Any app on recent Android versions can leak certain traffic

Lobsters Hottest News

Summary

A security vulnerability has been identified in recent Android versions that allows any installed app to potentially leak certain network traffic.

<p><a href="https://lobste.rs/s/ulnrmv/any_app_on_recent_android_versions_can">Comments</a></p>
Original Article

Similar Articles

GrapheneOS fixes Android VPN leak Google refused to patch

Hacker News Top

GrapheneOS released an update fixing a critical Android VPN leak vulnerability that Google declined to patch in stock Android 16. The fix disables a QUIC connection optimization that allowed apps to bypass VPN protections and expose real IP addresses.

Force all app traffic into the tunnel

Lobsters Hottest

Mullvad VPN’s iOS app adds “Force all apps” toggle to block all traffic leaks by enabling includeAllNetworks, accepting Apple bugs that can brick updates.

I broke AppLovin's mediation cipher protocol

Hacker News Top

A researcher reverse-engineered AppLovin's ad mediation cipher protocol, revealing that it uses a weak non-cryptographic PRNG and a static salt to encrypt device information, allowing deterministic re-identification of iPhones across apps even when users deny tracking permission.