Techly NewsGet the app

Get the latest tech news

‘TunnelVision’ Attack Leaves Nearly All VPNs Vulnerable to Spying


TunnelVision is an attack developed by researchers that can expose VPN traffic to snooping or tampering.

Researchers have devised an attack against nearly all virtual private network applications that forces them to send and receive some or all traffic outside of the encrypted tunnel designed to protect it from snooping or tampering. TunnelVision, as the researchers have named their attack, largely negates the entire purpose and selling point of VPNs, which is to encapsulate incoming and outgoing Internet traffic in an encrypted tunnel and to cloak the user’s IP address. A setting known as option 121 allows the DHCP server to override default routing rules that send VPN traffic through a local IP address that initiates the encrypted tunnel.

Get the Android app

Or read this on Wired

Read more on:

Photo of VPNs

VPNs

Photo of attack

attack

Photo of tunnelvision

tunnelvision

Related news:

News photo

UK opens investigation of MoD payroll contractor after confirming attack

News photo

Environmental journalism is under attack

News photo

Russian GRU was behind the attack in Vrbětice, NCOZ confirms