Last week I was listening to episode 973 and the news about VPNs. I've been a user of Mullvad VPN since 2020 when I first heard it mentioned on the Security Now podcast. Today I was notified about a client update to Mullvad VPN. I was reading the release notes and noticed a new feature they just added. It's called Defense against AI-guided Traffic Analysis or DAITA.
The TL;DR version is this: new AI traffic analysis can allow ISPs and other organizations to observe encrypted traffic. Then based on the packet size and other patterns determine the website visited. Mullvad says, "When visiting websites (or doing any other activity that causes significant traffic), DAITA modifies the traffic pattern by unpredictably sending cover traffic in both directions between client and VPN server. This distorts the recognizable pattern of a website visit, resisting accurate identification of the site".
I don't think this will mitigate the concern with modifying the route tables of VPN connections; however, it's still a cool feature.
A blog post on their site can be seen here if you want to read more. I just thought this might be of interest to everyone here.
The TL;DR version is this: new AI traffic analysis can allow ISPs and other organizations to observe encrypted traffic. Then based on the packet size and other patterns determine the website visited. Mullvad says, "When visiting websites (or doing any other activity that causes significant traffic), DAITA modifies the traffic pattern by unpredictably sending cover traffic in both directions between client and VPN server. This distorts the recognizable pattern of a website visit, resisting accurate identification of the site".
I don't think this will mitigate the concern with modifying the route tables of VPN connections; however, it's still a cool feature.
A blog post on their site can be seen here if you want to read more. I just thought this might be of interest to everyone here.