Lemmy.zip

2,762 readers
219 users here now

Welcome to Lemmy.zip - a community for like minded people to come and have a chat about almost anything. From games to tech, to anything else, come and have a chat.

If you're new and would like to join Lemmy.zip, please fill in the sign up form. Email verification is required. (Please check your spam folder!)

Once you're signed up, come and introduce yourself in our Home community!

Useful Links

m.lemmy.zip - Our Mobile/Tablet site
old.lemmy.zip - A familiar desktop experience!
a.lemmy.zip - A desktop-first UI
t.lemmy.zip - An alternative Mobile/Tablet UI with lots of features!
Join our Matrix Chat!

Instance Rules

To maintain the high standard of discourse and interaction we all value, each user must adhere to the guidelines outlined in our Code of Conduct. This set of rules is designed not just to maintain order but also to ensure a safe and inclusive environment for everyone to share their thoughts and ideas.

What to Expect in Our Code of Conduct:

Respectful Communication: We strive for positive, constructive dialogue and encourage all members to engage with one another in a courteous and understanding manner.
Inclusivity: Embracing diversity is at the core of our community. We welcome members from all walks of life and expect interactions to be conducted without discrimination.
Privacy: Your privacy is paramount. Please respect the privacy of others just as you expect yours to be treated. Personal information should never be shared without consent.
Integrity: We believe in the integrity of speech and action. As such, honesty is expected, and deceptive practices are strictly prohibited.
Collaboration: Whether you're here to learn, teach, or simply engage in discussion, collaboration is key. Support your fellow members and contribute positively to shared learning and growth.

If you enjoy reading legal stuff, you can check out legal.lemmy.zip.

Funding

If you would like to contribute to the upkeep of Lemmy.zip, please head over to OpenCollective.
Anything you're happy to donate is very highly appreciated!
You'll even get your name in the Thank You thread.

If you want to use PayPal, you can donate via Ko-Fi:

Server

founded 1 year ago

ADMINS

Demigodrick

Sami

ZippyBot

GrapheneOS version 2024050900 released (grapheneos.org)

submitted 3 months ago by [email protected] to c/[email protected]

0 comments fedilink

Pixel 4a (5G) and Pixel 5 are end-of-life and shouldn't be used anymore due to lack of security patches for firmware and drivers. We provide extended support for harm reduction.

Tags:

2024050900-redfin (Pixel 4a (5G), Pixel 5)
2024050900 (Pixel 5a, Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, emulator, generic, other targets)

Changes since the 2024050700 release:

prevent app-based VPN implementations from leaking DNS requests when the VPN is down/connecting (this is a preliminary defense against this issue and more research is required, along with apps preventing the leaks on their end or they'll still have leaks outside of GrapheneOS)
exclude Settings app from visible Location indicator too since it gets triggered from accessing Wi-Fi data when enabling Wi-Fi hotspot and potentially other info tied to Wi-Fi and Bluetooth
Vanadium: update to version 125.0.6422.35.0
PDF Viewer: update to version 19

137

GrapheneOS latest release includes a preliminary defense to prevent app-based VPN implementations from leaking DNS requests on Android when the VPN is down/connecting (grapheneos.org)

submitted 3 months ago by [email protected] to c/[email protected]

0 comments fedilink

Mullvad VPN's blog post: DNS traffic can leak outside the VPN tunnel on Android

Identified scenarios where the Android OS can leak DNS traffic:

If a VPN is active without any DNS server configured.

For a short period of time while a VPN app is re-configuring the tunnel or is being force stopped/crashes.

The leaks seem to be limited to direct calls to the C function getaddrinfo.

The above applies regardless of whether Always-on VPN and Block connections without VPN is enabled or not, which is not expected OS behavior and should therefore be fixed upstream in the OS.

We’ve been able to confirm that these leaks occur in multiple versions of Android, including the latest version (Android 14).

We have reported the issues and suggested improvements to Google and hope that they will address this quickly.

GrapheneOS 2024050900 release changelog announcement:

prevent app-based VPN implementations from leaking DNS requests when the VPN is down/connecting (this is a preliminary defense against this issue and more research is required, along with apps preventing the leaks on their end or they'll still have leaks outside of GrapheneOS)