May 3, 2024 at 05:07PM
Mullvad VPN user discovered that Android devices leak DNS queries despite enabling “Always-on VPN” and “Block connections without VPN” option. This bug, affecting Android 14, leaks DNS traffic when using specific apps or when VPN configurations change. Mullvad suggests workarounds and urges OS fixes to protect all Android users’ privacy. DNS traffic leaks pose a significant risk, prompting caution or additional safeguards until Google resolves the issue.
From the meeting notes, the key takeaways are:
1. The issue: Mullvad VPN user discovered that Android devices leak DNS queries despite enabling “Always-on VPN” feature with the “Block connections without VPN” option. The bug also causes DNS leaks when the device reconfigures the VPN tunnel, crashes, or forcibly stops the VPN app.
2. Impact: DNS traffic leaks pose a significant risk to user privacy, potentially exposing their approximate locations and online activities.
3. Mitigations: Mullvad suggests potential mitigations, including setting a bogus DNS server while the VPN app is active to address one scenario. However, a fix for the VPN tunnel reconnect DNS query leak remains unresolved, impacting various Android VPN apps.
4. Recommendations: Given the severity of the issue, it’s advisable to avoid using Android devices for sensitive activities or implement additional safeguards until Google resolves the bug and updates older Android versions.
Please let me know if there’s any additional information you require from these meeting notes.