497
Novel attack against virtually all VPN apps neuters their entire purpose (arstechnica.com)
submitted 5 months ago by jeffw@lemmy.world to c/technology@lemmy.world
136 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] dgmib@lemmy.world 3 points 5 months ago

I can’t see routing traffic to some kind of local presence and then routing back to the target machine to route out through the tunnel adapter without a successful compromise of at least one other vulnerability.

That’s not to say there’s nothing you could do… I could see some kind of social engineering attack maybe… leaked traffic redirects to a local web server that presents a fake authentication screen that phishes credentials , or something like that. I could only see that working in a very targeted situation… would have to be something more than just a some rouge public wi-fi. They’d have to have some prior knowledge of the private network the target was connecting to.

[-] linearchaos@lemmy.world 2 points 5 months ago

We're already assuming you have something that can compromise DHCP. Once you make that assumption who's to say you don't have a VM hanging out.

this post was submitted on 06 May 2024
497 points (98.3% liked)

Technology

59020 readers
2756 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world