iPhone VPN app security ‘broken’, Apple says it has issued a fix | Digit
San Francisco, Aug 20 (IANS) After a security researcher claimed that iOS VPN (virtual private networks) apps are broken due to a flaw, Apple said it has already offered a fix. However, ProtonVPN says it’s only a partial solution.
According to security researcher Michael Horowitz, VPNs on iOS are broken.
“At first, they appear to work fine. The iOS device gets a new public IP address and new DNS servers. Data is sent to the VPN server. But, over time, a detailed inspection of data leaving the iOS device shows that the VPN tunnel leaks,” he wrote in a blog post.
“This is not a classic/legacy DNS leak, it is a data leak. I confirmed this using multiple types of VPN and software from multiple VPN providers,” he claimed, saying that Apple knows about this flaw for at least two and a half years.
Apple insists it has offered a fix since 2019, while ProtonVPN says that it’s only a partial solution, reports 9to5Mac.
ProtonVPN said that this vulnerability has been present on iOS devices since at least iOS 13.3.1, and that there is no 100 per cent reliable way of ensuring that your data is being sent via the VPN.
Apple introduced an optional fix for this issue in iOS 14, but questions remain.
“The fact that this is still an issue is disappointing, to say the least. We first notified Apple privately of this issue two years ago. Apple declined to fix the issue, which is why we disclosed the vulnerability to protect the public,” according to Proton founder and CEO, Andy Yen.
(Except for the headline, the rest of this IANS article is un-edited)
For more technology news, product reviews, sci-tech features and updates, keep reading Digit.in
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.