this post was submitted on 06 May 2024
499 points (100.0% liked)

Technology

68772 readers
3798 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
499
Novel attack against virtually all VPN apps neuters their entire purpose (arstechnica.com)
submitted 11 months ago by [email protected] to c/[email protected]
130 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 65 points 11 months ago (2 children)

there are no ways to prevent such attacks except when the user's VPN runs on Linux or Android.

So . . . unix? Everything-but-Windows?

[–] [email protected] 33 points 11 months ago

Maybe it affects BSD and MacOS.

It also can affect some Linux systems based on configuration. Android doesn't implement the exploited standard at all and is always immune.

[–] [email protected] 8 points 11 months ago* (last edited 11 months ago) (3 children)

Everything-but-Windows?

No. Any device that implements a certain DHCP feature is vulnerable. Linux doesn't support it, because most Linux systems don't even use DHCP at all let alone this edge case feature. And Android doesn't support it because it inherited the Linux network stack.

I would bet some Linux systems are vulnerable, just not with the standard network packages installed. If you're issued a Linux laptop for work, wouldn't be surprised if it has a package that enables this feature. It essentially gives sysadmins more control over how packets are routed for every computer on the LAN.

[–] [email protected] 58 points 11 months ago* (last edited 11 months ago)

most Linux systems don't even use DHCP

WTF are you smoking? WTF is wrong with you that you think such a dumb claim would go unscrutinized? I would play Russian roulette on the chances of a random Linux installation on a random network talking DHCP.

Edit, in case being charitable helps: DNS and IP address allocation aren't the only things that happen over DHCP. And even then the odds are overwhelming that those are being broadcast that way.

[–] [email protected] 42 points 11 months ago

because most Linux systems don't even use DHCP

This is the dumbest thing I've heard all day.

[–] [email protected] 9 points 11 months ago

As of this writing, 5 people who don’t know how DHCP works saw this comment