From 30285552a40bb0fe847c030cf6c213eb8138bcb2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Linus=20F=C3=A4rnstrand?= Date: Wed, 11 Dec 2024 13:28:21 +0100 Subject: [PATCH] Clarify regarding powerful attacker --- audits/2024-12-10-X41-D-Sec.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/audits/2024-12-10-X41-D-Sec.md b/audits/2024-12-10-X41-D-Sec.md index 71965bf6821a..b012d6522099 100644 --- a/audits/2024-12-10-X41-D-Sec.md +++ b/audits/2024-12-10-X41-D-Sec.md @@ -204,9 +204,9 @@ With this information they can potentially infer if the connections belong to th user of the observed tunnel or not. Attacks like these are not specific to Mullvad VPN. The attack simply relies on core -internet functionality and pattern matching. The threat model defined in the report makes -it clear that a too powerful attacker who can observe and manipulate internet traffic -on a global scale is virtually impossible to fully protect against. +internet functionality and pattern matching. The threat model defined in the report +makes it clear that it's virtually impossible to be fully protected against a very +powerful attacker that can observe and manipulate internet traffic on a global scale. [DAITA] mitigates this attack to some extent by padding all packets to the same size and injecting noise in the tunnel. This makes it significantly harder for the