Javascript is disabled. Actions will not work.
Jump to content
Lemmy.zip
menu
Communities
Create Post
Create Community
heart
Support Lemmy
search
Search
Login
Sign Up
Modlog
alert-triangle
CONTENT WARNING
: Some deleted posts may contain disturbing or adult material. Proceed with caution.
/c/security
Modlog
Filter by action
All
Removing Posts
Locking Posts
Featuring Posts
Removing Comments
Removing Communities
Banning From Communities
Adding Mod to Community
Transferring Communities
Adding Mod to Site
Banning From Site
Filter by user
All
search
All
Time
mod
Action
4 months ago
mod
Banned
BusKill
@lemmy.kde.social
from the community
Security
@lemmy.ml
reason: Rule 4
4 months ago
mod
Banned
TropicalDingdong
@lemmy.world
from the community
Security
@lemmy.ml
reason: Rule 2
expires: 4 months ago
6 months ago
mod
Banned
Moonrise2473
@feddit.it
from the community
Security
@lemmy.ml
reason: Rule 2
expires: 6 months ago
7 months ago
mod
Banned
Brave Little Hitachi Wand
@lemmy.world
from the community
Security
@lemmy.ml
reason: Rule 1, 2
expires: 5 months ago
7 months ago
mod
Banned
Rivalarrival
@lemmy.today
from the community
Security
@lemmy.ml
reason: Rule 1, 2
expires: 5 months ago
7 months ago
mod
Banned
EuropaTheLastBattle👈
@infosec.pub
from the community
Security
@lemmy.ml
reason: lemmy.ml rule 1
8 months ago
mod
Banned
Socsa
@sh.itjust.works
from the community
Security
@lemmy.ml
reason: Rule 1, 2
expires: in 4 months
9 months ago
mod
Removed
Post
Codeintegrity-ai/mutahunter: Open Source, Language Agnostic LLM-based mutation testing tool
reason: Rule 4
10 months ago
mod
Banned
Mossy Feathers (She/They)
@pawb.social
from the community
Security
@lemmy.ml
reason: Rule 1
expires: 9 months ago
10 months ago
mod
Removed
Comment
This is the best summary I could come up with: --- Researchers have devised an attack against nearly all virtual private network applications that forces them to send and receive some or all traffic outside of the encrypted tunnel designed to protect it from snooping or tampering. TunnelVision, as the researchers have named their attack, largely negates the entire purpose and selling point of VPNs, which is to encapsulate incoming and outgoing Internet traffic in an encrypted tunnel and to cloak the user’s IP address. The attack works by manipulating the DHCP server that allocates IP addresses to devices trying to connect to the local network. A setting known as option 121 allows the DHCP server to override default routing rules that send VPN traffic through a local IP address that initiates the encrypted tunnel. When apps run on Linux there’s a setting that minimizes the effects, but even then TunnelVision can be used to exploit a side channel that can be used to de-anonymize destination traffic and perform targeted denial-of-service attacks. This remedy is problematic for two reasons: (1) a VPN user connecting to an untrusted network has no ability to control the firewall and (2) it opens the same side channel present with the Linux mitigation. --- The original article contains 903 words, the summary contains 196 words. Saved 78%. I'm a bot and I'm [open source](https://github.com/RikudouSage/LemmyAutoTldrBot)!
by
AutoTL;DR
@lemmings.world
reason: bad summary
Next
