Monday, June 8, 2015

OpenVPN for Android 5+

Click to Download OpenVPN for Android 5 Lollipop and later
ca306d4b0a2d952674525f0acdcf8a11b2853a39e58a389f0f31f748ca1b57a9  openvpn.xz

  • You must have a rooted Android phone
  • You must be comfortable with (Android) command line
  • Some people really want this

About This OpenVPN

Special about this OpenVPN is that it runs on Android 5 Lollipop and later, which no previous OpenVPNs do.

This OpenVPN executable runs on any Android with an arm7 or later processor: virtually any phone, tablet or device made in 2011 or later. I set out to enable the OpenVPN service to run on Android 5 using only perpetually free software. Dramatic changes have occurred in how native software is built for Android, the way open build systems operate and cross compile, and finally, software components that OpenVPN depends on have received significant updates. I then wrote a build script for Linux, in particular 64-bit Ubuntu server, that allows for building OpenVPN Android from only the script itself without a single keystroke. As a benefit, this script can build on a Linux computer, a rented cloud server or in a virtual machine under a proprietary operating system. I intend to publish this build script on the Internet.

Why VPN?

This software is essential to former employees of Zynga, Inc.

  • When a former ceo have your location tracked via ip addresses on personally identifiable apps such as LinkedIn, run by a Zynga board member, a random ip address makes the information meaningless.

  • When a former ceo pays to rent the apartment next door within the 400 mW mobile device range attacking devices and subnets, Wi-Fi man-in-the-middle attacks are defeated by the mutual certificate authentication of OpenVPN.
  • When a former ceo pays to eaves drop on your Internet connection to snoop on name server traffic, tear down tcp connections, hijack domain names and uncover gmail passwords, the connections are protected and encrypted, preventing even tunneled server addresses from being revealed.

There is still foot pursuits by private investigators and break and entry. Twice.

About OpenVPN

OpenVPN was initially written in 2001 by James Yonan, who is now Co-Founder and CTO of OpenVPN Technologies, Inc. a corporation in Pleasenton, California nearby San Francisco. The software is licensed under GPL2 and was originally intended for wired computers, but is today deployed along Linux on laptops, embedded systems, routers and mobile phones. OpenVPN supports virtually any target system, but does not provide build support for Android, the Linux derivative that has become the world's most common mobile device operating system.

In 2010, Friedrich Schäuffelhut, a German software engineer, completed the work of porting OpenVPN 2.1 to Android. This is the five year old build hat most people have been using. Cyanogen Inc., a maker of after-market Android software in Palo Alto, California, forked the project and updated it to version 2.3.4.

When Android 5 Lollipop was introduced in 2014, it brought a new file format for security reasons that prevented all previous OpenVPN executables from functioning. Many have asked for, but no one actually built OpenVPN for Android 5. Effectively, the only VPN available has been Android's VPN api.

Because Cyanogen built OpenVPN using proprietary software, the free build system of their OpenVPN was in decay and the fork no longer compatible with the original project. Without an easy build process available to everyone as open source software, a community build is unlikely to materialize.

Since Android 4 there is also a VPN service, however, this service only supports one connection at a time, offers much less configuration and provides poor control over what traffic is tunneled. The main benefit of the api is that the phone does not need to be rooted, providing VPN to a wider audience.


Everything works, including script execution. On Android, you must use the directive script-security 2, the script file must have execute permissions, and its first line must be #!/system/bin/sh

I have seen uptimes of over 1 month, so it is as stable as Android itself.

No comments:

Post a Comment