"In its latest release, GrapheneOS says it has "disable[d] registerQuicConnectionClosePayload optimization to fix VPN leak," effectively neutralizing the attack vector on supported Pixel devices."

"GrapheneOS responded by disabling the underlying optimization entirely in release 2026050400."

GrapheneOS "fixed" the leak by disabling the optimisation

Some HN commenters in the past have praised QUIC and downvoted comments that questioned who QUIC stands to benefit the most

Using QUIC may serve the interests of others but for me the tradeoffs are not worth it; I block QUIC traffic

QUIC is sometimes on by default in software distributed by Google, like Android, and in some cases there is no option to disable it

This is the path for the graceful closing on the QUIC connection via (IMO) illegitimate/exploitative call, GOS is not disabling QUIC as a whole.

QUIC as it is is brilliant, and this is not a feature of the protocol, it's a feature of the surveillance OS (Google's Android).

Other than that I checked on the OS before the latest release, and it didn't work anyway.