Virtual Private Networks (VPNs) are legal and increasingly popular for individuals wanting to circumvent censorship, avoid mass surveillance or access geographically limited services like Netflix and BBC iPlayer. Used by around 20 per cent of European internet users they encrypt users' internet communications, making it more difficult for people to monitor their activities.
The study of fourteen popular VPN providers found that eleven of them leaked information about the user because of a vulnerability known as 'IPv6 leakage'. The leaked information ranged from the websites a user is accessing to the actual content of user communications, for example comments being posted on forums. Interactions with websites running HTTPS encryption, which includes financial transactions, were not leaked.
The leakage occurs because network operators are increasingly deploying a new version of the protocol used to run the Internet called IPv6. IPv6 replaces the previous IPv4, but many VPNs only protect user's IPv4 traffic. The researchers tested their ideas by choosing fourteen of the most famous VPN providers and connecting various devices to a WiFi access point which was designed to mimic the attacks hackers might use.
http://phys.org/news/2015-06-internet-anonymity-software-leaks-users.html
[More Info]: GWI Infographic: VPN Users
The paper 'A Glance through the VPN Looking Glass: IPv6 Leakage and DNS Hijacking in Commercial VPN clients' by V. Perta, M. Barbera, G. Tyson, H. Haddadi, A. Mei will be presented at the Privacy Enhancing Technologies Symposium on Tuesday 30 June 2015.
See also our story here.
(Score: 2) by EvilSS on Wednesday July 01 2015, @01:47PM
Or just disable IPv6 locally. Most people are not using it on their local networks (not on purpose at least) and it tends to cause more trouble that it's worth with Windows current implementation. Even if your ISP is handing out IPv6 addresses now (and few overall are) you probably are not going to want to dump your network onto the internet. You'll still keep a firewall/NAT device in place.
(Score: 2) by kaszz on Wednesday July 01 2015, @04:53PM
Two things that might be "gotchas" with IPv6 is addresses made up of local Ethernet MAC and that all units will now be 1:1 with internet as it actually was meant to be before the NAT mess. And lets not forget that address specification notation. Someone will screwup with that many time more than for IPv4.