[QUESTION] If Disconnected from Proton would my websites be viewable?

I use proton vpn and have the paid package.

I do have kill switch on. However, today, the connection dropped. So I had to disconnect from protonvpn and then re-connect again.

Would the websites I was on at the time be registered/sent to router ?

My laptop keeps getting kicked. I live in a house share and I suspect that the other housemate, is also tech savvy is sending de-authentification attacks, to purposely kick me off the VPN to try and see what websites I am visiting.

So yeah, would the websites I was currently on at the time, be sent to router/could be viewed if he was monitoring web traffic.

Once the VPN disconnected, I did not search any websites but did have existing websites open.

Please let me know. Thanks

If the killswitch works properly it cuts connection to the internet in the moment your vpn connection is lost. Therefore you shouldn’t have been able to load any new sites in the time from where your vpn connection got lost and you reconnect to it. But if you were able to load new websites in between this means you’re either not using killswitch or it’s not working.

But if you had to disconnect the connection and re-connect in order to have working internet again you should be safe. Even if you were disconnected and any data got transfered in the time in between you should be at least safe as long as it was an https connection. Someone can still see the site you’re requesting but not the data that got transferred itself.

Next thing: with De-Authentication-Attacks you deauth someones WIFI and it only works on WLAN 2,4GHz afaik. So if he used a deauthentication-attack in order to get you disconnected, there wouldn’t be a connection unless there’s a different router you could’ve been using instead and your computer hopped to the working one and he monitored traffic on that one too.

Kill switches are unreliable and there is a chance even 1 singular packet was sent. Just view router logs yourself and/or clear them? Why on earth would your roommate even care what you do, seems a bit paranoid

Thanks for answer mate… Appreciate the input.

So I had 1 website loaded on chrome. Then my proton vpn stopped working.

So I had to disconnect from proton, then reconnect to a different UK server.

I disconnected because over the past week since he has came back from a 4 week break on holiday away from the house, I keep magically getting kicked off the network. What is weird, when he was away, this was not happening and is only starting to happen again since he is back. Which is making me suspect that he is doing a deauth attack.

We live in a shared house, which is quite big. So we have to connected to a TP Link wifi repeater plugged in at the top of the stairs.

So do you think the website would have been sent if he was to be monitoring the network ?

I did not refresh or do any activity on website when i reconnected to the wifi and changed proton server.

It’s annoying because he is a similar line of work to me and feels like he is doing it on purpose to see how I am doing my stuff, websites I am on… Basically trying to get business intelligence. We literally do same jobs but in different niches.

He could be de-auth on purpose, so when I reconnect, it leaks my websites, which he could be packet sniffing with wireshark. I know it sounds a bit paranoid lol but this is why I originally got the proton vpn, as I do not feel comfortable him knowing anything about my business stuff.

Bit fed up of it tbh, as 4 weeks he has been away. It’s been fine. Upon his return. My laptop keeps getting kicked off but phone, amazon firestick and everything else is still online.

I know before he went away, he was using Kali Linux aswell. Which I thought maybe, that is how he is doing the de-auth attacks. Could be wrong but I am awfully suspicious at the moment.

I know it may seem a bit paranoid. However, we are qualified in the same thing. He has been working for a company and I work for myself, making a lot more than him. He has recently actually tried to setup his own business on the side.

He asks a lot of stuff like how I get my contracts, lot of stuff I do not tell him.

Since I wont give him, what I consider to be business intelligence, it feels like to me he is using un-ethical ways to get the scoop. Why or what purpose is he magically starting to use kali linux and stuff. How come 4 weeks he was away, this never happened and he’s back again and it’s starting again ? Maybe I am been paranoid but then again, too many strange coincidences. So rather be safe, than sorry and defend as best as possible.

Okay I see your problem here. Sounds awful to feel like this at home.

Don’t worry too much about a possible leak. You took many measures to make sure no leak will happen and I’m sure it worked.

In order to find out which sites you’re using usually all you need is to monitor network traffic. But you were using a vpn for that exact reason. Your connection got lost and you had killswitch activated. Therefore the software blocked any traffic from the moment your connection to the vpn got lost. So no traffic from your computer in that time. Even if you would have reloaded a website or anything it wouldn’t have worked since killswitch blocked connections. So another safety layer.

Let’s assume he would have used a deauthentication attack. Then he launched the attack and your connection got lost. But in that case not only the connection to the vpn got lost but also your whole wifi-connection that would’ve been lost. That means that even without killswitch enabled he wouldn’t have been able to see anything because there’s not just no vpn connection anymore but also no wifi at all. Means: even in case of a reload of the page nothing would have happened because there’s not even a internet connection without vpn anymore. (which killswitch would have prevented anyways). He just can’t simply deauthenticate only your vpn except by blocking that particular ip in a firewall for your network. But in that case you would’ve noticed that too because then you wouldn’t be able to connect to that server anymore.

The only possible leakage of any data would’ve been possible in the described scenario when there would be a known wifi in your area that your computer would have automatically connected to when your connection to your wifi got lost and also he would have to sniff that network too. But even in that case in order to make that work, killswitch needs to be deactivated, otherwise still no connection.

And even if that would have been the case (which it wasn’t) then you’re still using TLS and HTTPS therefore he would’ve been able to see the servers you’re connecting to, but not what exact data is transferred since it’s all encrypted.

Alright, hope that helped you to calm down a little. You took good measures to prevent any leakage and that’s a setup I’d trust quite far. But if you feel like this in your own home maybe consider finding a different place to live instead of ramping up all possible security measures. Or at least make sure everything else is secure too. Make sure he doesn’t have physical access to your devices even if they’re password protected. Encrypt your harddrives, always check for https and who signed that certificate.

Then I would suggest looking into binding the network interface to your VPN. I think using a VM and binding the VM to the VPN would work. This way it only has access to proton VPN, that has access to your internet. Essentially a 2nd, more reliable kill switch. You would have to look into as I do not know how to set it up.

sounds like it is time for one of you to move houses…

Unfortunately kill switches are notorious for leaking data

That’s a great idea. I do have VMWare so maybe going to have to explore this avenue. Just a pain in the back side, when all my business stuff is connected to my laptop.

I’m moving in the next 3 weeks, so be glad when we are out of the same space.

Anyways, thanks for the suggestion buddy. Good idea!

Preferably you, after you give him a going away present of some bedbugs.