> We believe that one reason why these routing manipulation vulnerabilities were only discovered more than two decades after the introduction of VPNs, is that most previous works focused on the VPN protocols themselves, but only few studied their integration into real-world clients and platforms. In other words, our attacks show that properly integrating VPNs into a platform, and securely managing the routing table, is essential for security.<p>For my latest project I implemented custom VPN clients for iOS, Mac, Android, and Windows. I was amazed how complicated and poorly documented the APIs were, especially for Apple products.