Are Android VPN Users at Risk?

We’ve been keeping a close eye on a story related to a possible VPN bypass vulnerability in Android devices.  Researchers in the cyber security lab of Ben Gurion University in Israel have been researching the issue.  First making it known to Samsung that a vulnerability exists on their Knox devices.  It would allow an attacker to bypass the built-in VPN features and some third party VPN apps to intercept communications in clear text.

The team at Ben Gurion University has published a series of blog posts detailing the issue.  After Samsung dismissed the problem and pointed a finger at Google, the research team released more details on the vulnerability.  They are still waiting on a response from Google’s security team.  From what we’ve read and seen from a video posted on their site the issue looks real.  If the research is right Android VPN users are at risk.

The cyber security team at Ben Gurion first uncovered the vulnerability for devices running Google’s Android 4.3 Jelly Bean.  On Monday they published a new post outlining the issue on Android 4.4 KitKat as well.  You can judge for yourself whether or not you think Android users are at risk by the vulnerability.  Here’s a video they shared showing the VPN bypass issue on a Google Android 4.4 KitKat device.

We’re very interested to hear from those in the VPN industry as well.  Does this seem like something that might affect your apps.  I know it appears to be an issue with the underlining Android code but perhaps some VPN apps aren’t affected.  The information from the Ben Gurion team isn’t complete enough to detail the issue in depth.  That’s on purpose I’m sure to not help potential attackers make use of the bypass vulnerability.

Here is the cyber security teams posts so far for reference:

We also found these articles helpful in our research:

We’ll keep you updated on the response from Google and any future posts from the research team.