Blogger and security expert, Aiona S. has stated that iOS VPNs fail to protect users’ data within the VPN tunnel.
Two data leaks are alleged to have occurred over the last two years. Apple knew about the problem but did not act on it in the latest iOS versions.
Users who want to keep their online privacy protected with the best iPhone VPN service might be surprised.
iOS VPN users at Risk
Michael Horowitz wrote that “VPNs on iOS were broken” in a post (opens in new tab), which he has been updating since May 25, 2015.
He ran four tests on his iPad. Each time he changed the iOS version (15.5, 15.6, and 15.6), VPN provider (he tested with ProtonVPN and OVPN and Winscribe), VPN protocol (IKEv2, WireGuard, and OpenVPN), and network.
Although the VPNs appear to be working at first glance, deeper examination revealed the same disappointing conclusion: The software compromised the IP address of the device and other personal information. The VPN tunnel does not allow data to leave the iOS device. He concludes that this is not a legacy/classic DNS leak. It is a data loss.
Simply put, iOS VPNs don’t seem to be able kill existing sessions before setting up a secure connection. This is exactly what you would expect of one the most secure VPN service.
Apple knew about the bug since 2020
Unfortunately, this vulnerability that affects iOS VPNs is not new. Proton, a Swiss security firm, first reported the vulnerability in 2020. They claimed that the data leak began at least in iOS 13.3.1.
Two years later, and several iOS updates later, Apple still hasn’t fixed this dangerous bug.
Proton suggested a few solutions to the problem at the time. Proton suggested that you activate the Always on VPN option. This would not work with third-party apps. Proton also suggests that you enable the kill button on your VPN app and/or use the Airplane mode to terminate any existing connections.
Horowitz however suggests that neither the Airplane Mode trick nor the kill switch option were effective when he tested them.
He wrote that Apple had “to date, approximately five weeks later,” on July 3. This suggested that it would be easy for the silicon valley giant to conduct the same test and investigate this matter.
“At this time, I don’t see any reason to trust any VPN on iOS. I would suggest that VPN client software be installed on a router to establish a VPN connection, instead of being used on an iOS device.