ProtonVPN’s act of forced obsolescence + circumvention
ProtonVPN did an API bump in this version: Version 2.7.56.1 (2021-06-18) which left everyone with an Android version older than AOS 6 in the dust. So I went to the archives and grabbed the version just before that one. Ran it for the first time, configuration wizard had no issues but as soon as I tried to reach out to the server it refused to stand up a tunnel saying my version was too old. Not only did they leave permacomputing folks behind for sustaining their still-quite-functional devices, but they proactively sabotaged us from the server side.
AFAIK they made no excuses for the API bump. The usual excuse is “for security reasons”... yeah.. bullshit. Anyway, here’s the workaround:
The absolute latest openvpn app still supports AOS 5 (somewhat suggesting there is no compelling security reason to force AOS 5 users to throw away their devices). Or if you have AOS 4 you can take the openvpn version from 2 years ago. ProtonVPN distributes openvpn config profiles and the openVPN app can simply import those.
Also worth noting that F-Droid warns of anti-features on the ProtonVPN app but OpenVPN is free of anti-features. That said, I got an authentication error, but I doubt that’s related to this procedure.
update
ProtonVPN is possibly breaking EU law. If someone subscribed to service less than two years before the forced obsolescence, ProtonVPN is obligated to continue service as long as necessary to serve the consumer for 2 years.
I've not used this service but a quick search suggested to me that they support IPsec, that should be natively supported by most of the legacy android versions.
But if I had to guess without investigation, they may have been forced to raise their SDK version?
IPsec didn’t occur to me. Apparently they don’t show the ipsec configs when desktop users login (I only recall openvpn and wireguard & i’m not keen to check because just about every login results in a CAPTCHA for me).
The older droids (2.3 for sure) had broken built-in ipsec but they probably got it straightened out eventually.
they may have been forced to raise their SDK version?
What do you mean forced? Forced by who? I would not make excuses for pushers of forced obsolescence. It’s on them to explain and make excuses -- which is almost always a quite vague “for security reasons”, like every bank that chases the shiny and forces consumers to buy a new phone every 3 years.
Note Protonmail demonstrates this same forced obsolescence pattern with their Mail app, which requires AOS 6.