By Constantin Jacob

TL;DR; there are bugs in Android that lead to the device leaking DNS requests which may be triggered by certain VPN profile setting combinations. Neither Guardian Connect partners nor the Guardian Firewall for Android app is impacted by these problems as far as we can tell right now.

Thanks to the fine folks at Mullvad publishing this PSA for their customers as well as other developers, we have been made aware of potential security & privacy concerns in the Android OS. We’re hoping that Google will report back very soon with a concrete plan to harden the internal OS APIs to plug these holes for all Android users. We would like to thank the team at Mullvad for shining a bright light onto the issue in all the correct channels to ensure that the privacy of all Android users is improved, not just their own customers.

After becoming aware of the issues we started an internal investigation right away to review our own logic paths in the context of this problem and have determined that our customers are currently not impacted by this problem as our SDK defaults to always setting an IP address for the DNS resolver in the WireGuard transport protocol configuration.We will continue to monitor the Android bug tracker ticket id referenced in the Mullvad blog post and will continue our internal investigation to ensure that our SDK and app indeed behave how we expect it to behave

For further information and to voice other concerns please reach out to our amazing technical support team at support@guardianapp.com or through the support web form