A security researcher says that iPhones don’t fully route all network traffic through VPNs as a user might expect, “a potential security issue the device maker has known about for years,” reports Ars Technica.
Michael Horowitz, a longtime computer security blogger and researcher, says in his continually updated blog post that “VPNs on iOS are broken.”
From his post: At first, they appear to work fine. The iOS device gets a new public IP address and new DNS servers. Data is sent to the VPN server. But, over time, a detailed inspection of data leaving the iOS device shows that the VPN tunnel leaks. Data leaves the iOS device outside of the VPN tunnel. This is not a classic/legacy DNS leak, it is a data leak. I confirmed this using multiple types of VPN and software from multiple VPN providers. The latest version of iOS that I tested with is 15.6. This data leak was first publicized by ProtonVPN in March 2020 and iOS v13.
VPN (virtual private network) is a technology that encrypts your internet traffic on unsecured networks to protect your online identity, hide your IP address, and shield your online data from third parties.
