Nesstool uses VPN connection to prevent TutuApps from getting revoked.
First we need to understand how VPN works?
The minimum standard that any good VPN should have today is Advanced Encryption Standard 256-bit encryption, which is currently the standard used by governments to protect classified information. It will protect you from just about anything cybercriminals can think of. Anything less could be vulnerable to an attack with enough power behind it. Anything more could be sluggish and difficult to use unless you have a specific need for it.
You will also want to keep in mind the tunneling protocol(s) used by the VPN to keep you safe. The tunneling protocol makes up much of what keeps you anonymous while using the service. While the science and details behind it can get complicated, you just need to know that for the sake of security that PPTP still has some security weaknesses and that L2TP (a great tunneling protocol) paired with IPsec (which encrypts the data) is a great option for any service. SSTP is also a great option, but is only available for Windows users.
Is it Possible to sniff on VPN Traffic?
Between two endpoints of a VPN connection that uses a properly-negotiated secure algorithm, one cannot decipher the encrypted traffic. Some things that can keep that from working right (in order of likelyhood):
- Your attacker got between you and your VPN or between your VPN and your destination allowing them access to the cleartext.
- Your VPN system didn’t authenticate the host on the other end. You setup a secure connection to your attacker.
- Your VPN system is configured in an insane manner, possibly allowing very weak keys or just encapsulation with no encryption.
Can we sniff VPN traffic just like you would a coffee shop?
It really depends on which VPN protocol is used and how the server is setup, but in general it’s not possible for people on the same VPN network to sniff all traffic from others.
You can do this on WiFi only because the airwaves is a shared medium and the protocol does not enforce peer-to-peer keys.
VPN uses peer-to-peer tunnels between the client and the server and normally with per session keys, so it’s actually equivalent to a switched wired network in terms of privacy and you cannot easily listen to other people’s traffic.
However, the same tricks that works on wired networks like ARP spoofing may still be effective on certain L2 VPNs and weakness in the protocol/implementation may allow the session key to be extracted by people who know the credentials used.
So the Questions Remains Is Nesstool Safe?
Yes, it is safe as long as the TutuApp is honest with their visitors and users. However you still need to be caution and while navigating through important tasks you need to turn off VPN connection.
If you still have questions post here: https://www.hacktoday.net/c/Operating-System-Talk/Mobile