"The report detailed how the user managed to leak DNS queries when disabling and enabling VPN while having “Block connections without VPN” on."
Not to diminish the severity of the issue but I can't imagine this being the factor that pushes the average person to ios over android.
Mullvad is awesome. i think this is the second android bug/incident they brought to light?
Anyway, really really hope this gets fixed upstream, maybe by Graphene
How much you wanna bet this was intentional by Google? 😏
They didn't bring it to light, it was a user report posted on reddit. They merely investigated it further. Nothing against mullvad, it's a great vpn, but credit where credit is due.
What I don't understand though, doesn't using mullvad automatically set their own DNS?
On the desktop it does. But on Android things are maybe different ? Not directly related but I remember (long time ago) wanting to tether from an Android phone with Mullvad VPN app in use, to a computer, only to find out that the Android defaults (In Android not in the Mullvad app) needed a button swiped to make it work correctly on the other device.
I thought sharing the VPN was blocked and not possible. Do you remember how you did?
Ive recently managed to do this;
Settings> Network & Internet> Hotspot & Tethering> Allow Clients To Use VPN
Not in pixel :( I would love this
Only if your Android connection is set to automatic DNS. Additionally, they are assuming it is an OS bug. However, they also acknowledge that they had to fix something on their app to mitigate. I tried myself with Wireguard instead, killed the network access to it, and nothing ever left my phone, as Android immediately killed all connections due to the VPN always on feature.
So, I'm going to take their claim with a grain of salt until AOSP says something about this and denies or confirms the alleged bug.
Just use rethink dns with a wireguard tunnel and block every app except those you trust and need !
I tried out rethink DNS but I did not manage in any way to just use my VPNs DNS. Would you have a hint how to make it work?
Any system app on Android, the captive portal login and more CAN all bypass a VPN in "block all other connections" mode.
Android is really problematic and having as little system apps as possible is the only fix.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)