alt Hacker News> Because system_server operates with elevated networking privileges and is exempt from VPN routing restrictions
So a VPN isn't a VPN on Android? Regardless of this bug. Do other locked down operating systems act the same?
Replies
Terminology like "private" and "trust" differ in meaning from computer land to human convention.
It's a concern to me, because humans often extend their trust to computer trust based upon misunderstanding of the identically spelled words and lack of recognition of differing context.
MacOS has had instances where their own apps could bypass always-on VPN. I'm not sure if there have been exploits or gaps where traffic could go to arbitrary destinations directly.
How hard would it be to fix the system_server (and any other) bypass?
Ios does the same, only way around it is if you have an ?enterprise? licence (250+ devices)
Mullvad and others reported on that one ages ago