For those who use a service VPN (Virtual Private Network), the primary objective is to protect the transferred data and protect your privacy. The problem known as DNS leak can fundamentally undermine the security of online communications, exposing indications such as geographic location of the user ei websites visited.
Il DNS leak occurs when your device, instead of using the VPN provider’s DNS server, calls the resolver Local telecommunications provider’s DNS.
With a technical note published today, Mole – one of the most famous and popular VPN service providers – has confirmed that there is a problem in the Android operating system. The issue in question could lead to a DNS leak problem when using the VPN.
The discovery of potential DNS leaks on Android when using VPN services
The technicians of the Mullvad laboratories, after a series of checks carried out internally, have ascertained that Android can leak DNS traffic and therefore encourage DNS leaks essentially in two circumstances:
1. When a VPN is active with no DNS server configured.
2. For a short period of time during the VPN reconfiguration phase, for example when the service stops or crashes.
The DNS leak problem appears to be limited to system calls directed at C function getaddrinfo. Apps that use this method for resolve domain names they are in fact exposed. However, there would be no risk for applications that use the Android API such as DnsResolver. Il browser Chrome is an example of an app that you can use directly getaddrinfo.
The anomalous behavior, Mullvad adds, occurs regardless of whether the VPN is set to “Always-on” and that the user has chosen the option “Block connections without VPN” (the classic kill switch).
Mullvad: It’s Google that needs to fix the problem
According to Mullvad’s assessments, there is no need to resort to API of Android. Developers should be free to choose how to use the feature getaddrinfowithout this having any impact in terms of security and privacy.
In short, for Mullvad, the unexpected behavior must be corrected upstream, by Google developers with a patch intended specifically for the Android system.
Mullvad has already implemented some countermeasures to avoid any DNS leak but these are temporary interventions (setting up a fictitious DNS server): the natural solution should in fact come, as mentioned, from a fix at system level.
In his post, the technicians also provide indications on the steps to be taken to reproduce the problem.