- Nov 10, 2017
iOS 16 continues to leak data outside an active VPN tunnel, even when Lockdown mode is enabled, security researchers have discovered.
Speaking to MacRumors, security researchers Tommy Mysk and Talal Haj Bakry explained that iOS 16's approach to VPN traffic is the same whether Lockdown mode is enabled or not. The news is significant since iOS has a persistent, unresolved issue with leaking data outside an active VPN tunnel.
In August, it again emerged that third-party VPNs for iOS and iPadOS routinely fail to route all network traffic through a secure tunnel after they have been turned on – an issue that Apple has purportedly known about for years.
Typically, when a user activates a VPN, the operating system closes all existing internet connections and then re-establishes them through the VPN tunnel. In iOS, security researchers have found that sessions and connections established before the VPN is turned on are not terminated as one would expect, and can still send data outside the VPN tunnel while it is active, leaving it potentially unencrypted and exposed to ISPs and other parties.
iOS 16 continues to leak data outside an active VPN tunnel, even when Lockdown mode is enabled, security researchers have discovered. Speaking to...