Connect with us

Hi, what are you looking for?

Geeks

iOS 13 Bug Is Blocking VPNs From Fully Encrypting Traffic; No Patch Yet

Credit: Favebrush/Shutterstock

An unpatched iOS 13 bug is preventing VPNs from encrypting all traffic. This is causing some internet connections to bypass VPN encryption, thus, exposing data or leak their IP addresses, reports Proton VPN.

iOS VPN bypass vulnerability

Even though the connections established after connecting to a VPN on your iOS device are not affected by this bug, all the previously made connections are affected by it. The iOS 13 bug causes the previously established connection to remain outside the VPN’s secure tunnel, says ProtonVPN.

The bug emerged because Apple’s iOS fails to close all existing internet connections when the user connects to a VPN. Usually, when you open a VPN, the operating system ends all the previous connections and automatically reconnects to the original destination servers after the VPN tunnel is established. This process is currently not taking place in iOS 13.3.1 and later versions, and is thus, affected by the bug.

ProtonVPN says that most connections are short-lived, so they will eventually be re-established through the VPN tunnel on their own. However, some of these connections are long-lasting, which can end up exposed for minutes to hours outside the VPN tunnel.

Such unencrypted connections can potentially reveal a user’s location, IP address, or expose them and the servers they’re communicating with to attacks.

Even though these risks are not too damaging for the average user, but those who rely on VPNs for sensitive work are quite vulnerable to the dire consequences.

Advertisement. Scroll to continue reading.
AIAD
Neither ProtonVPN nor any other VPN service can provide a workaround for this issue because iOS does not permit a VPN app to kill existing network connections.

Apple is aware of the issue, and it is currently working to fix it. But we will have to wait until Apple releases a patch for this bug. Meanwhile here’s a temporary fix for this iOS VPN bypass vulnerability:

A temporary solution

Apple recommends using the Always-on VPN to fix this problem, but this feature won’t work for those who use third-party VPN apps.

Until Apple issues a patch for this bug, ProtonVPN advises enabling and disabling Airplane Mode to manually kill the previous connections after connecting to a VPN. Keep in mind that this method isn’t 100% effective, but it’s worth a try.

You May Also Like

Geeks

Latest information about Manjaro Linux’s laptop project dates back to 2017 when the Manjaro Spitfire was released in partnership with Station X. However, updates...

Geeks

Recently, I discovered a Java compiler for web applications that I’d like to share with you. It’s called CheerpJ, and it has the ability...

Geeks

Following ECMAScript 2016, the ECMA International has given the green light to the latest edition of the ECMAScript Language Specification, ECMAScript 2017. JavaScript, which...

Geeks

After over 2 years of work, the long-awaited stable release of Devuan GNU+Linux 1.0 is now accessible for download. This alternative distribution has been...