Slashdot Mirror
VPN Flaw Shows Users' IP Addresses
AHuxley writes "A VPN flaw announced at the Telecomix Cyphernetics Assembly in Sweden allows individual users to be identified. 'The flaw is caused by a combination of IPv6, which is a new Internet protocol due to replace the current IPv4, and PPTP (point-to-point tunneling protocol)-based VPN services, which are the most widely used. ... The flaw means that the IP address of a user hiding behind a VPN can still be found, thanks to the connection broadcasting information that can be used to identify it. It's also relatively easy to find a MAC address (which identifies a particular device) and a computer's name on the network that it's on.' The Swedish anti-piracy bureau could already be gathering data using the exploit."
Good point, anyone can host a Tor node, and I'm sure we can bet the bad guys are hosting just as many or more than the good guys. Web of trust for Tor, anyone?
Right after we get switched to the metric system!
In elementary school, they ONLY taught me the metric system, because it was going to replace the english system by the time I graduated high school... I'm still waiting...
-Myke
you flood the network with "ghosts"... 1,000+ spoofed IP packets for every 1 real one. sort of like under siege dark territory with the ghost satellites.
it isn't perfect, but provides enough ambiguity to make a counter attack almost pointless for a considerable time.
The only flaw is when people believe that VPN or any other network technology streaming on the public superhighway via telecoms and satellite networks is absolutely private and secure 100% of the time. Once you fix that defect, the rest won't matter anymore. Too bad our national security experts are having so much difficulty with that concept, since its bad for business to accept reality or to tell the truth, in general.
Definitely an interesting thought, though with a MITM attacker (presumably the person one is using Tor/VPN/whathaveyou to hide from) it would be pretty obvious that one isn't actually establishing true communication, as the TCP sequence numbers et al wouldn't make any sense, and the remote machine wouldn't be sending back any data packets. With UDP it might be less obvious, though it would be clear one is only sending and not receiving.
What, then, is the best way to preserve anonymity when using, for instance, BitTorrent? I have looked at services like BTGuard & Predator, but there's always a little spidey-sense tingle of lack of trust...
I think persistently sending a file over SSL over Tor to wikileaks might be somewhat suspicious to a malicious man in the middle listening for as much. Hiding who one is talking to is still as important as hiding what is said.
My thinking is that NATing on IPv6 will continue to be OK for security reasons
My thinking is we're going to see massive namespace pollution in the marketing world. Since most people use "nat security" as basically a complicated as heck one way valve, and its "expensive" to do nat compared to simple state based firewalls, I suspect the marketing droids are going to get simple state based firewalls that only allow outgoing connections from engineering, and then sell them as "ipv6 NAT" even though theres no address translation going on.
After all, its the same as ipv6 NAT because it allows you to connect your lan to the internet and it only allows outgoing connections, so it must be marketed with the same name.
Who cares if the engineers know that NAT actually means something.
And when it happens, you can say you saw it here on slashdot, first.
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger