• @Bricriu@lemmy.world
    link
    fedilink
    English
    606 months ago

    My understanding is that if you run a rogue discoverable DHCP server in a local network with a particular set of options set and hyper-specific routing rules, you can clobber the routing rules set by the VPN software on any non-Android device, and route all traffic from those devices through arbitrary midpoints that you control.

    But IANANE (I am not a network engineer) so please correct my misinterpretations.

    • applepie
      link
      fedilink
      326 months ago

      this implies physical access or at least access within the network?

      • @SzethFriendOfNimi@lemmy.world
        link
        fedilink
        English
        496 months ago

        Keeping in mind that may mean that somebody like a cellular provider could do so. Since your local network in that context would be them.

        • @sailingbythelee@lemmy.world
          link
          fedilink
          English
          256 months ago

          Exactly. And if your ISP or cellular provider wants, or is forced, to gather information about your internet activities, they can almost certainly find a way. The cheap consumer-grade VPN services most of us use just prevent casual or automated observers from easily detecting your device’s IP address. For most people that just want to torrent casually or use public wifi, it’s enough.

      • lemmyng
        link
        fedilink
        English
        76 months ago

        It has implications on the effectiveness of VPNs on public networks.

      • @Pretzilla@lemmy.world
        link
        fedilink
        English
        16 months ago

        Or I expect compromise of anything on the LAN that can create a rogue DNS server that can override the routing table.

        But I might be missing something