Interestingly, Android is the only operating system that fully immunizes VPN apps from the attack because it doesn’t implement option 121. For all other OSes, there are no complete fixes. When apps run on Linux there’s a setting that minimizes the effects, but even then TunnelVision can be used to exploit a side channel that can be used to de-anonymize destination traffic and perform targeted denial-of-service attacks.
I did not look into that setting that minimises the effect but from the way it’s written it sounds like this isn’t used by default, so by default you’re still vulnerable. Add even if it’s on, there’s still a side vulnerability.
I think by client you mean the device and operating system, which is correct to my understanding, but it’s confusing because ‘client’ can also mean the VPN client software which is often supplied by the VPN provider, and that’s what I first think when you say client. So with that in mind it sounds like you’re saying “it’s not about the VPN but the VPN software” which obviously comes from the same provider.
I have not looked into it so you probably understand this more than I, but from the sound of it the VPN software can be built to detect, prevent or counteract the exploit even on affected systems? In which case, even though it’s an environment issue it can still be resolved by the VPN provider.
Depending on what its purpose it, it likely needs to be unencrypted (or at least decryptable by the operator without the user’s key) in order to function. A recovery email likely needs to be used precisely when you don’t have your password, so it can’t work if it’s encrypted with your private key.
I suppose this isn’t necessarily obvious to a user but it’s not a flaw or fault of Proton, it’s unavoidable if a recovery email is used. Note that it’s optional to add one (see article update).
About that. I’m still making the transition from gmail and currently most of my mail still goes to gmail first and gets forwarded to Proton through their easy switch process. Surely this is just as up for grabs as a recovery email, right?
FWIW I’m not likely to be investigated any time soon so I’m not worried either way.
FYI email contents were not decrypted or turned over to police, as far as I know Proton’s E2EE is still as good as whatever system you’re using. Proton doesn’t have the keys to decrypt your emails, it never did. What they have access to is metadata that is necessary to function when your private key is unavailable - e.g. your public encryption key used to encrypt incoming emails from non-Proton sources, or in this case, a recovery email address (I don’t know what the recovery process entails and whether it can restore encrypted emails).
That’s significantly worse privacy-wise, since Google gets a copy of everything.
Obviously, but I still haven’t gone through all the things I’ve ever signed up to and changed my email to the proton one. When I sign up to new stuff I use Proton, this is a necessary step for transition… And one that is likely to stay in place for a very long time since I’m going to keep procrastinating it.
Unless you’re using proton mail anonymously then you don’t need to consider the recover email as a weakness.
This technique can also be used against an already established VPN connection once the VPN user’s host needs to renew a lease from our DHCP server. We can artificially create that scenario by setting a short lease time in the DHCP lease, so the user updates their routing table more frequently. In addition, the VPN control channel is still intact because it already uses the physical interface for its communication. In our testing, the VPN always continued to report as connected, and the kill switch was never engaged to drop our VPN connection.
Sounds to me like it totally works even after the tunnel has started.
If you think it’s that simple you have no clue how controversial he is, and has been for roughly the entire time (increasing over the years). Israel isn’t (yet?) stuck in a two-party system, so there’s lots of different parties. Needless to say, Likkud (his party) does not get 50% of the votes. It is the largest party most of the time but not a majority.
The previous government formed with parties from opposite sides of the spectrum just to keep the Likkud out. It didn’t last long, but neither did any of Bibi’s governments in the preceding 2 years - we’ve had a political crisis because no one wanted to work with him because he’s so controversial. The only reason he won the last election is that some parties on the left didn’t pass the threshold to be represented (basically throwing away their votes) and he partnered with extremist parties on the far-right, which he previously wouldn’t have lowered himself to but he was desperate to return to power. No one would partner with him but them.
As for the number of votes Likkud does get - yeah, it’s a lot, but so are Trump voters (or pick your least favourite party/politician in your country) and it wouldn’t be fair to generalise and say all Americans support Trump, would it? Not to mention, you only get to pick from the candidates that are available.
FWIW I voted against him, to the party that didn’t pass the threshold :( it was the first time in their history this happened IIRC
posting in the correct community this time (i hope) (lemmy.ml)
Am I supposed to ask stupid questions here, or *not* ask stupid questions?
It’s kinda how you read the name, innit?
Chapter 1114 (tcb-backup.bihar-mirchi.com)
Italy bans planes that search for migrant boats from using airports (www.independent.co.uk)
Do we know whether Proton VPN addresses the TunnelVision vulnerability?
Apparently, the researchers contacted some VPN providers. Perhaps Proton is one of them.
Proton Mail Discloses User Data Leading to Arrest in Spain (restoreprivacy.com)
Proton Mail came under scrutiny for its role in a legal request by the Spanish authorities leading to the identification and arrest of a user.
Novel attack against virtually all VPN apps neuters their entire purpose (arstechnica.com)
So which is it? (sh.itjust.works)
The Duration Time on this Cookie... (slrpnk.net)
Remember to use ad blockers and DNS filters ladies and gentlemen!...
deleted_by_moderator
Israelis rally to demand ceasefire and Netanyahu's resignation (www.euronews.com)
“We hope the world hears us and knows that the people of Israel are not the government of Israel,” said one protester....
Ebard rewe (lemmy.world)
xkcd: Alphabetical Cartogram (imgs.xkcd.com)
Source: xkcd.com/2927/
checkmate, big geology!! (mander.xyz)
smh (mander.xyz)