Android's "Always-On VPN" feature reportedly leaks some data and traffic each time its users connect their smartphones to a Wi-Fi internet connection.
Mullvad VPN has discovered a flaw in the two VPN options of Android, including "Block connections without VPN" and "Always-on VPN."
(Photo : GABRIEL BOUYS/AFP via Getty Images )
A guest takes a selfie with her smartphone during the Mercedes Benz Fashion Week in Madrid on April 8, 2021.
A guest takes a selfie with her smartphone during the Mercedes Benz Fashion Week in Madrid on April 8, 2021.
Android 'Always-On VPN' Reportedly Leaks Some Data, Traffic
As per the latest report by Bleeping Computer, Mullvad VPN discovered that the "VPN Lockdown" features of the mobile operating system of Google, Android, is apparently leaking some traffic.
The Swedish-based VPN service learned about the built-in issue on Android in a recent security audit, which has yet to be publicly published.
But despite that, Mullvad swiftly issued a warning regarding the issue. It should not only make Android users aware of it. Instead, the VPN service notes that it is also meant to pressure the search engine giant, Bleeping Computer notes in its report.
The Swedish VPN services disclosed that Android VPN features are leaking some traffic of its users when they connect to a Wi-Fi connection.
Mullvad notes that even if users have already turned on the "Always-On VPN'' and "Block connections with VPN" features on their Android devices, it still leaks some traffic.
What Exactly is Potentially Being Leaked?
Bleeping Computer states in the same report that the leaked traffic and data include the source IP address and DNS lookup of Android users. Not to mention that it could potentially leak some HTTPS traffic and NTP traffic as well.
(Photo : GABRIEL BOUYS/AFP via Getty Images)
Visitors walk past the Android stand at the Mobile World Congress (MWC) in Barcelona on February 25, 2019. - Phone makers will focus on foldable screens and the introduction of blazing fast 5G wireless networks at the world's biggest mobile fair starting February 25 in Spain as they try to reverse a decline in sales of smartphones.
Visitors walk past the Android stand at the Mobile World Congress (MWC) in Barcelona on February 25, 2019. - Phone makers will focus on foldable screens and the introduction of blazing fast 5G wireless networks at the world's biggest mobile fair starting February 25 in Spain as they try to reverse a decline in sales of smartphones.
And it turns out that the leaked traffic is not occurring accidentally, Mullvad VPN reveals. Instead, the VPN service claims that Google designed Android that way.
However, Mullvad says that Android phone users might not be aware of this built-in design, wherein some of their traffic is being leaked.
The VPN platform says that Google provides what looks to be an "inaccurate description" of its VPN Lockdown feature for Android users.
The complaint of Mullvad to Google states that the "documentation regarding "Block connections without VPN" (from now on lockdown) is incorrect." It comes as "connectivity check traffic intentionally leaks (sent outside the VPN tunnel) while establishing network connectivity, even though lockdown is activated for a VPN app."
The current documentation by the renowned tech giant says that "the system blocks any network traffic that [does not] use the VPN." But Mullvad VPN believes that it is inaccurate as some traffic is being leaked when connecting to a Wi-Fi connection.
Related Article: Google Play Store Kicks Out Ad-Free Instagram, OG App, for Android Users After Apple's Move
This article is owned by Tech Times
Written by Teejay Boris
