Our Browser Extension team would like to alert users about a privacy-affecting issue in the current version of Chrome (v71) as well as other Chromium-based browsers, where DNS requests using the "dns-prefetch" feature will bypass any proxy configured in the browser and instead perform domain name lookups using the operating system's configured DNS servers. This effectively bypasses our Browser Extension's DNS leak protection and makes it possible for your home IP address to be exposed via your DNS requests even while browsing via Private Internet Access.
This vulnerability has been fixed in the latest Beta version of Chrome (v73) but until that version becomes stable, we recommend one or both of these remediation steps:
- Use the desktop client in conjunction with the browser extension.
This will ensure that any requests that escape the browser's proxy will be covered by the desktop client.
Setting both clients to the same VPN server will mitigate any performance issues.
- Set your host operating system's DNS server to a static address.
We recommend adding CloudFlare's DNS servers as your host operating system's custom DNS servers.
Preferred DNS server address: 18.104.22.168
Alternate DNS server address: 22.214.171.124