> VPN vulnerability
> Application tabs
> Podman acceleration
Are VPNs toast?
I’ve been reading a news story on the TunnelVision vulnerability for virtual private networks. Apparently, this—excuse the pun—tunnel-sized hole in VPN security has existed since 2002. It says the vulnerability allows attackers to force VPN apps to send and receive at least some of your traffic outside of the encrypted tunnel. The claim is that you’re only safe when the VPN runs on an Android device or Linux PC. Is this true, and if so, does it mean the VPN networks I’ve been using for all these years have been utterly useless in all that time?
—Caitlin H Tracey
The headline of this vulnerability does make for grim reading. That said, in practical terms, the risk can be minimized and even eliminated completely. That’s because this vulnerability targets the network you’re connecting through. It makes use of a weakness in how DCHP servers, which allocate IP addresses to devices that