[guardian-dev] vuln: malicious Android apps can bypass active VPN configuration

Nathan of Guardian nathan at guardianproject.info
Sun Jan 19 15:26:54 EST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/19/2014 03:05 PM, Pranesh Prakash wrote:
> Nathan of Guardian <nathan at guardianproject.info> [2014-01-18
> 14:25:53 -0500]:
>>> Also that whole feature is broken in 4.4!
> How is that?  I'm on 4.4.2 and am using "OpenVPN for Android"
> (which uses the Android 4.0+'s VPNService API), and it seems to be
> working fine.  Is there any reason to prefer OpenVPN Settings?

Just referring to this issue. perhaps it is solved on 4.4.2 now?
https://code.google.com/p/android/issues/detail?id=62714


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJS3DUKAAoJEKgBGD5ps3qpLkEP/3hvdtYvt0yuymNz+tE5ZSQw
zWhzduuimGODqumBuhw/ZkdyqF2zs8vqi5zZsqcisUKykNPoY/2Y9wigma2vdNk4
D7v9N0pfz065nT0rYoa34y4AnvlE5rXoCuYEp3v3MGWta8Tun4AXL8J1YtRL6qNA
AFYEm6BCCpGryDwToYQxbesB+rvdWx5S3sqg9toX4xz+/xzaD3jrqPY2wi068zCq
YG3XvnlgKkas5mdxvrCP0AQmfJ8P+lgalWRKOOfcVtlBo9yBVxVIu2sih25uXciY
QLroouozJeIwUzB4T1bsmg7gUORUNoxOEQcH+PUH1Tg2xNQ8l8Tlqz+kKc465kIu
igBOvkzO6iq91IEBcH42Lqy7aMG4UgeQQE0MjMBd+2hYzBtkjo9IoVFBEQJmK7Ys
X+fVgeW5hZXj5FfnNaNSuWhrPCjFv77ByuVmdg3dreJgQA1d/tcnBAopgFuk+XDq
wJczmul03EvYYv/LEyPyWi/RbCzJKukCmfQ+M0GexfFltTHJSdvHIzD/vSOoEmj0
RWieFe+LD/UOKVogCYtjhFxCSa/wx6w/ZFx/c1SPg3CeJowR8m4EA8ZjFPlRnzpb
4zSZ2/JtswALDW4/3MU2Fn263O/bbKgsx9cs2UO696GNjRM55BHIrYsvvQkn0pUj
mJvw4ftvEqOVS+Gt87ek
=0AHb
-----END PGP SIGNATURE-----


More information about the Guardian-dev mailing list