New Flaw Detected In Android’s ‘Always-On VPN’ Shows How The Feature Leaks Data

Just when you thought all VPNs were safe comes a new report that just might go against it.

Android’s ‘Always-On VPN’ is now in the spotlight after a new report speaks of a potential flaw that causes it to leak data and traffic belonging to users.

Whenever a user connects their devices to the Wi-Fi connection, they’re at risk of a huge disadvantage, the report adds.

The shocking report comes thanks to Mullvad VPN which speaks regarding both of Android’s offerings, ‘Always-On VPN’ and ‘Block Connections Without VPN’, and how they were found guilty of such behavior.

So just when users thought such VPN lockdown offerings were going to be their best bet at security and privacy, here comes a report to burst their bubble.

This particular VPN service by the famous Swedish firm says it learned about the issue through a recently conducted audit which is still not published yet. Keeping in mind such news, Mullvad says it was forced to issue a quick notice on the matter so users could be aware. Moreover, some people feel the decision taken is so as to put great pressure on the company to fix the matter.

In today’s day and age, privacy and security are two major factors that go into choosing a good VPN connection and when you don’t have either of them at hand, you can only wonder how upset a user would get.

Seeing both data and traffic get leaked whenever a wi-fi connection is generated is alarming, explained experts. But many questioned what exactly was being leaked with this fault.
For starters, it’s the IP address for the source involved as well as the DNS lookup for various Android users. Next up, you’ve got some HTTPS traffic with NTP traffic at stake too. Moreover, the traffic leak isn’t an incidental finding. Instead, Google is being accused of designing Android in that particular manner.

Mullvad adds that so many Android users are truly clueless as to what is going on. The fact that this is built-in functionality that they have zero knowledge about is shocking. Moreover, all fingers are pointing toward Google to give a false description of the current VPN lockdown functionality.

The recently filed complaint by the Swedish firm says Google is not right about the paperwork that talks in detail about blocking connections taking place without a VPN. It’s a connectivity check that enables traffic to leak out intentionally outside of the VPN channel. And despite the feature for a lockdown getting activated, it’s still struggling with providing privacy.

The current rules speak about how the tech giant is blocking any type of traffic that come its way using a VPN. But as can be seen clearly, this is far from the truth of the matter. A lot of the traffic gets leaked whenever the user tries to connect to their Wi-Fi source.

Hopefully, Google can now take the issue more seriously as users are not liking the reports they’re hearing on the matter.


Read next: Minors user twist their age on social media: Ofcom UK
Previous Post Next Post