VPN users menaced by port forwarding blunder

Attackers need to have an account with the same vulnerable provider as their intended victim.
Darren Pauli
Virtual Private Network (VPN) protocols have a design flaw that can be potentially exploited by snoops to identify some users’ real IP addresses.
VPN provider Perfect Privacy, which discovered the security weakness, has dubbed it “port fail”, and says it affects VPNs based on the IPSec (Internet Protocol security) or PPTP (point-to-point tunnelling protocol) specifications, or using the OpenVPN client software.
To read the entire article, please click here.
Source: http://www.theregister.co.uk/