Jump to content
Not connected, Your IP: 18.225.54.147

Recommended Posts

There is an important problem of data leakage when using an IOS VPN. This malfunction if I remember correctly had been found by Proton in 2020 and more recently by Michel Horowitz. Due to the impossibility to find an answer with internet, do you know if this problem has been solved by Apple or (if not) if Airvpn  is working on it?

For more infos
https://protonvpn.com/blog/apple-ios-vulnerability-disclosure/

Apologies if this topic already exists (didn't found it)

Share this post


Link to post

Hello!

Unfortunately not, it is Apple policy that any Apple app and service may, if it wants to, bypass any VPN. As far as we know, it's not true that the kill switch mentioned in Proton article prevents leaks by Apple services. Some services may decide to bypass the VPN tunnel, other services will systematically bypass the tunnel. OpenVPN Technologies reminded here:
https://openvpn.net/vpn-server-resources/faq-regarding-openvpn-connect-ios/
 

Quote

Apple services such as Push Notifications and FaceTime never route through a VPN tunnel, per Apple policy.


We see that Proton labels this behavior as a bug, but it's probably not. On the contrary, it seems correct (by reading documentation) what OpenVPN tells, i.e. this is Apple policy. On the other hand, if it was a bug on Apple's considerations too, it would have been fixed after so many years.

We guess that nobody can realistically assume that iOS is suitable for a robust anonymity layer, but reminding all of the above might be useful anyway.
 
Quote

Airvpn  is working on it?


We do not develop (we have never developed) software for iOS, for multiple problems. On top of the above, it's difficult to make GPLv3 compatible with Apple store, due to conflicting licenses -- and we release only FOSS.

Actually there's a record of app deletions by Apple when some GPL software was put on the store (even VLC and OpenVPN-connect had to close the source code). Therefore, we're sorry we will not work on the "issue", and anyway it is not resolvable (to the best of our current knowledge) on not "jail broken" iOS devices.

Kind regards
 

Share this post


Link to post

Thank you for this for this fast and clear reply. So IOS is not as safe as he would like to say. Prefering alternative system like linux or GrapheneOS seems to be more reasonable

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...