Using an iPhone VPN? You’re not as sure as you think


It seems that a number of Apple services are skipping the protection of a VPN with iOS 16.

Two iOS developers, who also act as security researchers, discovered that iOS 16 communicates with Apple services outside of an “active VPN tunnel”. According to the research, Health, Maps, and Wallet all “escape” the VPN connection when communicating with the company.

We confirm that iOS 16 communicates with Apple services outside of an active VPN tunnel. Worse, it leaks DNS queries. #Apple services that elude the VPN connection include health, cards, wallet. We used and #wireshark. Details in the video:

See more

Due to this behavior, Mysk developers say that “you can easily monitor any device’s network traffic using this simple method” which they have explained below:

See more

It seems worrying

Incredibly, it seems that lockdown mode “loses more traffic outside the VPN tunnel than ‘normal’ mode”.

Update: Lockdown mode leaks more traffic out of the VPN tunnel than “normal” mode. It also sends push notification traffic outside the VPN tunnel. That’s weird for an extreme protection mode. Here is a screenshot of the traffic (VPN and Kill Switch enabled)

See more

Lock Mode is the new iPhone mode that is marketed as a way to take your phone’s security and privacy to new heights. Enabling the mode takes the following actions on your phone:

  • Messages: Most types of message attachments other than pictures are blocked. Some features, such as link previews, are disabled.
  • Web browsing: Certain complex web technologies, such as just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from lockdown mode.
  • Apple Services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not already sent a call or request to the initiator.
  • Wired connections to a computer or accessory are blocked when iPhone is locked.
  • Configuration profiles cannot be installed and the device cannot enroll in mobile device management (MDM) when lockdown mode is enabled.

It is worrying to hear about these vulnerabilities. Hopefully Apple is able to rework how some of its communications work with its services to go more through VPN tunnel protection.


Comments are closed.