TunnelVision vulnerability has existed since 2002 and may already be known to attackers.

cross-posted from: https://beehaw.org/post/13643895

Pulling this off requires high privileges in the network, so if this is done by intruder you’re probably having a Really Bad Day anyway, but might be good to know if you’re connecting to untrusted networks (public wifi etc). For now, if you need to be sure, either tether to Android - since the Android stack doesn’t implement DHCP option 121 or run VPN in VM that isn’t bridged.

  • nadram@lemmy.worldEnglish
    13·
    6 months ago

    Interesting it does not work on Linux or Android… Didn’t understand why though 😬

    • Darkassassin07@lemmy.caEnglish
      23·
      6 months ago

      Android doesn’t implement the option that’s being abused for this exploit; and Linux offers more control allowing you to lock down the network stack enough to not be affected.

    • pathief@lemmy.worldEnglish
      3·
      6 months ago

      It does affect Linux, tho! In fact that’s the only platform where proton claims to have no solution yet.