Do we know whether Proton VPN addresses the TunnelVision vulnerability?
Do we know whether Proton VPN addresses the TunnelVision vulnerability?
Apparently, the researchers contacted some VPN providers. Perhaps Proton is one of them.
10
comments
They have posted on Reddit that if you have kill switch and wireguard you are safe on every platform except Linux. A fix is being worked on for linux, no ETA.
Thanks for the reply! Here's their 2024-5-8 reply for reference:
Hi! Our engineers have conducted a thorough analysis of this threat, reconstructed it experimentally, and tested it on Proton VPN. We concluded that:
- the attack can only be carried out if the local network itself is compromised
- our Windows and Android apps are fully protected against it
- for iOS and macOS apps, you are completely protected from this as long as you're using a Kill Switch and a WireGuard-based protocol (our apps use WireGuard by default, and if a user wants to use something other than WireGuard derivates, they'd have to manually set it up). Note that Stealth, WireGuard TCP, and our Smart protocol on iOS/macOS are all WireGuard-based.
- for our Linux app, we're working on a fix that would provide full protection against it.
10
comments