iOS VPNs have leaked traffic for more than 2 years, researcher claims

Getty Images

A safety researcher says that Apple’s iOS units do not absolutely route all community traffic by means of VPNs as a consumer would possibly anticipate, a possible safety difficulty the machine maker has identified about for years.

Michael Horowitz, a longtime pc safety blogger and researcher, places it plainly—if contentiously—in a regularly up to date weblog put up. “VPNs on iOS are broken,” he says.

Any third-party VPN appears to work at first, giving the machine a brand new IP tackle, DNS servers, and a tunnel for new traffic, Horowitz writes. But classes and connections established earlier than a VPN is activated don’t terminate and, in Horowitz’s findings with superior router logging, can nonetheless ship knowledge exterior the VPN tunnel whereas it is lively.

In different phrases, you would possibly anticipate a VPN shopper to kill current connections earlier than establishing a safe connection to allow them to be re-established contained in the tunnel. But iOS VPNs cannot appear to do that, Horowitz says, a discovering that’s backed up by the same report from May 2020.

“Data leaves the iOS device outside of the VPN tunnel,” Horowitz writes. “This is not a classic/legacy DNS leak, it is a data leak. I confirmed this using multiple types of VPN and software from multiple VPN providers. The latest version of iOS that I tested with is 15.6.”

Security blogger Michael Horowitz's logs show a VPN-connected iPad reaching out to both his VPN provider ( and Apple Push ( The Apple connection is outside the VPN and could potentially expose his IP address if seen by an ISP or other parties.

Security blogger Michael Horowitz’s logs present a VPN-connected iPad reaching out to each his VPN supplier ( and Apple Push ( The Apple connection is exterior the VPN and will probably expose his IP tackle if seen by an ISP or different events.

Privacy firm Proton beforehand reported an iOS VPN bypass vulnerability that began not less than in iOS 13.3.1. Like Horowitz’s put up, ProtonVPN’s weblog famous {that a} VPN usually closes all current connections and reopens them inside a VPN tunnel, however that did not occur on iOS. Most current connections will ultimately find yourself contained in the tunnel, however some, like Apple’s push notification service, can final for hours.


The main difficulty with non-tunneled connections persisting is that they might be unencrypted and that the IP tackle of the consumer and what they’re connecting to might be seen by ISPs and different events. “Those at highest risk because of this security flaw are people in countries where surveillance and civil rights abuses are common,” ProtonVPN wrote on the time. That won’t be a urgent concern for typical VPN customers, but it surely’s notable.

ProtonVPN confirmed that the VPN bypass continued in three subsequent updates to iOS 13. ProtonVPN indicated in its weblog put up that Apple would add performance to dam current connections, however this performance as added didn’t seem to make a distinction in Horowitz’s outcomes.

Horowitz examined ProtonVPN’s app in mid-2022 on an iPad iOS 15.4.1 and located that it nonetheless allowed persistent, non-tunneled connections to Apple’s push service. The Kill Switch operate added to ProtonVPN, which describes its operate as blocking all community traffic if the VPN tunnel is misplaced, didn’t stop leaks, in keeping with Horowitz.

Horowitz examined once more on iOS 15.5 with a distinct VPN supplier and iOS app (OVPN, operating the WireGuard protocol). His iPad continued to make requests to each Apple providers and to Amazon Web Services.

ProtonVPN had instructed a workaround that was “almost as effective” as manually closing all connections when beginning a VPN: Connect to a VPN server, activate airplane mode, then flip it off. “Your other connections should also reconnect inside the VPN tunnel, though we cannot guarantee this 100%,” ProtonVPN wrote. Horowitz means that iOS’s Airplane Mode features are so complicated as to make this a non-answer.

We’ve reached out to each Apple and OpenVPN for remark and can replace this text with any responses.

Horowitz’s put up does not provide specifics on how iOS would possibly repair the problem. He additionally does not tackle VPNs that supply “split tunneling,” focusing as a substitute on the promise of a VPN capturing all community traffic. For his half, Horowitz recommends a $130 devoted VPN router as a very safe VPN answer.

VPNs, particularly industrial choices, proceed to be an advanced piece of Internet safety and privateness. Picking a “best VPN” has lengthy been a problem. VPNs might be introduced down by vulnerabilities, unencrypted servers, grasping knowledge brokers, or by being owned by Facebook.

(Update 2:58 pm ET: Updated to handle notion of cut up tunneling and VPN expectations.)


Please enter your comment!
Please enter your name here

Popular Posts

YouTube will share revenue with Shorts creators as TikTok surges

YouTube's chief product officer Neal Mohan, left, with YouTube stars Cassey Ho, middle, and iJustine, entrance second-right, at Nasdaq on May 5, 2016.Rommel Demano...

Microsoft Windows 11 2022 Update with Clipchamp available

Panos Panay, chief product officer of Microsoft, holds the Surface Neo laptop computer pc throughout a Microsoft product occasion in New York on Oct....

Treasury warns against Russia’s efforts to evade sanctions with crypto

Ether has vastly outperformed bitcoin since each cryptocurrencies fashioned a backside in June 2022. Ether's superior good points have come as buyers anticipate a...

Putting the “Bat” in Fight: Ten Adrenaline-Fueled Stories

There’s one excellent cause why of all the characters in the DC Universe, Batman has the biggest variety of followers. It’s not essentially his...

Biden nominates Lynne Tracy to be new Russian ambassador

Lynne TracyU.S. State DepartmentPresident Joe Biden introduced he would nominate Lynne Tracy, the present ambassador to Armenia, to function U.S. ambassador to Russia.Tracy, a...