Huge Security Flaw Makes VPNs Useless for BitTorrent

Huge Security Flaw Makes VPNs Useless for BitTorrent.

Millions of BitTorrent users who have chosen to hide their identities through a VPN service may not be as anonymous as they would like to be. Due to a huge security flaw, those who use IPv6 in combination with a PPTP-based VPN such as Ipredator are broadcasting information linking to their real IP-address on BitTorrent

-- Tom

 

I'm not surprised. Reliable identification (i.e., no anonymity) is one of IPv6's goals, isn't it?

And the deficiencies of PPTP are well known (around here, anyway).

I wonder what we don't know (that we don't know that we don't know).

 

You make a very good point. What don't we know? While certainly no fan of Donald Rumsfeld, he will forever be known for succinctly putting what you just said into profound words. It was at first thought of as funny, but in reality, it's never been put better. Read it carefully:

"There are known "knowns." There are things we know that we know. There are known unknowns. That is to say there are things that we now know we don't know. But there are also unknown unknowns. There are things we do not know we don't know." - Donald Rumsfeld, June 6, 2002​

 

I turn off IPv6 when I first install any linux distro. However, it's not necessary to do if you are behind a NAT firewall that does not translate IPv6 addresses. I run Tomato on a Linksys router and Tomato still uses a 2.4 version of the Linux kernel that does not recognize IPv6. Since all my connections go through the router, it matters not whether IPv6 is turned on in my OS -- my router wont recognize it and wont pass any IPv6 connection.

And this is not really a security flaw. It's just a matter of many people not realizing they are broadcasting an IPv6 IP since many OS's turn it on by default.

 

So isn't this problem with the open vpn also, if IPv6 broadcasting is turned on?

I know that MAC-addresses can be viewed but I thought only by them who are running the vpn service. Is it possible to a single vpn user watch others MAC-addresses?

 

@LockBox

Actually, that distinction -- among (1) what we know; (2) what we don't know, and know that we don't know; and (3) what we don't know, and don't even know that we don't know -- is a key pillar of the Landmark Forum. That's probably where Rumsfeld got it. I don't know the primary source.

@Asus125

I believe that prudent VPNs firewall users from each other, no?

 

So in other words, it is not not possible?

If I am using Xerobank and I could see other users MAC-adressess, which was said in the text of torrent freak, then there would be no anonymity. I am thinking that the users cannot see others MAC-addresses but I still prefer to hear answers from others.

 

The article linked to by the OP specifically states PPTP-based VPN providers. OpenVPN apparently turns off IPv6 as part of its implementation.

 

@Asus125

I don't believe that XeroBank users can even detect other users on the 10.x.x.x network that they're connected to. Perhaps someone from XeroBank can comment on that.