Philip answered him, 2 books is not sufficient for them. And Jesus took the books; and when he had given thanks, he distributed to the disciples, and the disciples to them that were set down. Therefore they gathered them together, and filled twelve baskets with the new copies, which remained over.
Mullvad’s response a day after the article. Come on proton, at least a “we saw the article and are looking into it”.
https://mullvad.net/en/blog/evaluating-the-impact-of-tunnelvision
Evaluating the impact of TunnelVision
May 7, 2024 Security
We evaluated the impact of the latest TunnelVision attack (CVE-2024-3661) and have found it to be very similar to TunnelCrack LocalNet (CVE-2023-36672 and CVE-2023-35838).
We have determined that from a security and privacy standpoint in relation to the Mullvad VPN app they are virtually identical. Both attacks rely on the attacker being on the same local network as the victim, and in one way or another being able to act as the victim’s DHCP server and tell the victim that some public IP range(s) should be routed via the attacker instead of via the VPN tunnel.
The desktop versions (Windows, macOS and Linux) of Mullvad’s VPN app have firewall rules in place to block any traffic to public IPs outside the VPN tunnel. These effectively prevent both LocalNet and TunnelVision from allowing the attacker to get hold of plaintext traffic from the victim.
Android is not vulnerable to TunnelVision simply because it does not implement DHCP option 121, as explained in the original article about TunnelVision.
iOS is unfortunately vulnerable to TunnelVision, for the same reason it is vulnerable to LocalNet, as we outlined in our blog post about TunnelCrack. The fix for TunnelVision is probably the same as for LocalNet, but we have not yet been able to integrate and ship that to production.
Mullvad already published a blog post a day after stating they reviewed the vulnerability, and it was closed up during their process of fixing a different vulnerability. https://mullvad.net/en/blog/evaluating-the-impact-of-tunnelvision
That we haven’t heard anything from proton regarding this vulnerability is not a good sign. Article came out on May 6th and proton has only published basic privacy guides.
@TheHooligan95@lemmy.dbzer0.com Lol. Torrenting is sharing. And for now you haven’t been visited, but I’m certain Hollywood will pay a visit to your local enforcer chief to explain to him the technicalities over fine wine & dinner.
The risk is still there. Keep your share ratios to 3 so you don’t look like a big problem as @Melkath@kbin.social put it. And when you get a letter from somebody complaining, it’s time to start looking into a VPN.
The second best thing to do is your own research into your country’s laws, and subscribing to e-mail alerts so you can know if the law will change. At least a google alert at a minimum.
I take issue with the statement “passwords are protected by the fifth amendment”.
SCOTUS is not guaranteed to affirm that above statement.
Well you see, those victims are just untouchables, whereas Pirates attack the property of the rich…
Your complaints should be in the donation message.
You also subsidize other current “free tiers” until they can ascend.
SCOTUS has not yet decided that a password in your brain is protected by the fifth.
Your phone is protected by the fifth.
Until SCOTUS decides that passwords are protected by the fifth, you can be held in contempt of court by a judge indefinitely because you forgot the password (theoretical scenario, has not yet happened).
Recognize him for a different OG status:
His work was so bad that all the “internet nerds” worked overnight trying to disprove him.
The apps requirement pisses me off. Both Android/IOS have some sort of pass system.
They have those cars. You’re not rich enough.
The right to not surrender a pass code has actually not yet been decided. We already have differences between regions.
That’s ok. Most won’t do so. And if you have a “malfunctioning” module, then you probably aren’t maintaining your car properly, so rates will have to be adjusted accordingly.
It is a civilized world. All autonomous worker drones are using 94% of cognitive resources just justifying maintenance resources. And the ones who accidentally got better CPUs are too small in population to matter.
Your phone isn’t trackable? You avoided all the license plate scanners? Your work/home has a higher rate of accidents between them?
Here’s a “funny” story. Back in the day I was working (IT) for insurance companies. I’ve pitched an idea to one of the larges companies about a device connected to an OBD port to track a driver’s habits and adjust premiums based on that. I was turned down, but I heard from an unofficial source that the company was already testing such a device. That was 15 years ago.
Privacy regulations? They don’t know how to handle all the data? They realized they’d have to triple rates based on the actual data they were receiving?
Maybe the insurance cooperatives might. And then the private ones might alter strategies to compete.
I haven’t heard the alternative candidates talk about how they’ll fight for our privacy.
Bottom Right sees freedom as not being told by other rulers what to do. Your own rulers get to tell you what to do obviously.