VPN Flaw Shows Users' IP Addresses 124
AHuxley writes "A VPN flaw announced at the Telecomix Cyphernetics Assembly in Sweden allows individual users to be identified. 'The flaw is caused by a combination of IPv6, which is a new Internet protocol due to replace the current IPv4, and PPTP (point-to-point tunneling protocol)-based VPN services, which are the most widely used. ... The flaw means that the IP address of a user hiding behind a VPN can still be found, thanks to the connection broadcasting information that can be used to identify it. It's also relatively easy to find a MAC address (which identifies a particular device) and a computer's name on the network that it's on.' The Swedish anti-piracy bureau could already be gathering data using the exploit."
Re:Tor (Score:3, Interesting)
Re:IPv6 (Score:2, Interesting)
In elementary school, they ONLY taught me the metric system, because it was going to replace the english system by the time I graduated high school... I'm still waiting...
Re:garbage in, garbage out... (Score:1, Interesting)
you flood the network with "ghosts"... 1,000+ spoofed IP packets for every 1 real one. sort of like under siege dark territory with the ghost satellites.
it isn't perfect, but provides enough ambiguity to make a counter attack almost pointless for a considerable time.
User flaw shows dilluded sense of privacy on net (Score:3, Interesting)
The only flaw is when people believe that VPN or any other network technology streaming on the public superhighway via telecoms and satellite networks is absolutely private and secure 100% of the time. Once you fix that defect, the rest won't matter anymore. Too bad our national security experts are having so much difficulty with that concept, since its bad for business to accept reality or to tell the truth, in general.
Re:garbage in, garbage out... (Score:3, Interesting)
So, what's the move? (Score:3, Interesting)
What, then, is the best way to preserve anonymity when using, for instance, BitTorrent? I have looked at services like BTGuard & Predator, but there's always a little spidey-sense tingle of lack of trust...
Re:Tor (Score:3, Interesting)
Re:doesen't IPv6 drop some of need for VPN? (Score:3, Interesting)
My thinking is that NATing on IPv6 will continue to be OK for security reasons
My thinking is we're going to see massive namespace pollution in the marketing world. Since most people use "nat security" as basically a complicated as heck one way valve, and its "expensive" to do nat compared to simple state based firewalls, I suspect the marketing droids are going to get simple state based firewalls that only allow outgoing connections from engineering, and then sell them as "ipv6 NAT" even though theres no address translation going on.
After all, its the same as ipv6 NAT because it allows you to connect your lan to the internet and it only allows outgoing connections, so it must be marketed with the same name.
Who cares if the engineers know that NAT actually means something.
And when it happens, you can say you saw it here on slashdot, first.