HQ/EMEAFind out how we can help your business
Researchers have uncovered an Android bug that allows DNS requests to leak even when the VPN kill switch is turned on. This new flaw could jeopardise the privacy of numerous Android users.
Despite using the “Always-on VPN” function with the “Block connections without VPN” option enabled, a VPN user discovered that Android devices continue to leak DNS queries when switching VPN servers.
The “Always-on VPN” feature is designed to initiate the VPN service at the device boot and keep it running while the device or profile is active. In addition, the “Block Connections Without VPN” option, which serves as a kill switch, should direct all network traffic through the VPN tunnel, protecting user web activity from unauthorised access or exposure.
Researchers discovered the new Android bug last month.
According to an investigation last April 22, an Android bug still permits DNS information to leak even with these features enabled on the most recent OS version (Android 14), which happens primarily when apps directly use the getaddrinfo C function, which transforms text hostnames into IP addresses.
The leak happens when a VPN is operational without a defined DNS server or the VPN tunnel configuration changes due to failures or pauses. Additionally, programs that use Android APIs like DnsResolver, such as the Chrome browser, remain unaffected because they do not directly access getaddrinfo.
The researchers disclose potential mitigating strategies for specific conditions. These tactics include setting up a bogus DNS server, for example, when the VPN software is active, which may prevent DNS leaks during server switches.
However, there is yet an update for the bug released that would address the VPN tunnel reconnect DNS query leak, which affects all other Android VPN apps in the same way.
These disclosures substantially threaten user privacy, as they could reveal their approximate locations and online activities. Users should reconsider using Android devices for critical jobs or take additional precautions to reduce risks until Google releases a fix to address the flaws and patches for earlier Android versions.
