BolehVPN Support

Community: Hang out with the Boleh family => General Discussion => Topic started by: maxbudin on February 06, 2014, 07:10:17 AM

Title: Android VPN redirect vuln now spotted lurking in Kitkat 4.3 + 4.4
Post by: maxbudin on February 06, 2014, 07:10:17 AM

In case its not been brought up yet, just a heads up if anyone is interested. Article is here for kit kat 4.4 http://www.theregister.co.uk/2014/01/28/android_vpn_vuln_also_in_kitkat_44/ (http://www.theregister.co.uk/2014/01/28/android_vpn_vuln_also_in_kitkat_44/)

and for kit kat 4.3 http://www.theregister.co.uk/2014/01/22/israeli_android_researchers_demo_vpn_vulnerability/ (http://www.theregister.co.uk/2014/01/22/israeli_android_researchers_demo_vpn_vulnerability/)

Title: Re: Android VPN redirect vuln now spotted lurking in Kitkat 4.3 + 4.4
Post by: Chris on February 06, 2014, 11:38:27 AM

A big flaw, but still one that relies on the user installing a malicious app. As long as you stick to the Play store and be very careful as to what you download, you should be fine. Same precautions you should take for any tech device really.

Title: Re: Android VPN redirect vuln now spotted lurking in Kitkat 4.3 + 4.4
Post by: maxbudin on February 06, 2014, 01:13:18 PM

Yes Chris, though innitially it was thought the VPN weaknesses were in apps such as Samsung Knox. Later on it became apparent the problem is with Android itself, not third party apps.  While Google is still addressing apps with malware in the playstore, compounded by how apps intrude/track personal info, they might still have to address Android VPN leaks as they have admitted.