We have tested a few other VPN clients from competitors and found that all of them leak in the same way. The way Microsoft has implemented virtual networking for Linux guests makes it very difficult to properly secure them.
Sometimes that's a feature. At least with VirtualBox I have made the experience that NAT virtual networking leads to significant slowdown on a linux guest compared to bridging one of the host's ethernet adapters. I suspect that's due to windows' firewall software or similar things happening in the host system. It also means one less hop to debug when it comes to network issues.
I think the question is whether you consider a VM more like another machine in your network that merely happens to run on the same hardware or a part of the host system.
From a firewall POV: Can the host system reliably interact mechanically with the VM? I.e., can the host get root in the VM? If so, a firewall only reduces the attack surface by eliminating the obvious.
It’s a shit show. Can’t trace packets either via wireshark on the host and tcpdump doesn’t work on the guest. I’ve gone back to virtualbox and eviscerated WSL. Another total waste of my life.
Were you using WSL 1 or 2? WSL 1 networking didn't work the way I expected, but WSL 2 seems to support proper Linux networking since it's just a Linux VM under the hood.
Conceptually this makes sense. It doesn't really run Under windows, it runs beside windows. Unlike WSL1 which was basically part of Windows. It's strange tcpdump doesn't run though as WSL2 is running a real kernel.
Personally I really liked the resource efficient WSL1 approach and I lament that they dropped it. But I know for some usecases (e.g. docker) a real Linux kernel was needed.
The WSL machine is a Hyper-V VM. Why would you expect the default configuration to be able to sniff traffic from the host operating system? That would be a massive security hole.
It was theoretically more resource efficient but practically worse and harder to optimize. A state of affairs that VMware has exploited for a couple decades.
I would think that anyone who relies on a VPN for safety or is really particularly security conscious (1) isn't using Windows 10, (2) has networking disabled if they are using it, for example, in a VM, and (3) is probably using a dedicated device like a Slate router or pfSense box as their VPN point.
With the way these companies advertise, they make it seem like a silver bullet for internet anonymity. Almost every YouTube video I've seen recently seems to have one as a sponsor, and I am sure they are picking up many non-technical customers.
I don't think users of NordVPN, ExpressVPN, MullvadVPN et al. are as sophisticated as you think.
The non-technical customers probably aren't running WSL2 either. In fact I think very few of them actually need a VPN. Those who torrent in litigious countries have a benefit from their VPN provider but I doubt most others don't know about the behaviour changes that need to take place to make a VPN effective.
I think VPNs can be a powerful tool for many people who would normally not be able to find out about their existence, but the predatory nature modern VPN ads have taken is quite sad.
This leads to some cases of Youtube fan bases angrily calling out shitty VPN ads while the video creators just want to pay their bills, a situation nobody wants.
The way Express VPN's ad copy reads it seems their own people don't understand the difference between encryption and traffic tunneling (much less encryption in transit versus encryption at rest).
If they're not that sophisticated they probably won't use WSL anyway though, so it's not a huge issue in that sense (unless some malware specifically installs WSL2 to get around it).
The reason why I route all of my traffic through a VPN is simple - in the UK all ISPs have to keep the history of all your browsing for a year. I want to avoid that. That's it. I just don't like this requirement, especially since lots of agencies can access this data without any kind of warrant - so this is like my own little personal protest against this stupid law. Nothing more complex than that.
"UK-based VPN companies may be subject to the same data retention laws as the country's internet service providers. The UK has also made news in the past as some carriers have blocked certain VPNs. However, the use of VPNs remains legal."
Not sure how much of it is true. I cannot imagine what would happen to some people there were it to be illegal. I would move out.
Are you saying that you don't think there is anyone on Windows who is using a VPN to hide their pirating activities? If so, you can borrow a needle from me and pop that bubble.
I think the question is whether you consider a VM more like another machine in your network that merely happens to run on the same hardware or a part of the host system.