|
Assuming I wasn't a state actor and just a lowly hacker on a wifi connection, here's some things I can tell about your VPN'd connection: * The operating system used
* Application-specific traffic patterns
* Content-specific traffic patterns
* The VPN provider and type First off, I know you're using a phone, because it matches mobile device tcp/ip fingerprints. Second, I can make a reasonable guess about what kind of VPN you're using, both based on the service itself and its traffic or connection pattern. Third, I can make a guess about what kinds of applications you're using, because you are using a phone and the traffic looks a certain way for certain network applications. Fourth, I can guess what kind of content you're looking at, since I have a good idea what kind of browser and application you're using. Fifth, if I can match up all those fingerprints each time, I can identify you as the sole user of that connection, meaning I can now track you whenever I see your traffic. Sixth, by manipulating your traffic in small ways I can also determine more about your host and application(s) by how they respond to network transmission problems. Based on all that, I can send you a phished e-mail that looks to exploit any of the services or hosts or applications you're using. I don't even need to know who to e-mail; I can just spam tons of addresses and check for results that match the fingerprinted services I discovered earlier. Another fun attack would be to actually kill every connection you tried to make over a VPN using a specific application and content provider; because it would never work over the VPN, you might eventually try it over your regular connection, giving me a new point of attack. Hacking is fun! |