Android Leaks Some Traffic even when ‘Always on VPN’ is enabled!
It has been discovered that the Android operating system leaks traffic everytime the user’s device connects to a WiFi network. Various amounts of data is leaked including: source IP address, HTTPS traffic, DNS lookups, and possible even NTP traffic just to name a few. Most Android users are unaware that this is built into the Android system as a design choice.
This makes the description on “VPN Lockdown” extremely inaccurate. When VPN connection is enabled all data is supposed to be encrypted maintaining anonymity while browsing the web. That is not the case with Androids as they leak metadata, which includes the source IP and along with WiFi access point locations could be used to derive further information.
“Unfortunately, a Google engineer responded that this is intended functionality for Android and that it would not be fixed for the following reasons:
- Many VPNs actually rely on the results of these connectivity checks to function,
- The checks are neither the only nor the riskiest exemptions from VPN connections,
- The privacy impact is minimal, if not insignificant, because the leaked information is already available from the L2 connection.”
So at this time Android users must be cautious about their privacy and data during ‘connectiveity checks’. Some users have sought to go outside the box and have converted to an iPhone. The iPhone’s IOS is a very strong operation system with loads of built in native security features and reliability. With the introduction of IOS 16 many users now have access to Widgets and other enhancements making them feel like an Android style o/s but with enhanced security features.
Related Products:
References: