Daniel Micay
Daniel Micay
On our servers, we use nftables to emulate a strong host model for input, but not currently output, and we exclude loopback since there are many things requiring the weak...
> This cannot possibly be an issue with the Mullvad VPN app, since I have revoked its network permissions so it cannot be the one sending the DNS queries, so...
Try using the official WireGuard app instead.
GrapheneOS uses the standard implementation of this with no changes to it. None of the features or bugs with VPN support have to do with GrapheneOS at the moment.
It would be best to file an Android security issue and we'll do our own investigation to fix it early ourselves. It still needs to be determined what's happening and...
@ryrona2 Most apps use the system DNS resolver which is meant to send requests through the VPN provided DNS implementation. Native DNS are handled differently from other requests due to...
Their post acknowledges that they fixed a bug in their app which resolved a major part of the issues. The issue while reconnecting looks a whole lot like a race...
Their previous post about connectivity checks claims something that's working by design without issues is a leak. It was highly misleading and largely inaccurate. Android VPN configuration is per-profile and...
@no-usernames-left It's entirely supported to send DNS queries to the regular network DNS while using a VPN with the kill switch enabled. The feature is very flexible and allows doing...
> In some countries, those leaks could get someone killed. Perhaps you should use the built-in IPSec support if it's serious. We can't make any promises about whether apps leak...