Anyone with some expertise on this topic, please advise. If I use all this in a smartphone browser, rather than separate apps, is this vulnerability not a concern? I.e., instead of the bank's app, I should just use the web version in the browser, etc.
Anyone with some expertise on this topic, please advise. If I use all this in a smartphone browser, rather than separate apps, is this vulnerability not a concern? I.e., instead of the bank's app, I s...
The best way to control this is to have separate browser for this and enable split tunneling in the client of your choice and exclude it from the VPN/Proxy connection.
The best way to control this is to have separate browser for this and enable split tunneling in the client of your choice and exclude it from the VPN/Proxy connection.
Will it be sufficient to clone the browser app using the standard built-in tools? Will two Firefox browsers, for example, work correctly with split tunneling?
Personally, split tunneling doesn't work for me with awg and their client. It either endlessly tries to connect, or I'm always using a VPN, even though the traffic should be going directly.
Proxy is better, but still not ideal. I'll probably have to carry a Windows PC with me; I haven't had any issues with it yet.🤣
Will it be sufficient to clone the browser app using the standard built-in tools? Will two Firefox browsers, for example, work correctly with split tunneling?
Personally, split tunneling doesn't work...
I am not sure if profiles will work as intended. I would say it's safer to have separate browser for this. You could use Waterfox as example, if you prefer Firefox. Or even better you could go with Firefox Focus, especially if you use it for banking. Once you close it it will erase all cookies and history.
If you disable non proxied UDP (WebRTC), the loopback scanning will fail. I think the Chromium team has either changed their defaults or added a new dial after the Facebook/Yandex tracking techniques became public. Brave has tighter controls over this by default, and you can adjust it.
Just disable the proxy server in your client.
Private space, work profiles, separate users don't share the networking space except for a few IPCs for notifications etc. In laymen terms, an app installed in a private space uses a separate routing table and isn't routed through your admin profile VPN connection slot, and this is done by design.
Private space has a couple of VPN leak bugs here and there and you absolutely shouldn't use it for anything serious though.
My personal strategy is to use a separate Chromium based browser for anything government related. I don't install the banking apps either as i foreshadowed the observed behavior of Yandex long before it became public. For Russians specifically, disabling socks proxy isn't enough as user installed apps have greater power and can enumerate VPN servers like Max did.
Not to mention the fact you're inviting a threat actor to your device. Sandboxed, but still.
Chromium based browsers make use of Android's tight sandboxing and make it practically impossible to hack a citizen. Every major app except for taxi, car rentals and 20km/h killdozers have a mobile version counterpart.
7 Comments
Anyone with some expertise on this topic, please advise. If I use all this in a smartphone browser, rather than separate apps, is this vulnerability not a concern? I.e., instead of the bank's app, I should just use the web version in the browser, etc.
The best way to control this is to have separate browser for this and enable split tunneling in the client of your choice and exclude it from the VPN/Proxy connection.
Will it be sufficient to clone the browser app using the standard built-in tools? Will two Firefox browsers, for example, work correctly with split tunneling?
Personally, split tunneling doesn't work for me with awg and their client. It either endlessly tries to connect, or I'm always using a VPN, even though the traffic should be going directly.
Proxy is better, but still not ideal. I'll probably have to carry a Windows PC with me; I haven't had any issues with it yet.🤣
I am not sure if profiles will work as intended. I would say it's safer to have separate browser for this. You could use Waterfox as example, if you prefer Firefox. Or even better you could go with Firefox Focus, especially if you use it for banking. Once you close it it will erase all cookies and history.
If you disable non proxied UDP (WebRTC), the loopback scanning will fail. I think the Chromium team has either changed their defaults or added a new dial after the Facebook/Yandex tracking techniques became public. Brave has tighter controls over this by default, and you can adjust it.
Just disable the proxy server in your client.
Private space, work profiles, separate users don't share the networking space except for a few IPCs for notifications etc. In laymen terms, an app installed in a private space uses a separate routing table and isn't routed through your admin profile VPN connection slot, and this is done by design.
Private space has a couple of VPN leak bugs here and there and you absolutely shouldn't use it for anything serious though.
My personal strategy is to use a separate Chromium based browser for anything government related. I don't install the banking apps either as i foreshadowed the observed behavior of Yandex long before it became public. For Russians specifically, disabling socks proxy isn't enough as user installed apps have greater power and can enumerate VPN servers like Max did.
Not to mention the fact you're inviting a threat actor to your device. Sandboxed, but still.
Chromium based browsers make use of Android's tight sandboxing and make it practically impossible to hack a citizen. Every major app except for taxi, car rentals and 20km/h killdozers have a mobile version counterpart.
We'll definitely get through this, guys.
Karing, in its latest version released recently, added the ability to set a login and password in the Mixed tab.