Security researcher claims iOS VPN 'broken', Apple says issued a fix

Apple insists it has offered a fix since 2019, while ProtonVPN says that it's only a partial solution, reports 9to5Mac

Photo: Bloomberg

Photo: Bloomberg

San Francisco
After a security researcher claimed that iOS VPN (virtual private networks) apps are broken due to a flaw, Apple said it has already offered a fix. However, ProtonVPN says its only a partial solution.
According to security researcher Michael Horowitz, VPNs on iOS are broken.
"At first, they appear to work fine. The iOS device gets a new public IP address and new DNS servers. Data is sent to the VPN server. But, over time, a detailed inspection of data leaving the iOS device shows that the VPN tunnel leaks," he wrote in a blog post.
"This is not a classic/legacy DNS leak, it is a data leak. I confirmed this using multiple types of VPN and software from multiple VPN providers," he claimed, saying that Apple knows about this flaw for at least two and a half years.
Apple insists it has offered a fix since 2019, while ProtonVPN says that it's only a partial solution, reports 9to5Mac.
ProtonVPN said that this vulnerability has been present on iOS devices since at least iOS 13.3.1, and that there is no 100 per cent reliable way of ensuring that your data is being sent via the VPN.

Also Read

The rationale behind Indian companies needing their own 5G networks

Telcos' argument about private 5G networks 'absurd and illogical': BIF

BIF seeks direct spectrum allocation for private 5G networks to enterprises

Hacker breached network via employee account, no data compromised: Cisco

NordVPN in new feature allows users to connect directly to other devices

Apple warns of security flaws for iPhones, iPads and Macs: Report

NASA, Microchip to develop next-gen spaceflight computing processor

Instagram, YouTube discourage users from sharing videos to TikTok

Google's new update cuts 'low-quality, unoriginal' content in Search result

What is ISRO's new SSLV and why is it important?

Apple introduced an optional fix for this issye in iOS 14, but questions remain.
"The fact that this is still an issue is disappointing to say the least. We first notified Apple privately of this issue two years ago. Apple declined to fix the issue, which is why we disclosed the vulnerability to protect the public," according to Proton founder and CEO, Andy Yen.

(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

First Published: Aug 20 2022 | 3:14 PM IST

Explore News