Gedsh / InviZible

Android application for online privacy and security
https://invizible.net
GNU General Public License v3.0
1.49k stars 103 forks source link

DNS Leak When Using Anonymized DNS Relays #248

Closed jamesta696 closed 8 months ago

jamesta696 commented 8 months ago

OS: Android 14 Device: Samsung Galaxy S24 Ultra / OneUI 6.1

Issue:

When using a DNSCrypt DNS such as Quad9 and also choosing Anonymized DNS Relays, there's a DNS Leak.

When you remove the Anonymized DNS Relays, no DNS Leak is shown.

DNS Leak Checker: https://browserleaks.com/ip

EDIT: Just ran another few tests and DNS Leak is also occurs without using Anonymized DNS Relays 😯😟

What can be causing this? This just recently happening for maybe about a couple weeks or so.

Been using the Pro version and decided to use to switch to the beta to see if the issue still occurs and it does.

I hope this issue can be resolved, I love this app 🥺

Gedsh commented 8 months ago

When using a DNSCrypt DNS such as Quad9 and also choosing Anonymized DNS Relays, there's a DNS Leak.

Using Anonimized DNS cannot cause DNS leaks. But you are using anycast DNS server, which usually leaks information about your country or even your ISP.

So first of all, do not use anycast DNS servers if you prefer privacy over speed. Choose only unicast servers or just use the default settings of the app.

Secondly, check for DNS leaks using browserleaks.com. Run each test in a separate private browser tab each time.

Thirdly - how do you understand that this is a DNS leak?

jamesta696 commented 8 months ago

When using a DNSCrypt DNS such as Quad9 and also choosing Anonymized DNS Relays, there's a DNS Leak.

Using Anonimized DNS cannot cause DNS leaks. But you are using anycast DNS server, which usually leaks information about your country or even your ISP.

So first of all, do not use anycast DNS servers if you prefer privacy over speed. Choose only unicast servers or just use the default settings of the app.

Secondly, check for DNS leaks using browserleaks.com. Run each test in a separate private browser tab each time.

Thirdly - how do you understand that this is a DNS leak?

Hi,

Thanks for your feedback! I've always used these same anycast DNS servers (Quad9) when using the Anonymized DNS Relays and never had any DNS Leaks. This only started happening recently (1-2 weeks now).

When checking for DNS Leaks, I had used the same site you referred above such as:

https://browserleaks.com/dns https://www.dnsleaktest.com

When doing some more debugging, I was able to track down the root cause:

I'm currently using Adguard in between InviziblePro for better Ad blocking capabilities.

Within Adguard, I noticed InviziblePro was being filtered through Adguard, this must have been causing issues with the App and somehow causing DNS Leak.

When I disabled "Route Traffic Through Adguard" for InviziblePro, the DNS Leak stop occuring and everything was working good again.

Screenshot_20240219_073320_AdGuard.png

I will close this issue, again, thank you for your feedback. I look forward to further developments with this application, there is no other app that is capable of doing what you have implemented.

Please keep up the great work! 🥇🏆 I do have some app suggestions for improvement and better UX, I'll make a separate issue as 'feature enhancements.'

Thank you.