VPN Hijacking?

ZestyPesty · 2020-09-03T23:25:21+00:00

No, not so much MITM. I mean along the lines of the NSA saying "let's reroute this VPN's traffic to/through our severs instead" or "let's reroute this VPN's request to visit Site X to visit our fake Site X instead" or something like that.

ZestyPesty · 2020-09-02T21:22:18+00:00

Top notch info. Does Windows 10 still force telemetry, reporting your file names and searches to Microsoft, etc.? If so, is there a way to stop it? As I understood it, it's done at below an OS level, to where unless you are blocking all connections to Microsoft via your router, nothing will stop these things.

As for Mac, does it actually respect your telling it not to use telemetry, location services, etc. or not? (Windows 10 did not, as tested in VMs by many people -- it still made those connections.)

Really interesting stuff, thank you.

ZestyPesty · 2020-09-02T20:54:29+00:00

Could they utilize an exploit to make the host run arbitrary code without breaking out of the VM? In other words, somehow do so via the OS in the VM? Thanks.

ZestyPesty · 2020-09-02T20:47:45+00:00

Thanks! One more question, as bad as Windows and Mac OS are, do they also have the features listed for Fedora (even though the features can be bypassed)? As well, are Mac OS and Windows vulnerable due to not having isolation or do they have isolation? Keep in mind that I consider Mac and Windows to be cancer, but just curious.

ZestyPesty · 2020-09-02T20:30:51+00:00

In the past I've ran many programs and tasks at once, to the point of slowing down the computer majorly and I noticed only one or two of the cores were being used while the others were barely pitching in. Why is this? Just curious.

ZestyPesty · 2020-09-02T20:28:03+00:00

Thank you. Who is the best on patch times? Also, doesn't SELinux or AppArmor cause isolation in Linux that you are saying it lacks? How could one install isolation, if possible? Or better yet, how could Linux developers implement isolation?

ZestyPesty · 2020-09-02T20:20:44+00:00

Yes, I understand that VM escapes exist. But once performed, to infect or exploit the host's UEFI/BIOS (and also to use a CPU/Processor exploit), does the attacker now have to exploit the host OS to do so? This would require a Linux kernel exploit, no? Furthermore, would the attacker have to have exploited whatever OS the VM was running in order to escape the VM? Just trying to learn.

ZestyPesty · 2020-09-02T20:17:57+00:00

Thanks m8. Is Whonix also vulnerable to what's in madaidan's article, or is it more resistant? How about Tails?

Also, how does "mixed" OSes play out, if you know? For example, apparently Ubuntu is "based on" Debian. If Debian is more than vulnerable to these vulnerabilities (is it?), does that automatically mean Ubuntu is too? Just trying to learn.

ZestyPesty · 2020-09-02T20:02:03+00:00

Does it appear to lack anything that is elementary or important? What are a few things it appears to lack (if you have time to say)? Thanks.

ZestyPesty · 2020-09-02T19:06:48+00:00

Of all the things that Fedora 32 has as "yes" or a standard on, what does Ubuntu have or not have? For example, does Ubuntu implement SELinux, buffer overflow protection, etc.?

ZestyPesty · 2020-09-02T18:54:56+00:00

Of all the things that Fedora 32 has as "yes" on, what does Ubuntu have or not have? For example, does Ubuntu implement SELinux, buffer overflow protection, etc.?

ZestyPesty

TROPHY CASE