It means that a rarely used network protocol has a problem that could potentially be used. I don't even have that module built. If you do have it, and you don't use infiniband, then you can safely blacklist rds.ko and be safe from any future exploit until your kernel gets upgraded >5.0.8, or the patch gets backported to your particular preferred kernel version. If you don't know what infiniband is, then you don't need it.
I freely admit that I don't have a clue about infiniband! And I bet you knew that before I posted something I didn't understand about rds, whatever that may be. The shame grows by the hour!
... is a question you should be asking of any VPN, regardless of who owns it and in which country its headquarters are located. If you're using someone else's VPN, chances are, it's not secret, just different.
Um... yes. Of course. They were designed that way. The need for VPNs came about from universities and businesses wanting to join separate campuses/offices together on a common IT network, across the internet. So, it simply creates encrypted connections between a main server and a variety of other servers/routers/computers/etc. across the internet, so that the physically separate networks appear to each other to be part of a single local area network. I have my own VPN - I have a little raspberry pi sitting at home that runs a couple of services useful to me, one of which is OpenVPN. I have OpenVPN clients loaded on my phone and my laptop, either or both of which can connect to this, and appear to be present at my home location in the UK. You can easily make your own - there are plenty of howtos on the internet. My company has its own VPNs, used to join all its various offices together so that we all have access to common resources (internal web pages, files, etc.). Other companies are just the same. What your slashdot post referred to are pay-to-access VPNs. They're useful if, for example, you're in the UK trying to get to US only web pages, or if you're overseas and really, really want to watch BBC iPlayer. But although they use the same software as private VPNs, you don't own them, you didn't have a hand in configuring them, you can't be certain they have your best interests at heart, and you certainly shouldn't have any expectations of privacy from them - their sole use is hiding your internet traffic between your device and their server. That means they're useful for getting data into and out of, e.g. Iran, but the server in the US or wherever will still be subject to local laws and local privacy restrictions, and definitely be open to snooping by the company that owns the server. Whether they do or not is another matter - most of us are not special enough for the various authorities to worry about.
Thank you very much for your explanation, it's quite helpful. "Most of us are not special enough," b-b-but aren't we all more than special? Sigh, yes, point well taken.
