On iOS 16, it turned out that some Apple apps arbitrarily avoided VPN connection and communication was leaked


virtual private network (VPN) is a mechanism that enables secure Internet communication by encrypting network connections, and is also used to avoid government censorship. However, in iOS 16 , the latest OS for iPhone released in September 2022, it was reported that ``some Apple apps avoid VPN connections when communicating with servers.''

Most Apple apps on iOS 16 bypass VPN connections | AppleInsider

Security researcher Tommy Mysk said on October 12, 2022, 'We have confirmed that iOS 16 communicates with Apple services outside of an active VPN tunnel. Worse, DNS requests are also leaked. I will,' he posted on Twitter with a video.

The video posted by Mysk analyzes packet information with Wireshark , a packet analysis software, while using the VPN service ' ProtonVPN ' on an iPhone. The OS of the iPhone is 'iOS 16.0.3'.

When Apple's '

Map ' application is opened, communication with the Apple server begins ...

The IP address of my iPhone has been passed on. Normally, if you use a VPN connection, your IP address will not be sent, but some Apple apps bypass the VPN and communicate with the server.

It was also sending DNS requests as well as IP addresses.

In addition to Maps, it was confirmed that VPN connections were bypassed in ' Apple Store ', ' Clips ', ' Files ', ' Search ', ' Healthcare ', 'Settings', and ' Apple Wallet '.

In August 2022, it was pointed out that ``iOS VPN is not working'', and a security researcher advised that ``If you want to use a VPN connection on an iOS device, you should use a VPN client on your router.'' I'm here.

Researchers point out that iOS's VPN function has been broken for more than two years - GIGAZINE

Android apps are also known to avoid VPN connections when using Google services, and the same behavior was observed on iOS devices, Mysk said. It is unknown whether an attacker can peek at these traffic and exploit them, but since the problem has not been fixed even though it has been pointed out before, technology media Apple Insider said, ``For reasons only Apple and Google know. It is highly likely that it is a behavior that has been done.'

in Mobile,   Software,   Security, Posted by log1h_ik