I haven't tried to reproduce that #TunnelVision DHCP vulnerability, but as far as I can tell a good way to mitigate it could be to ignore those DHCP option type 121 settings from the server (which add static routes for IP subnets configured by the server, which could overwrite routes set by a VPN and thus circumvent the VPN) - unless those static routes are needed to reach your VPN endpoint in the first place, of course.
just watched #TunnelVision, the unauthorized #SFBART film. Highly recommend. Even my suburbanite friend who BARTed in from South City loved it. There's tickets available for a matinee this Saturday and an encore showing a week from tomorrow. https://roxie.com/film/tunnel-vision/
Welcome to my Friday cabinet of curiosities, a roundup of stuff I enjoyed this week! Today’s links include the world’s last internet cafes, a secret train ride, and yes, Barbie and Oppenheimer (—but not Barbenheimer) 🖥️🚆👠
Timelapse photographer Vincent Woo attached a camera to a BART train in the Bay Area, capturing footage to create “Tunnel Vision: An Unauthorized BART Ride.”
“A hidden world is revealed through intersecting passageways, flashes of graffiti, and sections of track only witnessed by BART operators.”
Sorry #VPN wie es momentan beworben wird war noch nie Sicher und ein klarer #MITM und nur bei den wenigsten Anbietern auch vertrauenswürdig - Da sind ganz dubiose & gruselige Firmengeflechte im Hintergrund. Dann kommen ein paar #Dumps und bestätigen deine Befürchtungen. VPN macht durch aus Sinn in einem #Business#Netzwerk aber eben nicht so.
»21 Million VPN User Records durchgesickert; VPN am Ende?«
🧵 …das VPN Internetverbindungen nicht per-se sicher sind, hatte ich schon über einem Jahr erklärt (siehe Toots oben). Doch es wird tragisch lustiger wenn jetzt sogar IT Giganten neuartig deswegen auch betroffen sind.
[ENG]
»Novel attack against virtually all VPN apps neuters their entire purpose:
TunnelVision vulnerability has existed since 2002 and may already be known to attackers.«