Android leaks data even with VPN

Συσκευές με Android διαρρέουν traffic κάθε φορά που η συσκευή συνδέεται σε δίκτυα WiFi, ακόμα κι αν είναι ενεργοποιημένες οι λειτουργίες “Αποκλεισμός συνδέσεων χωρίς VPN” ή “Πάντα ενεργό VPN”.


The BleepingComputer he says:

Data leaked out of VPN tunnels includes IP addresses, DNS lookups, HTTPS traffic, as well as NTP traffic. This behavior is built into the Android operating system and is a design choice. However, Android users probably didn't know about it until now due to the inaccurate description of VPN Lockdown features in the Android manual. The problem was discovered during a yet-to-be-published security audit.

Android offers a setting under “Network & Internet” to block network connections unless you are using a VPN. This feature is designed to prevent accidental leaks of the user's real IP address if the VPN connection is suddenly interrupted or dropped. Unfortunately, this capability is undermined by the need to accommodate special cases, such as identifying restricted gateways (such as a hotel's WiFi) that must be checked before the user can connect, or when using split-tunneling functions. That's why Android is configured to leak some data when connecting to a new WiFi network, regardless of whether you've turned on the “Block non-VPN connections” setting.

Google is aware (learned) of the problem, and should add an option to disable connectivity checks, as shown in a new feature request on Google's Issue Tracker.

A Google engineer of course Reported responding to the request that this is the intended functionality and will not be fixed for the following reasons:

  • Many VPNs actually rely on the results of these connectivity checks to work,
  • Audits are neither the only nor the most dangerous exceptions to VPN connections,
  • The privacy impact is minimal, if not negligible, because the leaked information is already available over the L2 link. The Best Technology Site in Greece
Follow us on Google News

vpn, android, iguru

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).