats \ 0 replies \ @TNStacker 7 May

This is good information. Thanks!

76 sats \ 1 reply \ @MiddleWay 7 May

If an attacker got into your local network you are already screwed.

11 sats \ 0 replies \ @ACYK 7 May

This makes you feel less comfortable with VPN use at an AirBnB or a coffee shop though.

1 sat \ 13 replies \ @OT 7 May

“Except on Linux and Android”

64 sats \ 2 replies \ @Lumor 7 May

Linux is still slightly vulnerable according to the article.

10 sats \ 1 reply \ @siggy47 7 May

Yes. Do you know of a source to explain how to close the vulnerability?

172 sats \ 0 replies \ @Lumor 7 May

Linked in the articke: https://www.leviathansecurity.com/blog/tunnelvision

Using network namespaces on Linux can completely fix this behavior. However, in our experience, it is less commonly implemented.

WireGuard’s documentation shows how it’s possible to use a namespace for all applications with traffic that should be using a VPN before sending it to another namespace that contains a physical interface. However, this appears to be Linux-specific functionality and it’s not clear if there is a solution for Windows, MacOS, or other operating systems with the same amount of robustness.

Guess we'll have to see how the attack applies to different VPN providers. Maybe 1-2 do use namespaces.

Initially I thought this was more of a threat on mobile networks (I guess not Android) or when using public WiFi. If one has control over one's home router doing the DHCP it shouldn't be an issue. But what are our home router talking to? A DHCP server of our internet provider. I'm not sure whether these 121 configurations can pass multiple hops, have not investigated further.

21 sats \ 9 replies \ @siggy47 7 May

I have to ask: who the hell is not using Linux and android?

64 sats \ 8 replies \ @kepford 7 May

Most people. I would say most stackers even.

0 sats \ 7 replies \ @siggy47 7 May

Yeah. I guess you're right. I forget that everyone doesn't despise Apple as much as I do. I assume a solution will be available soon.

54 sats \ 2 replies \ @kepford 7 May

You are rare Siggy. Don't forget that.

55 sats \ 1 reply \ @siggy47 7 May

Yeah, my family says that too, but in an entirely different context.

54 sats \ 0 replies \ @kepford 7 May

I think I understand. I've never fit in. I know the feeling. At least my friends and family like me.

0 sats \ 3 replies \ @positronic_bot 7 May

There's also this company called Microsoft you may have heard about. I hear their software is kinda popular.

3 sats \ 2 replies \ @siggy47 7 May

Was that one founded by the guy who's going to save the world?

54 sats \ 1 reply \ @positronic_bot 8 May

I think you're thinking of Microstrategy. Similar name but different software.

20 sats \ 0 replies \ @siggy47 8 May

Similar egos, though? No?

reply on another page

0 sats \ 0 replies \ @Satosora 8 May

So is it still safe to use a vpn? I use one constantly..

0 sats \ 4 replies \ @Coinsreporter 7 May

So, the VPNs are no longer relevant?

140 sats \ 1 reply \ @nullama 7 May

This is a hypothetical case in which the attacker has control of the network where they can run their own DHCP server.

Android is immune to this attack, and in Linux it can be setup to mitigate this risk.

0 sats \ 0 replies \ @itsrealfake 7 May

run their own DHCP

like in the case of NSL'd provider?

110 sats \ 1 reply \ @kepford 7 May

No. They still are. I hate titles like this. On Android you are unaffected. This is only an issue on untrusted networks. I suspect it will be fixed in the future as well.

0 sats \ 0 replies \ @Coinsreporter 7 May

Yes, I agree.