Hello@all
Since the beginning of 2013 I use OpenVPN for Android by Arne Schwabe on my smartphones. However, the general uncertainty caused
by the ever-increasing crime-scene on the Internet and the whole damned lawful interception in the democratic (?) EU to kill
digital privacy has preoccupied me recently, because with a regular Android you actually have no control over what happens on
the mobile phone... as opposed to mobile devices like Debian-Laptops as example. But I don't want to replace the operating
system. For about 2 years now I have been using my smarphone only as an access-point and then connecting with my laptop. But
this is unsatisfactory when travelling and if I need a quick access.
As far as I know, I have 2 alternatives with cert/key handling. First, I copy clt.crt, clt.key and ca.crt as files to storage,
import them into the program and delete the files on the SD-Card. And secondly, I import a pkcs12-file into the user-keychain of
the smartphone and import it from there into the app. I'm less worried if the phone is stolen or if I lose it, but much more
worried about the possibilities of other Apps on the Smartphone.
If the OpenVPN-App can import the file from the keychain, the other apps can import it too. If I enter a password to use it, I
don't know which apps can read it too. Now I'm thinking, maybe the best way would be to import the 3 files into the app like
before (2013) and then delete the copied files in storage.
But the real question is, can other apps read the generated ovnp uncontrolled and unauthorized? Because if they can, they can
send it anywhere with an active online-connection... (???)
The real problem is, with a regular Android you are only a user and have no control or possibility to influence the security. I
would like to use my smartphone to access my network, but the necessary protection of my network should not be negated by
carelessness and unauthorized access to the VPN-Conf by another Android-Apps, if I do this.
What is the best way to deal with this problem? Are there useful and secure
solutions? But maybe I only misunderstood the facts?
Best Regards
Tom
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
