New Business

Nicola Björk

United Kingdom

+44 7432 209 464

Knightsbridge, London, SW1X 7JF


+61 406 231 506

Lavender Bay, Sydney, NSW, 2060


+91 8837844805

Sector 74, Mohali, Punjab, 140308

iOS 16 VPN tunnels leak data
News & views

iOS 16 VPN tunnels leak data

October 15, 2022

Even with Apple’s new Lockdown Mode turned on, researchers have demonstrated that iOS still leaks traffic outside the VPN connection. 

Image: Unsplash

According to security specialists Tommy Mysk and Talal Haj Bakry, whether lockdown mode is used or not, iOS 16 treats VPN traffic the same. The data is crucial because iOS still struggles with data leaking outside of a connected VPN tunnel.

Proton VPN identified a vulnerability in Apple’s iOS two years ago that allowed a person’s VPN site visitors to leak unencrypted outside of the VPN tunnel. The insecure iOS 13.3.1 version was first mentioned. In 2020, Mullvad VPN also released a warning regarding the issue. And this year, researcher Michael Horowitz claimed that the flaw existed in iOS 15.6.1.

Recent research claims that iOS 16, Apple’s most recent version of their mobile operating system, still has the issue. Researchers from Mysk Security have demonstrated that iOS 16 leaks DNS requests to Apple vendors when no VPN tunnel is operational.

After being activated, third-party VPNs for iOS and iPadOS frequently fail to transfer all network data through a secure tunnel. A problem that Apple is believed to have known about for years. This issue was brought to light once more in August. The operating system terminates all active internet connections when a user initiates a VPN before reestablishing them via the VPN tunnel. 

Researchers in security have found that iOS does not correctly terminate sessions. Additionally, users can still send data outside the tunnel while the VPN connection is active. Potentially leaving it unencrypted and open to ISOs and other parties. 

iOS 16 VPN Tunnel Leak Data

Mysk and Bakry discovered that the iOS 16 VPN tunnel leaked data without the user’s knowledge.

Lockdown mode, a new optional security feature in iOS 16, was created to safeguard a “very limited number” of users. Those who, like journalists and government workers, may be vulnerable to “highly focused cyberattacks” from commercial corporations creating state-sponsored malware. Lockdown mode does not enable a VPN on its own; instead, it uses the same third-party VPN programs as the rest of the system.

Internet service providers, governments, and other organisations may be able to identify customers who have a lot of traffic, perhaps spotlighting powerful people, because iOS 16 leaks data outside the VPN tunnel even when Lockdown mode is engaged. Apple might not want some traffic to be captured by a VPN program that could be risky. Given that ISPs and governments can do this even if it is what the user specifically wants to avoid, it is likely that this is a part of the same VPN problem that affects iOS 16 as a whole.

Final Thoughts

Alkye, as your technology business partner, aggressively gives priority to client security. Our aim is simple: to help your business grow and to secure your business from cybercriminals. We thrive to keep our client’s data security as our priority. You know very well how it is important to have a partnership with the right digital partner. 

Cyber securityiOS16
Shikha Rana

Words by
Shikha Rana

More News
Share This Article