Network security specialist Michael Horowitz reported problems with VPN on iOS. As it turns out, the operating system does not completely pass network traffic through the virtual private network, which is a potential security issue. The manufacturer has known about this for years, but does nothing.
According to the expert, it seems that everything is working, because the third-party VPN provides a new IP address, DNS servers and a tunnel for traffic. However, sessions and connections established before the VPN is enabled do not switch to the encrypted channel, but function in parallel with it.
The problem is confirmed by a report from May 2020, when specialists discovered the same situation. As evidence, Horowitz cited a screenshot where an iPad connected to a VPN transmits data to both its main VPN provider (18.104.22.168) and Apple Push (22.214.171.124). Thus, there is a potential leak that will reveal the user’s real network address, which can lead to problems. Horowitz tested the system with several types of VPNs, including WireGuard, but the problem remained there.
According to Swiss-based Proton, this problem occurred at least in iOS 13.3.1 and remained in newer versions of the system. In theory, connecting through a VPN should close existing connections, but this does not happen.
Later it became known that Apple added a Kill Switch feature to block existing connections, but this feature does not seem to work or only partially works. According to the source, the problem is relevant for those users who live in conditions of total surveillance.
By the way, Proton offered a solution – to manually close all connections before connecting to the VPN, using the “flight mode”. However, it is unlikely that many users do this. But Horowitz has not yet named any specific solution to the problem.