WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2026 Poal.co

701

When a company like Google refuses to fix a security exposure issue... Its because it's intentional.

Archive: https://archive.today/vKt0D

From the post:

>GrapheneOS has released a new update that fixes a recently disclosed Android VPN bypass vulnerability capable of leaking a user’s real IP address. The leak happens even when Android’s “Always-On VPN” and “Block connections without VPN” protections were enabled. The issue, disclosed last week by security researcher “lowlevel/Yusuf,” affected Android 16 and stemmed from a newly introduced QUIC connection teardown feature in Android’s networking stack. In its latest release, GrapheneOS says it has “disable[d] registerQuicConnectionClosePayload optimization to fix VPN leak,” effectively neutralizing the attack vector on supported Pixel devices.

When a company like Google refuses to fix a security exposure issue... Its because it's intentional. Archive: https://archive.today/vKt0D From the post: >>GrapheneOS has released a new update that fixes a recently disclosed Android VPN bypass vulnerability capable of leaking a user’s real IP address. The leak happens even when Android’s “Always-On VPN” and “Block connections without VPN” protections were enabled. The issue, disclosed last week by security researcher “lowlevel/Yusuf,” affected Android 16 and stemmed from a newly introduced QUIC connection teardown feature in Android’s networking stack. In its latest release, GrapheneOS says it has “disable[d] registerQuicConnectionClosePayload optimization to fix VPN leak,” effectively neutralizing the attack vector on supported Pixel devices.
[–] 2 pts

Getting ready to install graphene on an oldish device and see how it goes. Trying to decide if my next device will be a Fair phone or a linux phone; maybe even an old degoogled pixel, just not sure yet.