If you use a VPN on iOS, then this blog is definitely important for you to read. Michael Horowitz, a cyber security expert, had revealed something quite damaging to the integrity of iPhones and iOS as a whole.
Using a VPN on an iPhone is supposed to be safe and secure, as its main purpose is to encrypt your traffic and obscure your digital identity and footprint to hide you from hackers and cyber attackers, and it only happens when you use premium VPNs for iPhone specifically. But with iOS, Michael Horowitz has identified some vulnerabilities in the iOS infrastructure that damages the integrity of said VPN’s connections.
Several VPN providers have backed up Michael Horowitz’s claim and consider iPhone VPNs and iPad to be broken. This problem has been seen in iOS for quite some time, dating back to iOS 13 days and maybe even further. In this blog, we will learn more about this vulnerability and what it can do.
VPNs & iOS – What’s The Deal?
Before we get into the issue, let’s talk about how a VPN works exactly. This will make it easier for you to understand exactly how the vulnerability works and why you might need to really pay attention to it.
● How A VPN Works
Let’s say you have a device, an iPhone in this case, and you connect it to your Wi-Fi. Then, if you try to access a site, then your phone’s browser generates a request for that website and sends it to the target server.
This request first goes through your ISP’s servers, then it goes to the DNS server, which lets you access the website appropriately. In this scenario, since your connection is completely unencrypted, every single activity is logged and recorded by your ISP. Your IP address is also completely visible, which lets the servers of the website know where you are trying to access from.
What a VPN does is it puts encryption on your data traffic. The best VPNs, like ExpressVPN, use AES-256. This standard of encryption is considered the best in the world and it protects your data stream from hackers and cyber attackers, as they cannot break this kind of encryption without the appropriate key.
A VPN also switches your IP address out. It takes your real IP address and hides it, putting an IP address from the VPN server you chose (the US for example) and putting it onto the data traffic. This fools the target servers into thinking you are accessing from another region, not your physical location.
This rerouting process is basically how a VPN hides your identity online and helps you bypass geo-restrictions to access blocked streaming services, securely torrent files, and more.
● iOS & VPN – The Vulnerability
So, what Mr. Horowitz discovered that is so damning? In a blog post, he talked about discovering vulnerabilities that don’t let iOS users experience the full force of the protection and encryption of a VPN like ExpressVPN. VPNs are described as tunnels, but he described it as a water hose, in the sense that it might have leaks in it that let the water out.
So, your data traffic isn’t fully protected when using a VPN with iOS and it might be prone to leaking and, therefore, makes you vulnerable to hacking, and malware and even stops you from unblocking your favorite websites.
He tested the VPN and found them to be perfectly safe and secure, which means that the problem is with the iOS platform. With reports dating back to iOS 13, it is safe to assume that iOS has had this problem for a significant amount of time and every iOS user needs to be aware of this before they try and use a VPN to access their favorite blocked sites.
As for what is being leaked, your IP address and DNS data are secure but your encrypted data has a high probability of being leaked. Any hacker with a basic understanding of exploiting cybersecurity vulnerabilities could easily access your data.
● Reports From ProtonVPN
In March 2020, ProtonVPN developers also reported vulnerabilities they detected during routine penetration testing. This was over two years ago, and the problem still persists.
Apple denies that any such leak exists and says that everything is “working as designed,” which is quite odd considering that the leak has been proven to exist.
Wrapping Up
If you are an iOS user then we highly recommend switching to another platform before employing the use of a VPN. This problem is real and quite worrying. And it won’t be going away any time soon due to Apple’s indifference.
And if you are using a VPN, we recommend a VPN like ExpressVPN, which has advanced security features and will be able to protect you the best it can.