Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content

Investigate if we are affected by connectivity check leak

  • /e/ version: 1.4 and 1.5
  • Device model(s): all
  • Device rooted: no

Summary

Mullvad VPN published a blog post about an android connectivity leak.

The problem

Steps to reproduce

According to the blog post:

Ensure Always-on VPN and Block connections without VPN is enabled in system settings. Disconnect from your WiFi. Start monitoring network traffic from and to the Android device, e.g. by running tcpdump on your router. Connect to your WiFi. Observe that the traffic isn't limited to VPN traffic, but also consists of DNS lookups, HTTP(S) traffic and potentially also NTP traffic.

As a comparison, the privacy and security focused Android based distribution GrapheneOS provides users with the option to disable connectivity checks. If that option is enabled, the above leaks could not be observed by us.

What is the current behavior?

The blog post mentions that only Graphene corrects this issue.

What is the expected correct behavior?

We should know if /e/OS corrects this issue and if not, how hard it is to correct.

Technical informations

Relevant logs (adb logcat)

Relevant screenshots

Solutions

Workaround

Possible fixes