search

mullvad / mullvadvpn-app

The Mullvad VPN client app for desktop and mobile
https://mullvad.net/
GNU General Public License v3.0
4.54k stars 328 forks source link

[Feature request]: SHOW the routes currently installed #6239

Open Sami32 opened 3 weeks ago

Sami32 commented 3 weeks ago

I have checked if others have suggested this already

Feature description

If only the VPN client would SHOW the routes currently installed. This would make it easy for the user to see if somebody is "tricking" communication that was intended for the VPN connection outside of it (like when travelling and using public WiFi (TunnelVision attack), for exemple)

Alternative solutions

Don't use poor UIX.

Type of feature

Operating System

staffa commented 3 weeks ago

Technically the TunnelVision attack is actually inapplicable to Android due to its lack of support for option 121, though I don't mean to say it isn't still a desireable feature. That said, I don't think the vast majority of users would be making much sense of the routing.

I'm definitely not at all knowledgable when it comes to networking, but the TunnelVision writeup says that VPNs were reporting as still connected. I can't tell if that would imply that there is no way for the client to know, or if indeed there is enough information to detect the tunnel is being bypassed.

Sami32 commented 3 weeks ago

Without this kind of routes informations you better not be a dissident using public untrusted network... Or only use an Android version that don't support option 121 (>= Android 16?)

Users having access to routes informations can monitor it by themself; an automatic script can be frequently run to detect any routes table changes but it will consume more battery on your travel router.

Yes, until now Android non-standard compliant approach avoided such issue. But as a future proof development approach and UIX general coherence between OS i think that it should at least be offered as an optional settings.

All this wouldn't be a problem if users were allowed to be a bit more involved in everything. It would be quite easy to see if somebody inserts a route for example, if only the VPN client would SHOW the routes currently installed. This would make it easy for the user to see if somebody is "tricking" communication that was intended for the VPN connection outside of it. But, sadly, the world has decided that users must be stupid and should see no technical details - and that everything must be handled automatically AND safely. This is what keep putting us in these "impossible" situations - the fact that everything should "configure itself" AND at the same time do exactly what "we" (whoever "we" are) want.

Anyway, that was only my 2 cents.

benjaminhays commented 1 week ago

If I'm not mistaken, the app could have a subsection somewhere in the support/debug menu that prints the contents of /proc/net/route for those who are concerned/curious about the status of the routing table at present. It shouldn't be too hard to implement either, assuming my limited Android knowledge is correct about the app's access to the table. It may also be useful for troubleshooting and the like, especially if routing table corruption occurs due to an unintentional bug or error.

I doubt that it would actually prevent any current or future attacks against VPNs in practice, but it may give some peace of mind to those concerned about said attacks. A lot of security-minded folk tend to over-focus on the technical aspects of surveillance attacks and not the very real psychological effects that occur as a result. Dictatorships and authoritarian regimes know very well that even if someone has all the technical abilities to evade surveillance, the person will regardless likely be fearful and in a constant state of paranoia. This is how dissent is suppressed without a single arrest or wiretap, without a trace or an entry in a log file. I imagine only a subset of users have a need for this kind of information, but if it assists in those areas, what is not to like?