iOS 16 VPN Tunnels Leak Data, Even When Lockdown Mode Is Enabled

by

iOS 16 continues to leak data outside an active VPN tunnel, even when Lockdown mode is enabled, security researchers have discovered.

Lockdown Mode Feature
Speaking to MacRumors, security researchers Tommy Mysk and Talal Haj Bakry explained that iOS 16's approach to VPN traffic is the same whether Lockdown mode is enabled or not. The news is significant since iOS has a persistent, unresolved issue with leaking data outside an active VPN tunnel.

In August, it again emerged that third-party VPNs for iOS and iPadOS routinely fail to route all network traffic through a secure tunnel after they have been turned on – an issue that Apple has purportedly known about for years.

Typically, when a user activates a VPN, the operating system closes all existing internet connections and then re-establishes them through the VPN tunnel. In iOS, security researchers have found that sessions and connections established before the VPN is turned on are not terminated as one would expect, and can still send data outside the VPN tunnel while it is active, leaving it potentially unencrypted and exposed to ISPs and other parties.

According to a report from privacy company Proton, an iOS VPN bypass vulnerability had been identified in iOS 13.3.1, which persisted through three subsequent updates. Apple indicated it would add Kill Switch functionality in a future software update that would allow developers to block all existing connections if a VPN tunnel is lost, but this functionality does not appear to prevent data leaks as of iOS 15 and iOS 16.

Mysk and Bakry have now discovered that iOS 16 communicates with select Apple services outside an active VPN tunnel and leaks DNS requests without the user's knowledge:

Mysk and Bakry also investigated whether iOS 16's Lockdown mode takes the necessary steps to fix this issue and funnel all traffic through a VPN when one is enabled, and it appears that the exact same issue persists whether Lockdown mode is enabled or not, particularly with push notifications. This means that the minority of users who are vulnerable to a cyberattack and need to enable Lockdown mode are equally at risk of data leaks outside their active VPN tunnel.

iOS 16 introduced Lockdown mode as an optional security feature designed to protect the "very small number" of users who may be at risk of "highly targeted cyberattacks" from private companies developing state-sponsored spyware, such as journalists, activists, and government employees. Lockdown mode does not enable a VPN itself, and relies on the same third-party VPN apps as the rest of the system.

Due to the fact that iOS 16 leaks data outside the VPN tunnel even where Lockdown mode is enabled, internet service providers, governments, and other organizations may be able to identify users who have a large amount of traffic, potentially highlighting influential individuals. It is possible that Apple does not want a potentially malicious VPN app to collect some kinds of traffic, but seeing as ISPs and governments are then able to do this, even if that is what the user is specifically trying to avoid, it seems likely that this is part of the same VPN problem that affects iOS 16 as a whole.

It is worth noting that Apple only lists high-level features that activate when Lockdown mode is enabled, and Apple has not explicitly mentioned any changes that take place to affect VPN traffic. Nevertheless, as Lockdown mode claims to be an extreme protection measure, it seems like a considerable oversight that VPN traffic is a vulnerable point.

Tag: VPN
Related Forum: iOS 16

Popular Stories

iOS 26

iOS 26.1 Coming Soon: New Features for Your iPhone and Release Date

Monday October 27, 2025 7:55 am PDT by
The upcoming iOS 26.1 update includes a handful of new features and changes for iPhones, including a toggle for changing the appearance of the Liquid Glass design, "slide to stop" for alarms in the Clock app, and more. Below, we outline key details about iOS 26.1. Release Date Given that Apple has yet to seed an iOS 26.1 Release Candidate, which is typically the final beta version, the...
Read Full Article
iOS 26

6 New Things Your iPhone Can Do in iOS 26.1

Wednesday October 29, 2025 4:22 am PDT by
Apple is about to drop iOS 26.1, the first major point release since iOS 26 was rolled out in September, and there are at least six notable changes and improvements to look forward to. We've rounded them up below. Apple has already provided developers and public beta testers with the release candidate version of iOS 26.1, which means Apple will likely roll out the update to all compatible...
Read Full Article57 comments
maxresdefault

Apple TV 4K Could Still Launch Before 2025 Ends: All the Rumored Features

Monday October 27, 2025 4:51 pm PDT by
Apple is designing an updated version of the Apple TV 4K, and rumors suggest that it could come out sometime in the next couple of months. We're not expecting a major overhaul with design changes, but even a simple chip upgrade will bring major improvements to Apple's set-top box. Subscribe to the MacRumors YouTube channel for more videos. We've rounded up all the latest Apple TV rumors. ...
Read Full Article157 comments
iOS 26

Apple Seeds iOS 26.1, iPadOS 26.1, and macOS Tahoe 26.1 Release Candidates

Tuesday October 28, 2025 1:07 pm PDT by
Apple today provided developers and public beta testers with the release candidate versions of upcoming iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, watchOS 26.1, and visionOS 26.1 updates for testing purposes. The RCs betas come a week after Apple released the fourth betas. The new betas can be downloaded from the Settings app on a compatible device by going to General > Software...
Read Full Article64 comments
M6 MacBook Pro Feature 1

M6 MacBook Pro: Release Date, Pricing, and What to Expect

Monday October 27, 2025 9:15 am PDT by
Apple this month refreshed the 14-inch MacBook Pro base model with its new M5 chip, and higher-end 14-inch and 16-inch MacBook Pro models with M5 Pro and M5 Max chips are expected to follow in early 2026. However, these machines will represent the final update to the current design, with Apple reportedly developing a completely new version of the MacBook Pro packed with next-generation hardware...
Read Full Article146 comments
iPhone 17 Pro Cosmic Orange

8 Reasons to Wait for Next Year's iPhone 18 Pro

Thursday October 30, 2025 4:42 am PDT by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models at the same time, which is why we often get rumored features months ahead of launch. The iPhone 18 series is no different, and we already have a good idea of what to expect for the iPhone 18 Pro and iPhone 18 Pro Max. One thing worth...
Read Full Article110 comments
macos tahoe

Here Are Apple's Release Notes for macOS Tahoe 26.1

Tuesday October 28, 2025 1:21 pm PDT by
Apple today provided developers and public beta testers with the release candidate version of macOS Tahoe 26.1, which means the update will likely see a public launch next week. The release candidate includes notes on what's in the update, so we have a full picture of the new features that Apple has included. macOS Tahoe 26.1 adds AutoMix support over AirPlay, improved FaceTime audio...
Read Full Article64 comments
iPhone Car Key Kia

Another Vehicle Brand Gaining iPhone Car Keys Support

Tuesday October 28, 2025 5:27 am PDT by
Apple is preparing to bring support for its digital car key feature to Jetour vehicles, according to evidence uncovered on Apple's backend by MacRumors contributor Aaron Perris. Introduced in 2022, Car Keys allows an iPhone or Apple Watch to unlock a vehicle through the Wallet app. A digital version of a car key is stored in Wallet, and unlocking can be done by holding an Apple Watch or...
Read Full Article15 comments
ipad mini 7 feature blue

OLED iPad Mini: Release Date, Pricing, and What to Expect

Wednesday October 29, 2025 7:13 am PDT by
Rumors are stoking excitement for the next-generation iPad mini that Apple is reportedly close to launching. So what should we expect from the successor to the iPad mini 7 that Apple released over a year ago? Read on to find out. Processor and Performance Apple is working on a next-generation version of the iPad mini (codename J510/J511) that features the A19 Pro chip, according to...
Read Full Article64 comments

Top Rated Comments

bevel Avatar
bevel
40 months ago
Come on Apple! How long is this going to take to fix? For a company that prides itself on privacy this is not good enough
Score: 49 Votes (Like | Disagree)
DEMinSoCAL Avatar
DEMinSoCAL
40 months ago
Looks like the phone that prides itself on privacy isn't so private after all.
Score: 39 Votes (Like | Disagree)
icanhazmac Avatar
icanhazmac
40 months ago

an issue that Apple has purportedly known about for years
This is the most troubling part! Apple has the resources to fix anything they want to fix, why haven't they fixed this?
Score: 34 Votes (Like | Disagree)
SW3029 Avatar
SW3029
40 months ago
**** Apple. There's a damn difference between real privacy and security and real good privacy and security marketing.
Score: 34 Votes (Like | Disagree)
cjbriare Avatar
cjbriare
40 months ago

vpn is no privacy tool, it is for connecting 2 networks secure. Don't try to change a feature to do a thing it is not meant to do...
what does the P stand for again?
Score: 28 Votes (Like | Disagree)
nt5672 Avatar
nt5672
40 months ago

Come on Apple! How long is this going to take to fix? For a company that prides itself on privacy this is not good enough
Their pride is for marketing purposes, not real life.
Score: 22 Votes (Like | Disagree)
Read All Comments