From time to time, we need the use of VPN services on our phones and computers. Our biggest expectation from these services is that internet traffic is encrypted to create a secure connection. However, this process is not performed due to an error in the Apple iOS platform. Moreover, it is claimed that Apple knew about this and did nothing.
The event in question dates back to 2020. This vulnerability was first discovered by ProtonVPN in March 2020. At that time, ProtonVPN said that under normal conditions, when the VPN becomes active, the operating system must terminate the internet connection and re-establish it by encrypting all connections via VPN. However, iOS does not do this and the encryption process does not occur.
It remains open in iOS 15.6
In all versions starting from iOS 13.3.1 and up to iOS 15.6, devices connected to the Internet with VPN service do not turn off and on again. As a result, the user was unknowingly continuing to use the already insecure connection. At the time, Apple said, “People in countries where surveillance and civil rights abuses are common are most at risk from this vulnerability.” said.
Now, independent computer consultant Michael Horowitz says that the vulnerability still exists and continues in new versions. Digging deeper into the matter on his blog, Horowitz found that there were significant data leaks when using a VPN on iOS. According to Horowitz, Apple doesn’t need much effort to fix this problem.
Apple has released the iOS 15.6.1 update: What does it include?
Using different VPNs, Horowitz observed the data flow out of the iPad device. Stating that it was working normally and properly at first, but this was an illusion, the researcher realized that data was leaking through the VPN tunnel when he made an in-depth examination.
How to use secure VPN on iOS?
Horowiz states that he does not trust any VPN used on iOS at this point. According to his suggestion, it would be best to install the VPN service set up with the help of a router and then access the network you set up with your iOS device. On the other hand, let’s underline that the research conducted is third-party VPN services. However, it should be noted that there is no report on Apple’s Private Relay service.
1372
