iOS Vulnerability Prevents VPNs From Encrypting All Traffic
A vulnerability affecting iOS 13.3.1 and later prevents virtual private networks (VPNs) from encrypting all traffic, allowing some internet connections to bypass encryption, potentially exposing users' data and IP addresses.
A screenshot from ProtonVPN demonstrating exposed connections to Apple's servers that should be protected by the VPN
Details on the vulnerability were shared today by Bleeping Computer after it was discovered by ProtonVPN. The vulnerability is caused because iOS isn't terminating all existing connections when a user connects to a VPN, allowing them to reconnect to destination servers once the VPN tunnel has been established.
Connections made after connecting to a VPN on an iOS are not affected by this bug, but all previously established connections are not secure. This could potentially lead to a user who believes they are protected accidentally exposing IP an address and therefore, an approximate location.
Apple's Push Notifications are cited as an example of a process using connections on Apple's servers that aren't closed automatically when connecting to a VPN, but it can affect any app or service running on a user's device.
VPNs cannot work around the issue because iOS does not allow VPN apps to kill existing network connections, so this is a fix that will need to be implemented by Apple. Apple is aware of the vulnerability and is looking into options to mitigate it.
Until fixed, VPN users can connect to a VPN server, turn on Airplane Mode and then turn off Airplane Mode to kill all existing connections. The mitigation isn't entirely reliable, however, so iPhone and iPad owners who rely on VPNs should be careful until Apple puts out a fix.
Popular Stories
Following nearly two years of rumors about a fourth-generation iPhone SE, The Information today reported that Apple suppliers are finally planning to begin ramping up mass production of the device in October of this year. If accurate, that timeframe would mean that the next iPhone SE would not be announced alongside the iPhone 16 series in September, as expected. Instead, the report...
Key details about the overall specifications of the iPhone 17 lineup have been shared by the leaker known as "Ice Universe," clarifying several important aspects of next year's devices. Reports in recent months have converged in agreement that Apple will discontinue the "Plus" iPhone model in 2025 while introducing an all-new iPhone 17 "Slim" model as an even more high-end option sitting...
Apple supply chain analyst Ming-Chi Kuo today shared alleged specifications for a new ultra-thin iPhone 17 model rumored to launch next year. Kuo expects the device to be equipped with a 6.6-inch display with a current-size Dynamic Island, a standard A19 chip rather than an A19 Pro chip, a single rear camera, and an Apple-designed 5G chip. He also expects the device to have a...
The upcoming iPhone 16 models that we're expecting to see in September are going to be quite similar to the iPhone 15 models, but rumors suggest that Apple is making big changes in 2025. We've been hearing hints of an all-new device in the iPhone lineup, and it may be the most expensive iPhone Apple has offered to date. Subscribe to the MacRumors YouTube channel for more videos. New 'Slim'...
Apple released the fourth beta of iOS 18 today, introducing small changes to a number of features throughout the operating system. There are no big additions in this beta, but Apple is continuing to refine existing settings and design choices. Apple plans to continue updating iOS 18 over the next few months, with the update set to be released this fall. We've rounded up all of the changes...
The fourth-generation iPhone SE will offer a series of major upgrades over the current model, the leaker known as "Ice Universe" claims. The information was listed in a post on Weibo, which also detailed the specifications of the iPhone 17 lineup. As previously rumored, the fourth-generation iPhone SE is expected to feature Face ID and USB-C, marking a major upgrade from current and previous ...
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Apple is planning to release at least one iPhone 17 model next year with mechanical aperture, according to a report published today by The Information. The mechanical system would allow users to adjust the size of the iPhone 17's aperture, which refers to the opening of the camera lens through which light enters. All existing iPhone camera lenses have fixed apertures, but some Android...
