Jump to content

ALL VPNs vulnerable / unsafe


Recommended Posts

Just now, eisfeld said:

 

VPNs on Android. Don't be dense. BTW Android does have a VPN built in.

 

 

As you are the one who wants to be extra correct about the topic title you should follow the same rules about what you are writing. Or, don't be dense, as you said it!

  • Confused 1
Link to comment
Share on other sites

15 hours ago, AreYouGerman said:

In short, it's basically you going in some public wifi or compromised wifi and you won't know that your traffic is not routed through your VPN as you are connected to your VPN and everything seems in order. Everything is affected except Android, at the time of writing.

 

"TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation."

 

More on:

https://securityaffairs.com/162894/hacking/tunnelvision-attack-vpn.html

https://www.techradar.com/pro/security/many-top-vpn-apps-can-be-hacked-and-almost-totally-ruined-by-this-attack

 

 


The NSA can already do that.  Mai bpen rai. 

Link to comment
Share on other sites

It's getting blown way out of proportion. 99% of VPN users have nothing to worry about. They can continue watching their Netflix or downloading torrents or whatever they use it for.

  • Confused 1
  • Agree 1
Link to comment
Share on other sites

2 minutes ago, eisfeld said:

It's getting blown way out of proportion. 99% of VPN users have nothing to worry about. They can continue watching their Netflix or downloading torrents or whatever they use it for.

 

Well, as a German you should know that 'I have nothing to hide' doesn't lead to less surveillance. If people have nothing to hide, why are they using a VPN anyway, right.

 

They found that 50 of the vendors that they tested were vulnerable. Also, OpenVPN, the most used VPN software is vulnerable in standard configuration. So, saying not 'all VPNs are affected' just because you can modify it or prevent it, is really not helping.

 

Affected VPN Providers and VPN Protocols

We found that VPNs that solely rely on routing rules to secure the host’s traffic are vulnerable.

https://www.leviathansecurity.com/blog/tunnelvision

  • Sad 1
  • Thumbs Up 1
Link to comment
Share on other sites

6 minutes ago, AreYouGerman said:

 

Well, as a German you should know that 'I have nothing to hide' doesn't lead to less surveillance. If people have nothing to hide, why are they using a VPN anyway, right.

 

They found that 50 of the vendors that they tested were vulnerable. Also, OpenVPN, the most used VPN software is vulnerable in standard configuration. So, saying not 'all VPNs are affected' just because you can modify it or prevent it, is really not helping.

 

Affected VPN Providers and VPN Protocols

We found that VPNs that solely rely on routing rules to secure the host’s traffic are vulnerable.

https://www.leviathansecurity.com/blog/tunnelvision

 

Where is the number 50 from? It's not from the linked article. They don't mention at all how many they tested. And I want to ask again where the 77% you mentioned is from.

 

Anyways you have to be a bit realistic about the threat model for the majority of users. Most people read these headlines and articles and get duped into fear while in reality it's not going to hurt them in any way. Corporate VPN users for example... if the traffic doesn't go through the VPN then it also wont have access to their networks. Most of these route to non-public IPs anyways in the 10.0.0.0/8 range or similar. Nobody will be able to snoop on that because there's nothing to route to. And then you have the big number of users who use VPNs to cirmcumvent geo blocking or some such. Again nothing to worry. Big nothing burger for most.

  • Agree 1
Link to comment
Share on other sites

Just now, eisfeld said:

 

Where is the number 50 from? It's not from the linked article. They don't mention at all how many they tested. And I want to ask again where the 77% you mentioned is from.

 

"All VPNs that the researchers tested are affected by the vulnerability called “TunnelVision” – they claim to have informed over 50 manufacturers about the security problem."

 

https://www.heise.de/news/Tunnelvision-Angreifer-koennen-VPNs-aushebeln-und-Daten-umleiten-9710188.html

 

20 minutes ago, eisfeld said:

99% of VPN users have nothing to worry about.

 

Please give me a verifiable source for that claim.

 

 

  • Haha 2
Link to comment
Share on other sites

4 minutes ago, connda said:

If your worried about it then set you VPN to run data via TCP over port 443.  Bob's your uncle.

 

Uhm no, the attack is on the IP routing table via DHCP.

TCP, UDP, ports etc don't matter. It's at a layer under that.

  • Agree 1
Link to comment
Share on other sites

3 minutes ago, AreYouGerman said:

"All VPNs that the researchers tested are affected by the vulnerability called “TunnelVision” – they claim to have informed over 50 manufacturers about the security problem."

 

https://www.heise.de/news/Tunnelvision-Angreifer-koennen-VPNs-aushebeln-und-Daten-umleiten-9710188.html

 

Nothing they researches published mentioned the number 50. I don't know where Heise took that from. Anyways notifying a vendor about a problem doesn't mean they tested it. And it also doesn't mean that the users of a vendor need to worry about it - even if their VPN is vulnerable.

5 minutes ago, AreYouGerman said:

Please give me a verifiable source for that claim.

 

Again don't be dense. Of course I have no source. It's a figure of speech and not a claim of fact. You really are German 🙂

  • Haha 1
Link to comment
Share on other sites

If you're using Linux with a VPN using WireGuard:

WireGuard routing technology closes the side channel the Tunnelvision exploits with Linux OS's

  • Like 1
Link to comment
Share on other sites

Make sure to lock-down your computer, place a mask on its intake fan, keep it at least 2 meters from other computers, and make sure to give it at least two EUA Pfizer shots and all will be well.  :lock:  😷 💉

  • Confused 1
  • Haha 1
  • Agree 1
Link to comment
Share on other sites

Any hope of readers getting good advice is being lost in pointless personal attacks. Posts contravening community standards, or quoting them have been removed.

 

It's ok to disagree, but personal attacks aren't the way to do it.

Link to comment
Share on other sites

Posted (edited)

One must be really living under a stone, if posting this, about VPN's, and thinking that that is a new discovery or news item. Anyone with brains knew this since ages, hence the need for multiple tunnels and layers aside from other detailled technical knowledge, to actually be as anonymous as it can be. 

The entire sale of VPN for consumers is just a big business, because well, most people are suckerfishes. Anyone with brains would setup a 2-5 layer aside from using low key residential proxies that dynamically switch as a whole, making it virtually impossible to ever find out who it is, unless your the guy who set up his market place with a hotmail address, to then be caught and hang yourself (alpha bay). Yup you read that right, without that mistake, he would still run.

 

As a consumer, without interest or technical skills and knowledge, and not willing to learn nor put money + time in it, you can give up already.

Edited by ChaiyaTH
Link to comment
Share on other sites

Posted (edited)
4 hours ago, AreYouGerman said:

Security researchers say this scary exploit could render all VPNs useless

VPNs are no longer safe if these security researchers are right.
 

You are really a tool lol, reading articles like this, to then think and know you are up-to-date, while this is like years old knowledge. Same time tons of solutions but whatever. These are the worst creatures; those who read that type of tech articles, while being entirely stupid about tech themself.

Edited by ChaiyaTH
Link to comment
Share on other sites

31 minutes ago, AreYouGerman said:

 

A lot of blabla and still you didn't even address how to fix the current vulnerability. Multiple layers? Haha, nope, 100% you didn't even understand the vulnerability. 😅

 

I actually agree with you here. Multiple layers don't help in any way against this attack because the attack causes the clients to not even send the traffic through the first hop and so subsequent hops are bypassed as well. In other words it causes the traffic to not enter the VPN in the first place and flow out somewhere else.

Link to comment
Share on other sites

56 minutes ago, ChaiyaTH said:

One must be really living under a stone, if posting this, about VPN's, and thinking that that is a new discovery or news item. Anyone with brains knew this since ages, hence the need for multiple tunnels and layers aside from other detailled technical knowledge, to actually be as anonymous as it can be. 

The entire sale of VPN for consumers is just a big business, because well, most people are suckerfishes. Anyone with brains would setup a 2-5 layer aside from using low key residential proxies that dynamically switch as a whole, making it virtually impossible to ever find out who it is, unless your the guy who set up his market place with a hotmail address, to then be caught and hang yourself (alpha bay). Yup you read that right, without that mistake, he would still run.

 

As a consumer, without interest or technical skills and knowledge, and not willing to learn nor put money + time in it, you can give up already.

 

Not everyone is running a darknet drug marketplace and hiding from the police 🙂

Link to comment
Share on other sites

From NordVPN Re Tunnelvision

We would like to reassure you that none of our applications leak traffic if 'Stay invisible on a local network' (from iOS 16) and 'Kill Switch' features are enabled within the app settings menu. Side channel attack would result in lost Internet connection, but not the data leak as well.
 
In theory, the attacker could exploit the vulnerability if:

  • they have access to the network their target is connected to;
  • they know the destination IP the target is trying to access;
  • resources target is trying to access are not under any kind of CDN.

If all of these requirements are met, attacker could try to block certain IP addresses and then guess whether the target's traffic has dropped because of it. This could reinforce their beliefs that the target is visiting the website they are suspecting, but it would still be probabilistic. That said, even in this case, it won't provide attackers with any content of the target's requests.

  • Thumbs Up 1
Link to comment
Share on other sites

On 5/9/2024 at 8:40 AM, BE88 said:

 

So that it works in Thailand for Pornhub I have no problems

The only people who need to watch pornhub in Thailand must be into some totally weird stuff........

  • Haha 1
Link to comment
Share on other sites

1 hour ago, johng said:

The best explanation I've read so far.

https://tunnelcrack.mathyvanhoef.com/details.html

 

very interesting that this "backdoor"  has been around since the very beginning of VPN's in 1996

and  "The attacks can also be carried out by a malicious ISP or compromised core Internet router."

 

How very useful for all those 3 letter agencies !!!

 

1. That's an older, different attack from what this topic is about and therefore can't act as an explanation.

2. It's not a backdoor, just many VPN clients didn't handle simple network configurations properly

Link to comment
Share on other sites

5 minutes ago, eisfeld said:

1. That's an older, different attack from what this topic is about and therefore can't act as an explanation.

As far as I understand things  tunnelvision and tunnelcrack are  very similar   except for the  option 121 bit in tunnelvision ?

they achieve the same goal by abusing the routing table and tricking the VPN client into sending information outside of the VPN tunnel.

 

https://www.tunnelvisionbug.com/

 

"Recently, a technique known as TunnelCrack allowed attackers to leak data from a VPN. Simultaneously, we have been working on a more general technique we call “TunnelVision.”

TunnelVision leaks VPN traffic more simply and powerfully. We have demonstrated an attacker can leak all traffic just by being on the same local network as a VPN user.

From the user’s perspective, they appear as if they are connected to the VPN."

 

The main difference seems to be.

 

"However, neither technique described in TunnelCrack leveraged DHCP option 121 to push routes. Pushing routes through DHCP has a significantly higher impact from the same attacker vantage point (the ability to hand out IP leases for a non-RFC1918 range or spoofing DNS replies)."

 

11 minutes ago, eisfeld said:

2. It's not a backdoor

I put "backdoor" in quotes,  as you correctly point out it's not a backdoor as such   just has the same very bad results.

Link to comment
Share on other sites

9 minutes ago, johng said:

As far as I understand things  tunnelvision and tunnelcrack are  very similar   except for the  option 121 bit in tunnelvision ?

they achieve the same goal by abusing the routing table and tricking the VPN client into sending information outside of the VPN tunnel.

 

https://www.tunnelvisionbug.com/

 

"Recently, a technique known as TunnelCrack allowed attackers to leak data from a VPN. Simultaneously, we have been working on a more general technique we call “TunnelVision.”

TunnelVision leaks VPN traffic more simply and powerfully. We have demonstrated an attacker can leak all traffic just by being on the same local network as a VPN user.

From the user’s perspective, they appear as if they are connected to the VPN."

 

The main difference seems to be.

 

"However, neither technique described in TunnelCrack leveraged DHCP option 121 to push routes. Pushing routes through DHCP has a significantly higher impact from the same attacker vantage point (the ability to hand out IP leases for a non-RFC1918 range or spoofing DNS replies)."

 

There are similarities for sure that's why I also said earlier this new attack is just a variation of similar prior attacks and nothing shocking. Even TunnelCrack is not the first of this kind. And even before attacks on VPNs there have been attacks on routing tables for decades to leak traffic somewhere where it was not intended to go. That's why there are carefully designed VPN clients which are not vulnerable to these attacks because the basic idea behind them is always the same. Classic examples are BGP hijacking or DNS cache poinoning. The idea is always the same: redirect traffic from its intended destination. Just using different features and attacking different layers. The problem with attacks that work directly on an enduser device is that they can prevent the traffic from entering the VPN in the first place and therefore getting encrypted. That's why you still want a layer of encryption that doesn't depend on the network routing in applications like TLS for websites, email servers and so on.

Link to comment
Share on other sites

2 hours ago, sungod said:

The only people who need to watch pornhub in Thailand must be into some totally weird stuff........

 

 

The only bizarre types are those who don't admit it but are the first to go there assiduously.

Link to comment
Share on other sites

40 minutes ago, BE88 said:
3 hours ago, sungod said:

The only people who need to watch pornhub in Thailand must be into some totally weird stuff........

 

 

The only bizarre types are those who don't admit it but are the first to go there assiduously.

 

I really have no idea what that means, does that mean you like it up the hoop?

  • Confused 2
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.




×
×
  • Create New...