Research suggests that VPNs may not be as secure as they claim when connecting via an untrusted network. Attackers on the same network can force a target's traffic off the protection provided by their VPN without triggering any alerts to the user. This can be done by abusing an obscure feature built into the DHCP protocol. Mitigations include using a device powered by Android, relying on a cellular hotspot, or running a VPN inside a virtual machine.
Sort: