At this point, I’m not even going to bother trying to go on there anymore.

  • tetris11
    link
    fedilink
    arrow-up
    4
    arrow-down
    26
    ·
    edit-2
    8 months ago

    It’s easy to disable a VPN remotely though, especially on handheld devices.

    All you need to is to point the user to a post or a website that is bloated with JS and contains high rez images and/or video.

    The device then has to either begin paging memory like crazy - or more likely - begins to kill background processes that it thinks are not used by the foreground apps (e.g. your VPN).

    For newer smartphones this is less of an issue, since their RAM can handle it. For > 5 year old smartphones though? They might struggle.

    • delirious_owl@discuss.online
      link
      fedilink
      arrow-up
      6
      ·
      8 months ago

      If you run a VPN app, you can use AFWall to force all traffic through the VPN. So if the VPN app isn’t running for some reason, the apps set to only go through the VPN service will have no internet access.

      • tetris11
        link
        fedilink
        arrow-up
        2
        arrow-down
        3
        ·
        8 months ago

        In theory, yes. In practice, I can definitely tell you that the kill-switch service gets killed too, despite whatever level of niceness it’s assigned.

              • tetris11
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                edit-2
                8 months ago

                I’m happy it works flawless for you man, and I’m sure on official Lineage builds which are as close as possible to AOSP things work exactly as you say.

                I have an unofficial Lineage 18 ROM patched to hell to work with my old phone. All I can do is tell you what I see, and what I see is that when my phone tries to play a 720p or higher video, with an impossibly high bit-rate for the phone, the phone starts to aggressively background-kill apps, and that includes my VPN.

                Again, happy it works for you, and I agree that in principle the default route should point to nothing if the VPN dies. On my device, when the virtual network device of the VPN goes down, it drops to the default network and finds another gateway.

                  • tetris11
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    8 months ago

                    Sure, fair. Though I have enough phones I’ve collected over the years, I’m not sure if I need any more. As long as I take care not to go media heavy sites, my current device meets my needs almost all of the time.

    • delirious_owl@discuss.online
      link
      fedilink
      arrow-up
      5
      ·
      8 months ago

      You run your VPN on your router to fix this. Then every device on your network are forced through the tunnel, and this risk does not exist.

    • henfredemars@infosec.pub
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      8 months ago

      Not sure why you’re getting downvotes. I’ve seen VPN apps get background killed on some devices.

        • henfredemars@infosec.pub
          link
          fedilink
          English
          arrow-up
          1
          ·
          8 months ago

          Hmm, I’ve had that fail on some cheap Chinese phones. They have other software that kills things in the background irrespective of the setting. I developed a VPN client and was never truly able to solve this problem on some low memory devices.