I was not aware of this until today. People use work profiles on Android to isolate their more privacy invasive apps. If you want those apps to be tunnelled through a VPN, you would have to install the VPN application you use on your work profile separately and turn it on separately in your work profile.

    • black_mouflon@beehaw.org
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      I thought you could do that through the setting “Allow client to use VPNs” in Network & internet -> Hotspot and tethering settings

      • constantokra@lemmy.one
        link
        fedilink
        English
        arrow-up
        7
        ·
        1 year ago

        I wasn’t aware that you could do that on regular android. I can’t confirm it because i’m using grapheneos, and I know it doesn’t have that setting.

        • black_mouflon@beehaw.org
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          It is on my phone on CalyxOS. I’m not sure about other operating systems. It could be that is not.I did’t expect so much difference in functiinality since Calyx is based on AOSP.

            • black_mouflon@beehaw.org
              link
              fedilink
              English
              arrow-up
              3
              ·
              edit-2
              1 year ago

              Ok thanks. I’ve been using CalyxOS for a while and l’m not caught up with “regular” Android. But if this features are so usefull why aren’t they merged to the AOSP (Android open source project)

              • LiveLM@lemmy.zip
                link
                fedilink
                English
                arrow-up
                3
                ·
                1 year ago

                But if this features are so usefull why aren’t they merged to the AOSP

                Me every time I realize the ability to completely block network usage for an app is not Stock Android

                • jet@hackertalks.com
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  1 year ago

                  It’s moments like these that make me realize oh Android is built primarily as a advertisement tool

              • jet@hackertalks.com
                link
                fedilink
                English
                arrow-up
                2
                ·
                edit-2
                1 year ago

                The VPN sharing choice is at least logical. You have to make a decision when designing a system how your engineer the network stack. And if you say every profile and every user gets equal access to the network stack. Then you get this result.

                But the feature of sharing VPN access is also useful. So it really just depends on what choice you made earlier. I don’t think this is necessarily evil.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    8
    ·
    edit-2
    1 year ago

    In stock Android, VPN settings only apply per user per profile. So if you have multiple users running they have different VPN settings.

    Work profiles don’t share VPN

    User accounts don’t share VPN

    Hotspot doesn’t share VPN

    Teathering doesn’t share VPN

  • Lemongrab@lemmy.one
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    Yep, seems like it acts like another device. Different user. Would love to know if there is a solution aside from another vpn instance inside the work profile.

  • balance_sheet@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    Can we talk about how stupid the way android handles VPNs and network adapters? Why on earth would you have to use VPN feature to use Zerotier?

    • MasterBuilder@lemmy.one
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      1 year ago

      Actuallyz the intended use of work profile is for… Work. You don’t want the corporate VPN to be Tue phone-wid3 VPN - do you?

      The design is logical. Since we are all misusing it, I think it would be useful to be able to toggle a “share VPN” switch.

    • Skimmer@lemmy.zip
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      1 year ago

      Yes, Private DNS carries over between profiles in my testing, just VPN that doesn’t