My understanding is that if you run a rogue discoverable DHCP server in a local network with a particular set of options set and hyper-specific routing rules, you can clobber the routing rules set by the VPN software on any non-Android device, and route all traffic from those devices through arbitrary midpoints that you control.
But IANANE (I am not a network engineer) so please correct my misinterpretations.
this implies physical access or at least access within the network?
Keeping in mind that may mean that somebody like a cellular provider could do so. Since your local network in that context would be them.
Exactly. And if your ISP or cellular provider wants, or is forced, to gather information about your internet activities, they can almost certainly find a way. The cheap consumer-grade VPN services most of us use just prevent casual or automated observers from easily detecting your device's IP address. For most people that just want to torrent casually or use public wifi, it's enough.
Or to watch porn in one of the states that block porn.
It has implications on the effectiveness of VPNs on public networks.
That, or the ability to spoof it
Or I expect compromise of anything on the LAN that can create a rogue DNS server that can override the routing table.
My understanding is that if you run a rogue discoverable DHCP server in a local network with a particular set of options set and hyper-specific routing rules, you can clobber the routing rules set by the VPN software on any non-Android device, and route all traffic from those devices through arbitrary midpoints that you control.
But IANANE (I am not a network engineer) so please correct my misinterpretations.
this implies physical access or at least access within the network?
Keeping in mind that may mean that somebody like a cellular provider could do so. Since your local network in that context would be them.
Exactly. And if your ISP or cellular provider wants, or is forced, to gather information about your internet activities, they can almost certainly find a way. The cheap consumer-grade VPN services most of us use just prevent casual or automated observers from easily detecting your device's IP address. For most people that just want to torrent casually or use public wifi, it's enough.
Or to watch porn in one of the states that block porn.
It has implications on the effectiveness of VPNs on public networks.
That, or the ability to spoof it
Or I expect compromise of anything on the LAN that can create a rogue DNS server that can override the routing table.
But I might be missing something