That the tunnel assimilates all the bits and bytes coming and going between the device in question and the Internet :-) I refer to "the tunnel" because the iPad I tested with is Wi-Fi only. I set out to verify that the VPN tunnel is the all-consuming thing it's supposed to be. The three VPN apps that I tested with had it off by default, and I left it off. All VPN client software that I have seen, that offers split tunneling has it off by default. Granted, some VPN software supports an option called split tunneling which breaks this simple rule, but that does not interest me. Certainly most data passes through the VPN tunnel, but I was curious about all data. Does it? That's what I set out to verify. Once a VPN connection (the official term is a "tunnel") is established, all data coming and going from the VPN-connected device is supposed to go through the VPN. This blog is about a less than obvious VPN test, one that requires a professional class router to confirm. Some things are obvious, like checking for a new public IP address, new DNS servers and checking that WebRTC is disabled. The VPN page of my site has a section with assorted tires that can be kicked to verify that a VPN is working. So too, did Hacker News,, The Register (particularly well done article by Thomas Claburn), HowToGeekĪnd many others. This data leak was first publicized by ProtonVPN in March 2020 and iOS v13.Īugust 17, 2022: Ars Technica picked this up: VPN security - iOS VPNs have leaked traffic for more than 2 years, researcher claims. The latest version of iOS that I tested with is 15.6.1. I confirmed this using multiple types of VPN and software from multiple VPN providers. This is not a classic/legacy DNS leak, it is a data leak. Data leaves the iOS device outside of the VPN tunnel. But, over time, a detailed inspection of data leaving the iOS device shows that the VPN tunnel leaks. The iOS device gets a new public IP address and new DNS servers. Oct 14, 2022: Updated the Where This Stands section add a report (not from me) showing that an iOS 16 VPN leaks, even in Lockdown mode. And, added an excellent article by IPVanish to the section, dated August 25th. ![]() Also added the latest update: research by others that also found VPN leaks in iOS, this time with iOS 16. Oct 12, 2022: Updated the Where This Stands section to put the most recent updates at the top. ![]() Sept 21, 2022: Updated the Where This Stands section to note that iPad OS v16 is not yet available for my iPad. Sept 16, 2022: Updated the Where This Stands section (at the bottom of the section). ![]() Sept 4, 2022: Documented yet another Wireshark test/trace, this time using the WireGuard app. Its off-topic, but interesting.Īug 27, 2022: Added a new section with a Wireshark examination of the leaking dataĪug 31, 2022: Yet another Wireshark test/trace. Some minor edits.Īug 25, 2022: Added Facebook research to the Leaking Domain names section. Added my prediction in the Where This Stands section. Moved the My Suggestion topic higher.Īug 20, 2022: New section added on Leaking Domain names Aug 21, 2022: New section added about the Disconnect Blog on Leaky iOS VPNs Aug 22, 2022: Minor addition to the Leaking Domain names section. Some minor edits.Īug 18, 2022: Minor edits thanks to reader feedbackĪug 19, 2022: Added a response from Apple in the Where This Stands section and moved that section to the top of the page.Īlso added a new Tor vs. Added confirmation of the problem from Windscribe in the Where This Stands section. Added a link to a similar iOS VPN issue from 2018 in the Introduction section. JAdded details on yet another test JAdded new section on the bottom about where things currently stand July 31, 2022: Two minor updates at the bottom of the pageĪug 5, 2022: Added new TLDR intro Aug 8: Confirmed with iOS 15.6 - new section at the bottomĪug 14, 2022: Added two sentences about Tor in the Wrapping Up sectionĪug 15, 2022: Added a first look at the leaking domains to the Where This Stands section.Īug 17, 2022: In the TLDR section, added links to an Ars Technica article on this and to Hacker News comments. Minor edits and a new section on Testing Airplane ModeĮxpanded the My Suggestion section at the end Totally re-wrote the Work-Arounds section
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |