ALL VPNs vulnerable / unsafe

[AreYouGerman]

In short, it's basically you going in some public wifi or compromised wifi and you won't know that your traffic is not routed through your VPN as you are connected to your VPN and everything seems in order. Everything is affected except Android, at the time of writing.

 

"TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation."

 

More on:

https://securityaffairs.com/162894/hacking/tunnelvision-attack-vpn.html

https://www.techradar.com/pro/security/many-top-vpn-apps-can-be-hacked-and-almost-totally-ruined-by-this-attack

 

 

 

 

[OneMoreFarang]

24 minutes ago, AreYouGerman said:

it's basically you going in some public wifi or compromised wifi and you won't know that your traffic is not routed through your VPN

 

Do you really expect to use public Wi-Fi securely? Really?

If you want some security, then use something provided by a big ISP like internet at home or mobile data on a phone.

And never assume it is 100% secure. It isn't. 

[AreYouGerman]

3 minutes ago, OneMoreFarang said:

Do you really expect to use public Wi-Fi securely? Really?

 

Yes. That's what VPNs companies use in their ads.

[gargamon]

7 minutes ago, AreYouGerman said:

 

Yes. That's what VPNs companies use in their ads.

Hahaha. You believe the marketing BS in the ads?

[sammieuk1]

That's my BBC up the chuffer then whilst having a Big Mac ..Think I will stay home and order by Grab 🤔

[BE88]

 

So that it works in Thailand for Pornhub I have no problems

[OneMoreFarang]

2 hours ago, AreYouGerman said:

 

Yes. That's what VPNs companies use in their ads.

Next thing you tell us you use whitening cream because you watched their ads... 

[OneMoreFarang]

23 minutes ago, BE88 said:

So that it works in Thailand for Pornhub I have no problems

Maybe you should go out and look around.

[BE88]

6 minutes ago, OneMoreFarang said:

Maybe you should go out and look around.

 

This is for training only 😆

[digger70]

8 hours ago, sammieuk1 said:

That's my BBC up the chuffer then whilst having a Big Mac ..Think I will stay home and order by Grab 🤔

Yep ,stay home and watch P Hub Hands on .

[RayWright]

Using a Windows 10 & 11 Laptop, have activated the Hotspot on my Thai mobile and activated Android based VPN from the phone. Anyone see an issue with this simple work-around?

[scottiejohn]

VPNs (Winscribe and Tunnel bear) on Windows 11 laptops and desktop are working fine for me in CM connecting to UK and Germany!

[AreYouGerman]

10 hours ago, OneMoreFarang said:

Next thing you tell us you use whitening cream because you watched their ads... 

 

Tell 'us'? Is this "whitening cream" in the room with you now? 🤣

[AreYouGerman]

12 hours ago, gargamon said:

Hahaha. You believe the marketing BS in the ads?

 

Aren't you the guy who runs Linux and thinks it's safe and his VPNs are not affected. Hahaha, oh dude. Get educated, Ubuntu click boy.

[AreYouGerman]

2 hours ago, scottiejohn said:

VPNs (Winscribe and Tunnel bear) on Windows 11 laptops and desktop are working fine for me in CM connecting to UK and Germany!

 

You didn't understand the issue. Re-read articles.

[AreYouGerman]

3 hours ago, RayWright said:

Using a Windows 10 & 11 Laptop, have activated the Hotspot on my Thai mobile and activated Android based VPN from the phone. Anyone see an issue with this simple work-around?

 

Kinda. However the adding VPN on Android is also prone to leaking. Best is to use VPN on your PC and connect to your Android hotspot.

[eisfeld]

Misleading topic. It's absolutely untrue that all VPNs are vulnerable to this attack which btw isn't exactly a new idea just the variation of using that specific DHCP option. It's a variant of prior attacks like Poison Tap.  Good VPN clients add firewall rules that prevent this issue.

 

And it's only a concern if you are using someone elses network like a public Wifi. At home you got nothing to worry about because it's the router that has to perform the attack. Nobody on the general internet can snoop on you with this.

 

 

[AreYouGerman]

32 minutes ago, eisfeld said:

Misleading topic.

 

Nah, it's 100% correct. All VPNs are affected. When is a different question.

 

32 minutes ago, eisfeld said:

And it's only a concern if you are using someone elses network like a public Wifi. At home you got nothing to worry about because it's the router that has to perform the attack. Nobody on the general internet can snoop on you with this.

 

As stated in the initial post, only if you are using a compromised Wifi. It's more unlikely at home, but never say never. Also, better to get rid of the bug, even at home, no? Or just ignore it?

[NativeBob]

if your traffic being encrypted straight from your client than passes through whatever wifi to your VPN gate, then decrypted on another side of the world >>> what can go wrong? 

Any sniffing at WiFi will be useless

That's is not some new concept - I think we used it last century already

[AreYouGerman]

1 minute ago, NativeBob said:

if your traffic being encrypted straight from your client than passes through whatever wifi to your VPN gate, then decrypted on another side of the world >>> what can go wrong? 

Any sniffing at WiFi will be useless

That's is not some new concept - I think we used it last century already

 

You didn't understand the issue. Re-read articles.

[scottiejohn]

26 minutes ago, AreYouGerman said:

 

You didn't understand the issue. Re-read articles.

I suggest you re-read your OP-"ALL VPNs vulnerable / unsafe" and also reword it to stop your unfounded scaremongering!

I have responded to your OP indicating that I am not having problems!

I and I suspect a large number of the rest of us on this forum do not need lectures, or misleading OP,s from people like you!

[scottiejohn]

34 minutes ago, AreYouGerman said:

 

You didn't understand the issue. Re-read articles.

You didn't understand the issue. Re-read I suggest you post some accurate articles in future.

 

[eisfeld]

11 minutes ago, AreYouGerman said:

 

Nah, it's pretty accurate as it's most likely that you are vulnerable than not. Also, better to check to be safe, right. I am okay with changing the topic to "77% of VPNs vulnerable / unsafe".

 

 

As stated in the initial post, only if you are using a compromised Wifi. It's more unlikely at home, but never say never. Also, better to get rid of the bug, even at home, no? Or just ignore it?

 

Where did you take that number from? BTW the second link in your OP just redirects to https://www.techradar.com/features/why-your-business-needs-a-vpn which is a generic article trying to sell VPNs.

[AreYouGerman]

16 minutes ago, scottiejohn said:

I suggest you re-read your OP-"ALL VPNs vulnerable / unsafe" and also reword it to stop your unfounded scaremongering!

I have responded to your OP indicating that I am not having problems!

I and I suspect a large number of the rest of us on this forum do not need lectures, or misleading OP,s from people like you!

 

There's nothing misleading, all VPNs are affected. It's a fact. When they are affected is a different question. If you login through a Hotel WIFI, your VPN is affected!

 

But you still don't understand the problem. You think it's about "if it's working". That's not the issue. Nevermind, though, if you don't feel threatened that you are basically not using a VPN on f. ex. Hotel Wifis even if "it's working", then you can just safely ignore everything.

 

[AreYouGerman]

Just now, eisfeld said:

 

Where did you take that number from? BTW the second link in your OP just redirects to https://www.techradar.com/features/why-your-business-needs-a-vpn which is a generic article trying to sell VPNs.

 

ALL VPN's are affected if they are connecting to a compromised Wif with enabled DHCPi. Facts, bro.

[scottiejohn]

35 minutes ago, AreYouGerman said:

But you still don't understand the problem.

You are the one who has got it wrong and do not wish to, or are able to, understand the problem.  It is an age old problem that I assume all reputable VPN providers have bypassed/blocked etc!

IMO you are just a scaremonger of no standing!

[eisfeld]

35 minutes ago, AreYouGerman said:

 

ALL VPN's are affected if they are connecting to a compromised Wif with enabled DHCPi. Facts, bro.

 

Alternative facts, bro. Android is not affect. Proper VPN clients setting firewalls are not affected. Wireguard with proper usage of namespaces is not affected. Users using something like a mobile router are not affected. Users at home are not affected. The list goes on. Again, where did the 77% come from?

[AreYouGerman]

7 minutes ago, scottiejohn said:

You are the one who has got it wrong and no not wish to or are able to understand the problem.  It is an age old problem that I assume all reputable VPN providers have bypassed/blocked etc!

IMO you are just a scaremonger of no standing!

 

I have got absolutely nothing wrong, you are just parroting the other guy because you absolutely have 0 understanding of this.

 

It's not an 'age old' problem as it has been just discovered a couple of days ago! It could have been exploited for 20+ years, though, without anybody having an understanding for that.

 

It's not scaremongering, it's a real security threat.

 

 

[AreYouGerman]

Just now, eisfeld said:

 

Alternative facts, bro. Android is not affect.

 

So, Android is a VPN now? Okay, buddy, no point in helping you out.

[eisfeld]

1 minute ago, AreYouGerman said:

 

So, Android is a VPN now? Okay, buddy, no point in helping you out.

 

VPNs on Android. Don't be dense. BTW Android does have a VPN built in.