Security flaw on iPhone and iPad, traffic is not all encrypted with VPN: how to get around this
It is possible to easily circumvent the new vulnerability on iOS, in no way is total security guaranteed to users. We await a fix from Apple.
A vulnerability affecting iOS, from version 13.3.1 and later, prevents VPN from encrypting all traffic, allowing some Internet connections to bypass encryption and expose users’ data and IP addresses. Details of the vulnerability were shared in the past few hours by BleepingComputer after it was disclosed by ProtonVPN.
The vulnerability is caused by the fact that iOS does not disconnect all existing connections when a user connects to a VPN, allowing them to reconnect to the target servers once the VPN tunnel is established. Connections made after connecting to a VPN on iOS are not affected by this error, but all previously established connections remain unprotected and are not secure.
What could this security hole lead to? A user may think that his traffic is completely protected at that moment, and he is led to accidentally expose data during his browsing session: IP addresses, and an approximate position of the place where he is actually at the time of connection, also remain exposed.
An example cited by sources is that related to Apple push notifications. This process uses connections on Apple servers that are not closed automatically when connected to a VPN but can affect any app or service running on the device. VPN can’t get around this because iOS doesn’t allow VPN apps to kill existing network connections, so the solution is up to Apple.
VPN not completely secure on iOS: How to fix it
The company is aware of the vulnerability and is trying to find a solution to effectively mitigate it. What to do for the moment? Until the issue is resolved, users can connect to a VPN server, turn on Airplane Mode to stop all existing connections, and then turn it off to continue browsing online.
This is a not entirely reliable ” workaround,” owners of iOS devices should be very careful with the use of VPN until a fix is released by Apple.
Product prices and availability are subject to change. Any price and availablility information displayed on Amazon at the time of purchase will apply to the purchase of any products.