runswithjedi@lemmy.world to

Cybersecurity@sh.itjust.worksEnglish · 2 months ago

Proton VPN TunnelVision support response.

47

Proton VPN TunnelVision support response.

runswithjedi@lemmy.world to

Cybersecurity@sh.itjust.worksEnglish · 2 months ago

I contacted Proton VPN about the TunnelVision exploit and I got a response. I feel great about it, thank you Proton!

Hi,

Thank you for your patience.

Our engineers have conducted a thorough analysis of this threat, reconstructed it experimentally, and tested it on Proton VPN. Please note that the attack can only be carried out if the local network itself is compromised.

Regardless, we’re working on a fix for our Linux application that will provide full protection against it, and it’ll be released as soon as possible.

If there’s anything else that I can help you with in the meantime, please feel free to let me know.

Have a nice day!

Chat

runswithjedi@lemmy.worldOP
link
fedilink
English
arrow-up
1·
2 months ago
The exploit is possible because the local network may have a rogue DHCP server overwriting IP routes. If you’re on a mobile network, they are the local network. TunnelVision means a mobile carrier can spy on your VPN traffic now. Unless you run Android.
- TheUncannyObserver@lemmy.dbzer0.com
  link
  fedilink
  English
  arrow-up
  1
  arrow-down
  2·
  edit-2
  21 days ago
  deleted by creator

Cybersecurity@sh.itjust.works

cybersecurity@sh.itjust.works

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !cybersecurity@sh.itjust.works

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We’re all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your “friends” socials you’re just going to get banned so don’t do that.

Learn about hacking

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

183 users / day
667 users / week
1.63K users / month
4.27K users / 6 months
1 local subscriber
4.98K subscribers
839 Posts
1.41K Comments
Modlog