TunnelVision, as the researchers have named their attack, largely negates the entire purpose and selling point of VPNs, which is to encapsulate incoming and outgoing Internet traffic in an encrypted tunnel and to cloak the user's IP address. The researchers believe it affects all VPN applications when they're connected to a hostile network and that there are no ways to prevent such attacks except when the user's VPN runs on Linux or Android. They also said their attack technique may have been possible since 2002 and may already have been discovered and used in the wild since then.
( . . . . )
Interestingly, Android is the only operating system that fully immunizes VPN apps from the attack because it doesn't implement option 121. For all other OSes, there are no complete fixes. When apps run on Linux there's a setting that minimizes the effects, but even then TunnelVision can be used to exploit a side channel that can be used to de-anonymize destination traffic and perform targeted denial-of-service attacks. Network firewalls can also be configured to deny inbound and outbound traffic to and from the physical interface. This remedy is problematic for two reasons: (1) a VPN user connecting to an untrusted network has no ability to control the firewall and (2) it opens the same side channel present with the Linux mitigation.
Jump in the discussion.
No email address required.
if you use VPNs for anything except pirating or ban evasion you're a brainlet and deserve what you get coming
Jump in the discussion.
No email address required.
I VPNd to my house once
Jump in the discussion.
No email address required.
More options
Context
I don't even vpn to pirate, I ain't paying for that shit
Jump in the discussion.
No email address required.
I'd pirate VPNs if that was possible
Jump in the discussion.
No email address required.
It is possible, just steal someone elses credit card
Jump in the discussion.
No email address required.
internet piracy is ethical, they said
it's not a gateway drug to real life piracy and no one is gonna start swashbuckling and looting, they said
Jump in the discussion.
No email address required.
More options
Context
More options
Context
More options
Context
i used to do that a long time ago but my ISP sent me a physical letter yelling at me for torrenting the first 10 seasons of the simpsons
Jump in the discussion.
No email address required.
that's all they can do lol. I got cease and desists a couple times from my ISP when I was younger, just ignore them and file it in that special filing cabinet. It's not illegal to pirate except for when you are making money off the pirated shit. Consumer downloads are fine ISPs will just sent a letter to your house that you are downloading porn so your parents yell at you
Jump in the discussion.
No email address required.
i could have sworn i heard stories of people getting their internet shut off because they pirated stuff. but thats good to know that i wont get in trouble
Jump in the discussion.
No email address required.
They went hard after a bunch of random consumers twenty years ago, and between that and the letters it instilled the fear of consequences in a lot of people. But no one gets done for that sort of thing now, it's far more about DCMA claims against YouTubers, whether it's fair use or not.
Pirate away.
Jump in the discussion.
No email address required.
Warner still sends ISPs notices, so in theory you can get still get your service cut off for piracy, but it's generally not worth it to take anyone to court for it these days.
Jump in the discussion.
No email address required.
More options
Context
More options
Context
More options
Context
More options
Context
More options
Context
More options
Context
More options
Context