[guardian-dev] vuln: malicious Android apps can bypass active VPN configuration

Nathan of Guardian nathan at guardianproject.info
Sat Jan 18 14:25:53 EST 2014

Also that whole feature is broken in 4.4!

Hans-Christoph Steiner <hans at guardianproject.info> wrote:
>Bad news for the idea of using the Android VPN support for Tor
>"This vulnerability enables malicious apps  to bypass active VPN
>(no ROOT permissions required) and redirect secure data communications
>to a
>different network address."
>PGP fingerprint: 5E61 C878 0F86 295C E17D  8677 9F0F E587 374B BE81
>Guardian-dev mailing list
>Post: Guardian-dev at lists.mayfirst.org
>List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>To Unsubscribe
>        Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
>Or visit:
>You are subscribed as: nathan at guardianproject.info
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20140118/94f87b65/attachment.html>

More information about the Guardian-dev mailing list