Skip to main content

Yet another critical VPN-related bug found in iOS 16

It was sometime in May when a security expert first revealed that iPhone VPN apps were leaking users' data, claiming that Apple wasn't doing anything to fix it

Now, only a few months later, another major issue has been found when using VPN software on iOS. In this instance, some of people's most sensitive information is in real danger.  

Another expert has recently discovered that many Apple apps, including Health and Wallet, send users' private data outside an active VPN tunnel. 

However, the best VPN services are not the ones to blame here. 

See more

Apple apps bypass VPN encryption

"We confirm that iOS 16 does communicate with Apple services outside an active VPN tunnel. Worse, it leaks DNS requests," developer and security researcher Tommy Mysk tweeted on October 12.

Theoretically, when you connect to a secure VPN, your data is encrypted and passed through one of its international servers before it reaches it destination. This means that neither your ISP, nor any other third party should be able to access this flow of information. Similarly, the websites you visit won't be able to define your real IP address or any other identifying details.

Mysk ran a few tests on iOS 16 with both Proton VPN and Wireshark active. To his dismay, he and his team found out that many Apple apps actually ignore the VPN tunnel and exchange data directly with Apple servers.

What's worse, the applications leaking data are actually those managing the most private and sensitive information. These are Health, Wallet, Apple Store, Clips, Files, Find My, Maps and Settings.  

Talking about the reasons behind this bug, Myks seems to believe that Apple does so intentionally. 

"There are services on the iPhone that require frequent contact with Apple servers, such as Find My and Push Notifications. However, I don’t see an issue of tunneling this traffic in the VPN connection. The traffic is encrypted anyways,”  he told 9to5Mac, adding that they didn't expect such an amount of traffic to be exposed. 

Not just iOS VPN

As Mysk confirms during his testing, iPhone and iPad users are not the only ones risking their privacy. 

"I know what you're asking yourself and the answer is YES. Android communicates with Google services outside an active VPN connection, even with the options Always-on and Block Connections without VPN," he said. 

Just a few days ago we reported on Mullvad VPN's findings that Android devices are quietly undermining VPN services during its last security audit. 

Here, Android VPNs expose users' data while performing connectivity checks when accessing some Wi-Fi networks.  

The VPN provider pledged Google to add an option to opt out for these checks when the VPN is active, but the big tech giant believes there's no need for this. This is why Mullvad is now pushing for at least changing the "misleading" description of its VPN-related features.   

Source: TechRadar

Popular posts from this blog

iPhone 14 Color Options: Which Color Should You Choose?

The iPhone 14 models are available in a range of color options, with entirely new hues available on both sets of devices, as well as some popular classics. The ‌iPhone 14‌ and iPhone 14 Pro lineups have different colors to choose from, so if you have your heart set on a particular shade, you may not be able to get your preferred model in that color. Check out our guide on the ‌iPhone 14 Pro‌ color options for more information about those devices. The ‌iPhone 14‌ and ‌iPhone 14‌ Plus are now available in a total of six colors, four of which are new shades. Although previous standard iPhone lineup color options have tended to be bolder and brighter, in 2022, Apple chose to offer a slightly more muted color palette, with the exception of a brighter PRODUCT(RED) and Yellow. The ‌iPhone 14‌ and ‌iPhone 14‌ Plus's six available color options are: Midnight Starlight PRODUCT(RED) Blue Purple Yellow Midnight and Starlight were carried over from the iPhone 13 lineup,

T-Mobile to Acquire Ryan Reynolds' Mint Mobile Brand

U.S. carrier T-Mobile today announced that it plans to acquire Mint Mobile, the affordable smartphone brand that is promoted by and backed by actor Ryan Reynolds. Reynolds and T-Mobile CEO Mike Sievert teamed up for a video letting customers know about the coming acquisition. The deal is for Ka'ena Corporation, the parent company of Mint Mobile, Ultra Mobile, and Plum, with T-Mobile paying up to $1.35 billion, split into 39 percent cash and 61 percent stock. The final purchase price will be settled later this year after the deal closes. T-Mobile plans to continue Mint Mobile's $15 per month pricing option, which provides 4GB of high-speed 4G or 5G data along with unlimited text and talk. T-Mobile is purchasing Mint Mobile's sales, marketing, digital, and service operations, and says that it will use the T-Mobile supplier relationships and distribution scale to help Mint Mobile grow. Mint Mobile's "industry leading" marketing expertise will be incorpor

New MacBook Air Rumored to Launch in April With These 5 New Features

Apple plans to release a new MacBook Air with a larger 15-inch display in April , according to display industry analyst Ross Young. The laptop is expected to be powered by the M2 chip and will likely support Wi-Fi 6E and Bluetooth 5.3. While we wait for the new MacBook Air to be announced, we have recapped five new features that have been rumored or are likely to be included. 15-Inch Display The new MacBook Air is expected to be equipped with a larger 15.5-inch display , which would be the largest ever for the laptop. The current MacBook Air has a 13.6-inch display, and the laptop was offered in an 11-inch size many years ago. While a new 13-inch MacBook Air with an OLED display is rumored to launch in 2024, the 15-inch model is expected to have a traditional LCD. M2 Chip Like the 13-inch MacBook Air, the 15-inch model will reportedly be available with the M2 chip . Apple says the M2 chip has up to an 18% faster CPU, up to a 35% faster GPU, and up to a 40% faster Neural E

Apple's First OLED iPad: All the Rumors So Far

Apple is developing OLED technology for the iPad , and the new displays are expected to come to the iPad Pro models as soon as next year. This guide aggregates everything we know about Apple's plans for the OLED ‌iPad‌. Sizing Apple is expected to offer the first OLED iPads in sizes that are similar to the current ‌iPad Pro‌ sizes, providing one smaller 10.9 to 11.1-inch model and a larger 12.9 to 13-inch model (rumors vary slightly on target display size). In the future, OLED ‌iPad‌ models could be as large as 15 inches . Rumors suggest that Apple supplier BOE is developing OLED displays as large as 15 inches, which could be used for a larger-sized ‌iPad‌. According to Bloomberg 's Mark Gurman , Apple is considering iPads that exceed 12.9 inches, and in 2021, he claimed that larger sizes were a "couple of years down the road, but could be scrapped all together. OLED Improvements Compared to the mini-LED technology that Apple uses for the 12.9-inch ‌iPad Pro‌