Do you use a VPN on your iOS? There’s a serious security flaw known to Apple for years

Deepak Gupta August 18, 2022
Updated 2022/08/18 at 1:15 PM

The use of a VPN for Internet connections brings numerous advantages to users in terms of security, especially for those who connect to public networks. At a time when so many people are traveling or traveling from home on vacation, having a good VPN is even more relevant.

However, for iOS users, that security could be compromised. The flaw has been around for at least 2 and a half years and Apple knows it well… but it still hasn’t fixed the problem.

It was in March 2020 that we first talked about the issue of a major security breach flaw in iOS for any VPN service.

VPN stands for “virtual private network”, or “virtual private network”, that is, it is a private network based on the public Internet network, with encrypted traffic and total protection of your online identity. With a VPN, you can securely access apps, websites and entertainment platforms from virtually anywhere in the world.

Even for someone who is a mere Internet user and has nothing to hide, security is essential and a VPN can be a step forward in security.

VPNs on iOS are a Scam

Now a security expert, Michael Horowitz, reports that VPN apps for iOS continue to have a serious security breach, due to the known issue since 2020.

This flaw was made known thanks to a report by ProtonVPN and has been present since at least iOS 13.3.1, and there is no 100% reliable way to guarantee that user data is being sent via VPN.

In a text entitled VPNs on iOS are a scamthe expert says that with the problem in iOS, VPN applications are unable to "close" all existing unsecured connections.

Whenever a VPN is activated, all connections must be terminated by the operating system itself. These are immediately picked up and forwarded through the VPN, ensuring that nothing is exposed and accessible to be heard on the Internet. In the case of iOS, this point fails.

VPNs on iOS are broken. At first glance, they seem to work well. The iOS device gets a new public IP address and new DNS servers. Data is sent to the VPN server. But over time, a detailed analysis of the data coming out of the iOS device shows that the VPN tunnel is leaking. The data leaves the iOS device outside the VPN tunnel.

It also adds that,

This is not a classic/legacy DNS leak, it's a data leak. I have confirmed this by utilizing various types of VPN and software from various VPN providers. The latest iOS version I tested is 15.6.

A Legacy iOS 13 VPN Issue That Apple Doesn't Fix

In late 2020, after the issue was detected, ProtonVPN updated its information to say that Apple still hadn't fixed the issue, but was giving app developers the ability to add a manual "kill switch" feature. , which would close all data connections upon request. ProtonVPN said it would add such a feature, but failed to update the post.

Michael Horowitz during the various tests to prove the problem still exists, says that he still had some contact with Apple that seemed interested in the subject, but then stopped responding.

So far, about five weeks later, Apple has said virtually nothing to me. They didn't say if they tried to recreate the problem. They didn't say whether they agree that this is a bug. They didn't say anything about a fix.

We are a few weeks away from the launch of the new iOS 16 and, although it was not a problem mentioned in the various versions already known, it may now be time for Apple to correct a problem that jeopardizes the safety of users, which in fact is one of their great flags.

!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version='2.0';n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,'script','https://connect.facebook.net/en_US/fbevents.js');
fbq('init', '1664527397186427'); // Insert your pixel ID here.
fbq('track', 'PageView');
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/pt_PT/sdk.js#xfbml=1&version=v2.3&appId=122308327859118";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));

Share this Article
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *