this post was submitted on 06 May 2024
497 points (98.3% liked)

Technology

59593 readers
3792 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Bricriu@lemmy.world 60 points 6 months ago (1 children)

My understanding is that if you run a rogue discoverable DHCP server in a local network with a particular set of options set and hyper-specific routing rules, you can clobber the routing rules set by the VPN software on any non-Android device, and route all traffic from those devices through arbitrary midpoints that you control.

But IANANE (I am not a network engineer) so please correct my misinterpretations.

[–] applepie@kbin.social 32 points 6 months ago (4 children)

this implies physical access or at least access within the network?

[–] SzethFriendOfNimi@lemmy.world 49 points 6 months ago (1 children)

Keeping in mind that may mean that somebody like a cellular provider could do so. Since your local network in that context would be them.

[–] sailingbythelee@lemmy.world 25 points 6 months ago (1 children)

Exactly. And if your ISP or cellular provider wants, or is forced, to gather information about your internet activities, they can almost certainly find a way. The cheap consumer-grade VPN services most of us use just prevent casual or automated observers from easily detecting your device's IP address. For most people that just want to torrent casually or use public wifi, it's enough.

[–] TexasDrunk@lemmy.world 5 points 6 months ago

Or to watch porn in one of the states that block porn.

[–] lemmyng@lemmy.ca 7 points 6 months ago

It has implications on the effectiveness of VPNs on public networks.

[–] transientpunk@sh.itjust.works 6 points 6 months ago

That, or the ability to spoof it

[–] Pretzilla@lemmy.world 1 points 6 months ago

Or I expect compromise of anything on the LAN that can create a rogue DNS server that can override the routing table.

But I might be missing something