Even with Apple’s new Lockdown Mode turned on, researchers have demonstrated that iOS still leaks traffic outside the VPN connection.
According to security specialists Tommy Mysk and Talal Haj Bakry, whether lockdown mode is used or not, iOS 16 treats VPN traffic the same. The data is crucial because iOS still struggles with data leaking outside of a connected VPN tunnel.
Proton VPN identified a vulnerability in Apple’s iOS two years ago that allowed a person’s VPN site visitors to leak unencrypted outside of the VPN tunnel. The insecure iOS 13.3.1 version was first mentioned. In 2020, Mullvad VPN also released a warning regarding the issue. And this year, researcher Michael Horowitz claimed that the flaw existed in iOS 15.6.1.
Recent research claims that iOS 16, Apple’s most recent version of their mobile operating system, still has the issue. Researchers from Mysk Security have demonstrated that iOS 16 leaks DNS requests to Apple vendors when no VPN tunnel is operational.
After being activated, third-party VPNs for iOS and iPadOS frequently fail to transfer all network data through a secure tunnel. A problem that Apple is believed to have known about for years. This issue was brought to light once more in August. The operating system terminates all active internet connections when a user initiates a VPN before reestablishing them via the VPN tunnel.
Researchers in security have found that iOS does not correctly terminate sessions. Additionally, users can still send data outside the tunnel while the VPN connection is active. Potentially leaving it unencrypted and open to ISOs and other parties.
iOS 16 VPN Tunnel Leak Data
Mysk and Bakry discovered that the iOS 16 VPN tunnel leaked data without the user’s knowledge.
Lockdown mode, a new optional security feature in iOS 16, was created to safeguard a “very limited number” of users. Those who, like journalists and government workers, may be vulnerable to “highly focused cyberattacks” from commercial corporations creating state-sponsored malware. Lockdown mode does not enable a VPN on its own; instead, it uses the same third-party VPN programs as the rest of the system.
Internet service providers, governments, and other organisations may be able to identify customers who have a lot of traffic, perhaps spotlighting powerful people, because iOS 16 leaks data outside the VPN tunnel even when Lockdown mode is engaged. Apple might not want some traffic to be captured by a VPN program that could be risky. Given that ISPs and governments can do this even if it is what the user specifically wants to avoid, it is likely that this is a part of the same VPN problem that affects iOS 16 as a whole.
Alkye, as your technology business partner, aggressively gives priority to client security. Our aim is simple: to help your business grow and to secure your business from cybercriminals. We thrive to keep our client’s data security as our priority. You know very well how it is important to have a partnership with the right digital partner.