VPN Flaw Shows Users' IP Addresses - Slashdot

Slashdot

VPN Flaw Shows Users' IP Addresses 124

Posted by Soulskill on Monday June 21 2010, @01:22PM
from the illusion-of-privacy dept.

AHuxley writes "A VPN flaw announced at the Telecomix Cyphernetics Assembly in Sweden allows individual users to be identified. 'The flaw is caused by a combination of IPv6, which is a new Internet protocol due to replace the current IPv4, and PPTP (point-to-point tunneling protocol)-based VPN services, which are the most widely used. ... The flaw means that the IP address of a user hiding behind a VPN can still be found, thanks to the connection broadcasting information that can be used to identify it. It's also relatively easy to find a MAC address (which identifies a particular device) and a computer's name on the network that it's on.' The Swedish anti-piracy bureau could already be gathering data using the exploit."

This discussion has been archived. No new comments can be posted.

VPN Flaw Shows Users' IP Addresses

Search 124 Comments Log In/Create an Account

Comments Filter:

Re:garbage in, garbage out... (Score:5, Insightful)

by dotgain (630123) writes: on Monday June 21 2010, @01:28PM (#32643336) Homepage Journal

And it's just as sensible as spoofing your home address when ordering pizza that you ultimately want to eat.

Parent Share
twitter facebook
Re:Tor (Score:5, Insightful)

by Rijnzael (1294596) writes: on Monday June 21 2010, @01:29PM (#32643348)

I seriously doubt any reasonable level of donations will ever allow the Tor network to add the kind of capacity required to torrent. I think it has many more important needs than that anyway.

Parent Share
twitter facebook
Re:Tor (Score:5, Insightful)

by TheRealMindChild (743925) writes: on Monday June 21 2010, @01:33PM (#32643402) Homepage Journal

Not only that, but Tor isn't nearly as secure as most people think it is

Parent Share
twitter facebook
Re:Tor (Score:3, Insightful)

by bsDaemon (87307) writes: on Monday June 21 2010, @01:37PM (#32643468)

In order to have a web of trust, don't you need to be able to establish the identity of the other people in your web to a reasonable degree of certainty? Wouldn't verifiable identities undermine the concept of anonymity that is the whole purpose of Tor?

Parent Share
twitter facebook
Re:garbage in, garbage out... (Score:1, Insightful)

by Anonymous Coward writes: on Monday June 21 2010, @04:09PM (#32645320)

"Spoofing" an IP address will tend to cause the packets to be delivered to the wrong place.
On a very different note, it is worth remembering that MAC addresses are embedded in the IPv6 address. If these guys are presenting the idea that you can get a MAC address from an IP address (in IPv6) as a new security flaw, they obviously haven't been reading the RFCs. Why the #*%! do these morons think people are so reluctant to switch to IPv6? Because it makes it very hard to obscure a machine on the Internet, and since there's no built-in security on the Internet ...

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

477 commentsYour Passwords Don't Suck — It's Your Policies
418 commentsFBI Says American Universities Infiltrated by Spies
391 commentsAdobe Introduces the Paid Security Fix
343 commentsSymantec: Religious Sites "Riskier Than Porn For Viruses"
333 commentsOsama Bin Laden Didn't Encrypt His Files

Computer programmers do it byte by byte.