Am I missing something, this looks like expected behavior. Not all interfaces use VPN. You should create additional isolation to limit the interfaces that applications can attach to.
Not at all specific to ProtonVPN. Makes for nice click bait title though as expected from a security related post.
This is NOT expected behavior. A VPN killswitch is supposed to cut all non-VPN connections on ALL INTERFACES. Not doing so could lead to leaks, especially with things like Torrent clients.
Case in point:
- IVPN and Mullvad does not have this issue on Linux. It is ProtonVPN specific.
- IVPN, Mullvad, AND PROTONVPN do block all non-VPN connections on macOS. Yes, the ProtonVPN client DOES NOT have the same behavior on macOS.
How would you go about "[creating] additional isolation to limit the interfaces that applications can attach to?" Is it actually any better than a firewall based implementation?
If only you would just spend 15 minutes doing basic testing before calling other people "clickbait".
Not at all specific to ProtonVPN. Makes for nice click bait title though as expected from a security related post.