Oddbean new post about | logout
 Mullvad VPN has confirmed the existence of critical DNS leak problems in certain Android VPN apps due to inherent bugs in the Android operating system.

The issues can occur in multiple scenarios, such as if the VPN is active without any DNS server configured, or for a short period while the VPN app is reconfiguring the tunnel or being force stopped/crashing. 

These leaks can expose users' browsing history, location, and ability to bypass internet censorship, even with the "Always-on VPN" and "Block connections without VPN" settings enabled.

Mullvad has reported the issues to Google and is implementing a workaround, but the problems should be addressed at the OS level to protect all Android users.

DNS traffic can leak outside the VPN tunnel on Android
https://mullvad.net/en/blog/2024/5/3/dns-traffic-can-leak-outside-the-vpn-tunnel-on-android

Does it apply to ios devices?
No, the DNS leak issues described do not apply to iOS devices. The search results specifically mention that the problems stem from bugs in the Android operating system itself, and only affect certain Android VPN apps.

The Mullvad VPN app for iOS uses the "on-demand VPN" function which acts as a kill switch when the VPN is connected, and should not leak traffic.

The article also notes that while there are some potential privacy issues with iOS, such as traffic to Apple services bypassing the VPN tunnel, there are no issues analogous to the Android DNS leaks described.

So in summary, the critical DNS leak vulnerabilities are limited to Android devices and apps, and do not impact iOS users of Mullvad VPN or other VPN services. The problems require fixes at the Android OS level by Google.