iOS Vulnerability Prevents VPNs From Encrypting All Traffic
A vulnerability affecting iOS 13.3.1 and later prevents virtual private networks (VPNs) from encrypting all traffic, allowing some internet connections to bypass encryption, potentially exposing users' data and IP addresses.
A screenshot from ProtonVPN demonstrating exposed connections to Apple's servers that should be protected by the VPN
Details on the vulnerability were shared today by Bleeping Computer after it was discovered by ProtonVPN. The vulnerability is caused because iOS isn't terminating all existing connections when a user connects to a VPN, allowing them to reconnect to destination servers once the VPN tunnel has been established.
Connections made after connecting to a VPN on an iOS are not affected by this bug, but all previously established connections are not secure. This could potentially lead to a user who believes they are protected accidentally exposing IP an address and therefore, an approximate location.
Apple's Push Notifications are cited as an example of a process using connections on Apple's servers that aren't closed automatically when connecting to a VPN, but it can affect any app or service running on a user's device.
VPNs cannot work around the issue because iOS does not allow VPN apps to kill existing network connections, so this is a fix that will need to be implemented by Apple. Apple is aware of the vulnerability and is looking into options to mitigate it.
Until fixed, VPN users can connect to a VPN server, turn on Airplane Mode and then turn off Airplane Mode to kill all existing connections. The mitigation isn't entirely reliable, however, so iPhone and iPad owners who rely on VPNs should be careful until Apple puts out a fix.
Popular Stories
Apple plans to release an iPhone 17e and an iPad Air with an M4 chip "in the coming weeks," according to the latest word from Bloomberg's Mark Gurman.
"Apple retail employees say that inventory of the iPhone 16e has basically dried out and the iPad Air is seeing shortages as well," said Gurman. "I've been expecting new versions of both (iPhone 17e and M4 iPad Air) in the coming weeks."...
Apple plans to launch a rebranded "Sales Coach" app on the iPhone and iPad later this month, according to a source familiar with the matter.
"Sales Coach" will arrive as an update to Apple's existing "SEED" app, and it will continue to provide sales tips and training resources to Apple Store and Apple Authorized Reseller employees around the world. For example, there are articles and videos...
Apple is planning to launch new MacBook Pro models as soon as early March, but if you can, this is one generation you should skip because there's something much better in the works.
We're waiting on 14-inch and 16-inch MacBook Pro models with M5 Pro and M5 Max chips, with few changes other than the processor upgrade. There won't be any tweaks to the design or the display, but later this...
While the iPhone 18 Pro and iPhone 18 Pro Max are still seven months away, an analyst has revealed five new features the devices will allegedly have.
Rumored color options for the iPhone 18 Pro models
In a research note with investment firm GF Securities on Thursday, analyst Jeff Pu outlined the following upgrades for the iPhone 18 Pro models:
Smaller Dynamic Island: It has been rumored...
The MacBook Air is Apple's most popular laptop – a thin, fanless machine that wields quiet power thanks to the efficiency of Apple silicon. While the M4 model isn't exactly old, attention is already turning to its successor.
Apple doesn't telegraph new product launches ahead of time, but we can draw a surprisingly clear picture of what to expect by looking at Apple's silicon roadmap,...
