AreYouGerman Posted May 8 Share Posted May 8 (edited) In short, it's basically you going in some public wifi or compromised wifi and you won't know that your traffic is not routed through your VPN as you are connected to your VPN and everything seems in order. Everything is affected except Android, at the time of writing. "TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation." More on: https://securityaffairs.com/162894/hacking/tunnelvision-attack-vpn.html https://www.techradar.com/pro/security/many-top-vpn-apps-can-be-hacked-and-almost-totally-ruined-by-this-attack Edited May 8 by AreYouGerman 1 1 Link to comment Share on other sites More sharing options...
Popular Post OneMoreFarang Posted May 8 Popular Post Share Posted May 8 24 minutes ago, AreYouGerman said: it's basically you going in some public wifi or compromised wifi and you won't know that your traffic is not routed through your VPN Do you really expect to use public Wi-Fi securely? Really? If you want some security, then use something provided by a big ISP like internet at home or mobile data on a phone. And never assume it is 100% secure. It isn't. 2 2 Link to comment Share on other sites More sharing options...
Popular Post AreYouGerman Posted May 8 Author Popular Post Share Posted May 8 3 minutes ago, OneMoreFarang said: Do you really expect to use public Wi-Fi securely? Really? Yes. That's what VPNs companies use in their ads. 4 1 Link to comment Share on other sites More sharing options...
Popular Post gargamon Posted May 8 Popular Post Share Posted May 8 7 minutes ago, AreYouGerman said: Yes. That's what VPNs companies use in their ads. Hahaha. You believe the marketing BS in the ads? 3 Link to comment Share on other sites More sharing options...
sammieuk1 Posted May 9 Share Posted May 9 That's my BBC up the chuffer then whilst having a Big Mac ..Think I will stay home and order by Grab 🤔 Link to comment Share on other sites More sharing options...
Popular Post BE88 Posted May 9 Popular Post Share Posted May 9 So that it works in Thailand for Pornhub I have no problems 3 Link to comment Share on other sites More sharing options...
OneMoreFarang Posted May 9 Share Posted May 9 2 hours ago, AreYouGerman said: Yes. That's what VPNs companies use in their ads. Next thing you tell us you use whitening cream because you watched their ads... 2 1 1 Link to comment Share on other sites More sharing options...
OneMoreFarang Posted May 9 Share Posted May 9 23 minutes ago, BE88 said: So that it works in Thailand for Pornhub I have no problems Maybe you should go out and look around. 1 1 1 Link to comment Share on other sites More sharing options...
Popular Post BE88 Posted May 9 Popular Post Share Posted May 9 6 minutes ago, OneMoreFarang said: Maybe you should go out and look around. This is for training only 😆 1 4 Link to comment Share on other sites More sharing options...
digger70 Posted May 9 Share Posted May 9 8 hours ago, sammieuk1 said: That's my BBC up the chuffer then whilst having a Big Mac ..Think I will stay home and order by Grab 🤔 Yep ,stay home and watch P Hub Hands on . Link to comment Share on other sites More sharing options...
RayWright Posted May 9 Share Posted May 9 Using a Windows 10 & 11 Laptop, have activated the Hotspot on my Thai mobile and activated Android based VPN from the phone. Anyone see an issue with this simple work-around? Link to comment Share on other sites More sharing options...
scottiejohn Posted May 9 Share Posted May 9 VPNs (Winscribe and Tunnel bear) on Windows 11 laptops and desktop are working fine for me in CM connecting to UK and Germany! Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 9 Author Share Posted May 9 10 hours ago, OneMoreFarang said: Next thing you tell us you use whitening cream because you watched their ads... Tell 'us'? Is this "whitening cream" in the room with you now? 🤣 1 Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 9 Author Share Posted May 9 12 hours ago, gargamon said: Hahaha. You believe the marketing BS in the ads? Aren't you the guy who runs Linux and thinks it's safe and his VPNs are not affected. Hahaha, oh dude. Get educated, Ubuntu click boy. Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 9 Author Share Posted May 9 2 hours ago, scottiejohn said: VPNs (Winscribe and Tunnel bear) on Windows 11 laptops and desktop are working fine for me in CM connecting to UK and Germany! You didn't understand the issue. Re-read articles. 1 1 Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 9 Author Share Posted May 9 3 hours ago, RayWright said: Using a Windows 10 & 11 Laptop, have activated the Hotspot on my Thai mobile and activated Android based VPN from the phone. Anyone see an issue with this simple work-around? Kinda. However the adding VPN on Android is also prone to leaking. Best is to use VPN on your PC and connect to your Android hotspot. 1 1 Link to comment Share on other sites More sharing options...
Popular Post eisfeld Posted May 9 Popular Post Share Posted May 9 (edited) Misleading topic. It's absolutely untrue that all VPNs are vulnerable to this attack which btw isn't exactly a new idea just the variation of using that specific DHCP option. It's a variant of prior attacks like Poison Tap. Good VPN clients add firewall rules that prevent this issue. And it's only a concern if you are using someone elses network like a public Wifi. At home you got nothing to worry about because it's the router that has to perform the attack. Nobody on the general internet can snoop on you with this. Edited May 9 by eisfeld 1 3 Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 9 Author Share Posted May 9 (edited) 32 minutes ago, eisfeld said: Misleading topic. Nah, it's 100% correct. All VPNs are affected. When is a different question. 32 minutes ago, eisfeld said: And it's only a concern if you are using someone elses network like a public Wifi. At home you got nothing to worry about because it's the router that has to perform the attack. Nobody on the general internet can snoop on you with this. As stated in the initial post, only if you are using a compromised Wifi. It's more unlikely at home, but never say never. Also, better to get rid of the bug, even at home, no? Or just ignore it? Edited May 9 by AreYouGerman 2 1 Link to comment Share on other sites More sharing options...
NativeBob Posted May 9 Share Posted May 9 if your traffic being encrypted straight from your client than passes through whatever wifi to your VPN gate, then decrypted on another side of the world >>> what can go wrong? Any sniffing at WiFi will be useless That's is not some new concept - I think we used it last century already 1 Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 9 Author Share Posted May 9 1 minute ago, NativeBob said: if your traffic being encrypted straight from your client than passes through whatever wifi to your VPN gate, then decrypted on another side of the world >>> what can go wrong? Any sniffing at WiFi will be useless That's is not some new concept - I think we used it last century already You didn't understand the issue. Re-read articles. 1 2 Link to comment Share on other sites More sharing options...
scottiejohn Posted May 9 Share Posted May 9 26 minutes ago, AreYouGerman said: You didn't understand the issue. Re-read articles. I suggest you re-read your OP-"ALL VPNs vulnerable / unsafe" and also reword it to stop your unfounded scaremongering! I have responded to your OP indicating that I am not having problems! I and I suspect a large number of the rest of us on this forum do not need lectures, or misleading OP,s from people like you! 1 1 1 Link to comment Share on other sites More sharing options...
scottiejohn Posted May 9 Share Posted May 9 34 minutes ago, AreYouGerman said: You didn't understand the issue. Re-read articles. You didn't understand the issue. Re-read I suggest you post some accurate articles in future. 2 Link to comment Share on other sites More sharing options...
eisfeld Posted May 9 Share Posted May 9 11 minutes ago, AreYouGerman said: Nah, it's pretty accurate as it's most likely that you are vulnerable than not. Also, better to check to be safe, right. I am okay with changing the topic to "77% of VPNs vulnerable / unsafe". As stated in the initial post, only if you are using a compromised Wifi. It's more unlikely at home, but never say never. Also, better to get rid of the bug, even at home, no? Or just ignore it? Where did you take that number from? BTW the second link in your OP just redirects to https://www.techradar.com/features/why-your-business-needs-a-vpn which is a generic article trying to sell VPNs. 1 1 Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 9 Author Share Posted May 9 (edited) 16 minutes ago, scottiejohn said: I suggest you re-read your OP-"ALL VPNs vulnerable / unsafe" and also reword it to stop your unfounded scaremongering! I have responded to your OP indicating that I am not having problems! I and I suspect a large number of the rest of us on this forum do not need lectures, or misleading OP,s from people like you! There's nothing misleading, all VPNs are affected. It's a fact. When they are affected is a different question. If you login through a Hotel WIFI, your VPN is affected! But you still don't understand the problem. You think it's about "if it's working". That's not the issue. Nevermind, though, if you don't feel threatened that you are basically not using a VPN on f. ex. Hotel Wifis even if "it's working", then you can just safely ignore everything. Edited May 9 by AreYouGerman 2 1 Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 9 Author Share Posted May 9 Just now, eisfeld said: Where did you take that number from? BTW the second link in your OP just redirects to https://www.techradar.com/features/why-your-business-needs-a-vpn which is a generic article trying to sell VPNs. ALL VPN's are affected if they are connecting to a compromised Wif with enabled DHCPi. Facts, bro. 2 Link to comment Share on other sites More sharing options...
scottiejohn Posted May 9 Share Posted May 9 (edited) 35 minutes ago, AreYouGerman said: But you still don't understand the problem. You are the one who has got it wrong and do not wish to, or are able to, understand the problem. It is an age old problem that I assume all reputable VPN providers have bypassed/blocked etc! IMO you are just a scaremonger of no standing! Edited May 9 by scottiejohn 1 Link to comment Share on other sites More sharing options...
eisfeld Posted May 9 Share Posted May 9 35 minutes ago, AreYouGerman said: ALL VPN's are affected if they are connecting to a compromised Wif with enabled DHCPi. Facts, bro. Alternative facts, bro. Android is not affect. Proper VPN clients setting firewalls are not affected. Wireguard with proper usage of namespaces is not affected. Users using something like a mobile router are not affected. Users at home are not affected. The list goes on. Again, where did the 77% come from? 1 Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 9 Author Share Posted May 9 7 minutes ago, scottiejohn said: You are the one who has got it wrong and no not wish to or are able to understand the problem. It is an age old problem that I assume all reputable VPN providers have bypassed/blocked etc! IMO you are just a scaremonger of no standing! I have got absolutely nothing wrong, you are just parroting the other guy because you absolutely have 0 understanding of this. It's not an 'age old' problem as it has been just discovered a couple of days ago! It could have been exploited for 20+ years, though, without anybody having an understanding for that. It's not scaremongering, it's a real security threat. 1 2 Link to comment Share on other sites More sharing options...
AreYouGerman Posted May 9 Author Share Posted May 9 Just now, eisfeld said: Alternative facts, bro. Android is not affect. So, Android is a VPN now? Okay, buddy, no point in helping you out. 2 Link to comment Share on other sites More sharing options...
eisfeld Posted May 9 Share Posted May 9 (edited) 1 minute ago, AreYouGerman said: So, Android is a VPN now? Okay, buddy, no point in helping you out. VPNs on Android. Don't be dense. BTW Android does have a VPN built in. Edited May 9 by eisfeld Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now