Android Ruins VPN Usage Due to DNS Leak Error

3 Min Read

Attention, Android users! If you’re using a VPN, it’s time to get involved with your device settings to fix the DNS leak vulnerability that secretly affects Android devices. This vulnerability continues to leak DNS traffic even with the “Always-On” kill switch on Android, putting users’ privacy at risk.

DNS leaks can happen on Android even with an active kill switch

A recent post from Mullvad – popular for its Mullvad VPN – highlights a serious privacy issue with existing Android devices. The researchers have observed a DNS leak vulnerability in the Android system that remains active even with the permanent kill switch, lowering the privacy protection of the users.

Mullvad researchers discovered this vulnerability after witnessing user reports Reddit, who suspected a DNS leak problem with Android. According to their comments, several users tried different VPNs on their respective devices running Android OS (and even GrapheneOS), and the problem persisted.

Following these comments, Mullvad investigators investigated the matter and noted the system problem that is awaiting resolution. Specifically, the vulnerability takes effect during VPN reconnections. That is, when the user disconnects and reconnects the VPN, or a VPN connection drops due to tunnel reconfiguration or app crashes, Android briefly leaks users’ DNS for a short period of time. While VPNs’ kill switch and the ‘Always-On’ VPN setting on Android should prevent such leaks, it doesn’t work as intended.

The researchers observed that this behavior was limited to direct calls to the C function getaddrinfo. While this appears to limit the scope of the vulnerability, it is actually serious because it directly affects the Google Chrome browser, which can directly use getaddrinfo, and is the most used browser for Android users. (It’s also pre-installed on most Android devices.)

See also  Oil falls to seven-week low due to surprise US stockpiling, Middle East hopes

The researchers shared the technical details and steps to reproduce the DNS leak in their after.

Google informed of the error

After this discovery, Mullvad reported the matter google. According to the statement shared with Bleeping Computer, Google is working to address this.

“Android security and privacy are our top priority. We are aware of this report and are investigating its findings.

Nevertheless, until a patch arrives, this means that Android users will remain vulnerable to DNS leaks regardless of the VPN they use.

As a possible solution, Mullvad recommends setting up a fake DNS server when using the VPN app. This would hide the actual DNS in case of DNS leak events.

Mullvad further clarified that this restriction should ideally be implemented at the operating system level, rather than the VPN app level, to protect all users everywhere.

Let us know your thoughts in the comments.

Share This Article
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *