You are viewing a single thread.
View all comments
77 points

So for this attack to work, the attacker needs to be able to run a malicious DHCP server on the target machine’s network.

Meaning they need to have already compromised your local network either physically in person or by compromising a device on that network. If you’ve gotten that far you can already do a lot of damage without this attack.

For the average person this is yet another non-issue. But if you regularly use a VPN over untrusted networks like a hotel or coffee shop wifi then, in theory, an attacker could get your traffic to route outside the VPN tunnel.

permalink
report
reply
3 points

I think the real meat here would be the work from home crowd. If you can find a hole in there router, you can inject routing tables and defeat VPN.

But the VPN client doesn’t have to be stupid. You could certainly detect rogue routes and shut down the network.

permalink
report
parent
reply
4 points

As I mentioned in my other comment, this wouldn’t let an attacker eavesdrop on traffic on a VPN to a private corporate network by itself. It has to be traffic that is routable without the VPN.

permalink
report
parent
reply
3 points

I don’t know, if you’ve already have full control over routing and have some form of local presence, seems to me you could do something interesting with a proxy, maybe even route the traffic back to the tunnel adapter.

permalink
report
parent
reply
45 points

Put another way, this means that a malicious coffee shop or hotel can eavesdrop on all VPN traffic on their network. That’s a really big fucking deal.

permalink
report
parent
reply
27 points

Not all VPN traffic. Only traffic that would be routable without a VPN.

This works by tricking the computer into routing traffic to the attacker’s gateway instead of the VPN’s gateway. It doesn’t give the attacker access to the VPN gateway.

So traffic intended for a private network that is only accessible via VPN (like if you were connecting to a corporate network for example) wouldn’t be compromised. You simply wouldn’t be able to connect through the attacker’s gateway to the private network, and there wouldn’t be traffic to intercept.

This attack doesn’t break TLS encryption either. Anything you access over https (which is the vast majority of the internet these days) would still be just as encrypted as if you weren’t using a VPN.

For most people, in most scenarios, this amount to a small invasion of privacy. Our hypothetical malicious coffee shop could tell the ip addresses of websites you’re visiting, but probably not what you’re doing on those websites, unless it was an insecure website to begin with. Which is the case with or with VPN.

For some people or some situations that is a MASSIVE concern. People who use VPNs to hide what they’re doing from state level actors come to mind.

But for the average person who’s just using a VPN because they’re privacy conscious, or because they’re location spoofing. This is not going to represent a significant risk.

permalink
report
parent
reply
2 points

That’s a fair point, you’re right.

I do still think that a lot of people do use VPNs in public spaces for privacy from an untrusted provider, though, perhaps more than your initial comment seemed to suggest.

permalink
report
parent
reply
2 points

Plaintext connections inside corporate networks can still be MITM’ed if the adversary knows what they’re targeting, while they can’t connect to the corporate network they can still steal credentials

permalink
report
parent
reply
12 points

Not quite, this could be exploited by telecom providers when using mobile data. Also using a VPN for networks you DON’T control is one of the more popular uses of the things

permalink
report
parent
reply
44 points

This is the primary reason folks use VPNs - to protect themselves on public networks. I would say it’s definitely not a non-issue.

permalink
report
parent
reply
7 points

The thing is that in most cases you don’t need a VPN to protect yourself on a public network. The ubiquity of TLS on the internet already does a great job of that. Using a VPN on a public network for privacy and security reasons amounts to little more than the obfuscation of which sites you’re visiting, and some fallback protection against improperly configured websites. So while I agree it isn’t entirely a non-issue, it definitely isn’t as big of an issue as one might assume given the scary wording of the headline and article.

permalink
report
parent
reply

Technology

!technology@lemmy.world

Create post

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


Community stats

  • 15K

    Monthly active users

  • 13K

    Posts

  • 567K

    Comments