{"id":26248,"date":"2022-08-20T00:03:00","date_gmt":"2022-08-19T22:03:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=26248"},"modified":"2022-08-19T16:53:24","modified_gmt":"2022-08-19T14:53:24","slug":"security-researchers-warns-vpns-on-ios-are-not-private","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2022\/08\/20\/security-researchers-warns-vpns-on-ios-are-not-private\/","title":{"rendered":"Security researcher warns: VPNs on iOS are not private"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Sicherheit (Pexels, allgemeine Nutzung)\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Sicherheit_klein.jpg\" alt=\"Sicherheit (Pexels, allgemeine Nutzung)\" width=\"200\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/?p=271747\" target=\"_blank\" rel=\"noopener\">German<\/a>]Security researchers Michael Horowitz warns iOS users, that VPNs on this platform is broken. It looks, that it works fine. But the iOS device gets a new public IP address and new DNS servers. A detailed inspection of data leaving the iOS device by Horowitz shows that the VPN tunnel leaks. This became firstly know by ProtonVPN, according to Horowitz, in March 2020 and iOS v13 (I found <a href=\"https:\/\/www.reddit.com\/r\/ProtonVPN\/comments\/8vq5qy\/ios_protonvpn_leak_ip\/\" target=\"_blank\" rel=\"noopener\">this reddit.com post<\/a> from 2018, claiming a similar behavior).<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg05.met.vgwort.de\/na\/b9fd4c0f19414b2aabc8d5e740da7113\" alt=\"\" width=\"1\" height=\"1\" \/>I became aware by the following <a href=\"https:\/\/twitter.com\/jgarzik\/status\/1560255070536577024\" target=\"_blank\" rel=\"noopener\">tweet<\/a> and the article <a href=\"https:\/\/www.michaelhorowitz.com\/VPNs.on.iOS.are.scam.php\" target=\"_blank\" rel=\"noopener\">VPNs on iOS are a scam<\/a>, who has updated his article (first published in May 2022) a couple of days ago.<\/p>\n<p><a href=\"https:\/\/twitter.com\/jgarzik\/status\/1560255070536577024\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" title=\"VPN in iOS isn't private\" src=\"https:\/\/i.imgur.com\/aBVuTdt.png\" alt=\"VPN in iOS isn't private\" \/><\/a><\/p>\n<p>Horowitz tested first the ProtonVPN app running on an iPad with iOS version 15.4.1. Monitoring the router log after I started the VPN connection showed a VPN tunnel and IP addresses was obtained from a public server. Then he checked the Active Sessions for the iPad with PepLinks, and got a\u00a0 first indication of trouble.<\/p>\n<p><a href=\"https:\/\/www.michaelhorowitz.com\/pix\/ios.vpn.testing.sessions.jpg\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" title=\"VPN session data\" src=\"https:\/\/www.michaelhorowitz.com\/pix\/ios.vpn.testing.sessions.jpg\" alt=\"VPN session data\" width=\"565\" height=\"80\" \/><\/a><br \/>\nVPN session data, source: Michael Horowitz<\/p>\n<p>The device was connected via an IPsec VPN tunnel with the UDP IP 37.19.214.1. But there was a 2nd TCP connection established by Apple Push, using port 5223 at IP address 17.57.144.12.\u00a0 Horowitz learned, that all IP addresses that start with 17 belong to Apple. Horowitz wrote:<\/p>\n<blockquote><p>iOS 15.4.1 still does not terminate existing connections\/sessions when it creates a VPN tunnel. This presents assorted dangers. Connections outside the VPN communicate your real public IP address and there is no guarantee that they are encrypted. They are also vulnerable to ISP spying. And, a VPN provides what should be a trustworthy DNS service. Outside the VPN, anything goes.<\/p><\/blockquote>\n<p>Horowitz described his findings in more detail within his article <a href=\"https:\/\/www.michaelhorowitz.com\/VPNs.on.iOS.are.scam.php\" target=\"_blank\" rel=\"noopener\">VPNs on iOS are a scam<\/a>. And he also provided some \"workarounds\", but his conclusion was: Don't trust any VPN on iOS, make the VPN connection using VPN client software in a router, rather than on an iOS device.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Security researchers Michael Horowitz warns iOS users, that VPNs on this platform is broken. It looks, that it works fine. But the iOS device gets a new public IP address and new DNS servers. A detailed inspection of data leaving &hellip; <a href=\"https:\/\/borncity.com\/win\/2022\/08\/20\/security-researchers-warns-vpns-on-ios-are-not-private\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580],"tags":[69],"class_list":["post-26248","post","type-post","status-publish","format-standard","hentry","category-security","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/26248","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=26248"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/26248\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=26248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=26248"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=26248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}