I guess fixing the leak must be detrimental to Apple in some way so it won’t get fixed until Apple can resolve that, but based on the how long this has been going on, they probably can’t.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iOS 16 VPN Tunnels Leak Data, Even When Lockdown Mode Is Enabled
- Thread starter MacRumors
- Start date
- Sort by reaction score
Based on what is said in the article, this may be a workaround to make sure all connections go through VPN.
No doubt Apple needs open connections so its CSAM scanning/spying software can call home. 😛
Anyway my guess is this is an unaddressed bug. If you want an example of something that should be fixed but Apple hasn't in a decade, I give you the fact that no matter how big your monitor is, Finder windows in MacOS have no system setting to show full file names. So, you could have a 27" screen (as I do), open a Finder window and maximise it, and you still can't see the full names of files because MacOS is too primitive to optimise column width to fit the full name. D'urp. [/RANT]
Anyway my guess is this is an unaddressed bug. If you want an example of something that should be fixed but Apple hasn't in a decade, I give you the fact that no matter how big your monitor is, Finder windows in MacOS have no system setting to show full file names. So, you could have a 27" screen (as I do), open a Finder window and maximise it, and you still can't see the full names of files because MacOS is too primitive to optimise column width to fit the full name. D'urp. [/RANT]
I think this bug means you can't trust that one either... That's the point here-- when you enable VPN you expect your traffic to go through it, and this says some traffic leaks around it.
Yes split tunnels, etc, but that's not the problem here as I understand it-- the VPNs discussed here aren't intentionally split, but appear to be accidentally split (from the user perspective).
While true regarding not being bulletproof, it's not clear to me if the problem is not wanting to affect user experience or simply not fixing a glaring bug.
I disagree with this. If I remember the history correctly, Apple pulled all the VPN hooks under their control because it was being abused, particularly by unscrupulous "ad blockers". They've put an enormous amount of effort into their various efforts to prevent tracking, prevent browser fingerprinting, private relay, secure ad blocking, etc, etc. You don't put that kind of effort into a whitewash.
That said, when they decided to pull all VPN operations into the OS under Apple control they took responsibility for doing it right.
And they haven't.
I don't think they failed on purpose, I think they took their eye off the ball, but it's still inexcusable in a context like this. People were supposed to be protected from scams, but are now forced through a (most likely accidentally) insecure system.
VPN on Android is actually years ahead of iOS. If you are an serious user of VPN and VPN-like technologies, like someone who spends time in China, you will know. iOS is the worst platform for implementing complex custom VPN solutions.
While this is certainly troubling and I hope they address it, if all that is “leaking” is health, maps, and wallet then I’m not too concerned. Health is already end to end encrypted meaning apple can’t read it. Wallet (as it pertains to purchases) is end to end encrypted meaning apple can’t read it. Maps, sure. That should be patched.
I’d be worried if safari data was dns leaking. That would be a major security flaw.
I’d be worried if safari data was dns leaking. That would be a major security flaw.
Researchers like this count on the “Hate Apple” crowd to:
A. Not understand any of the nuances of what they’re talking about
B. Distribute their tweet far and wide (T and T simply MUST have glory!)
Just the fact that they’re including Lockdown is evidence of this. Every Security Researcher that actually perused Apple’s website knows that Lockdown is primarily to protect from ingresses in situations where the malicious actor has the ability to be a cell-tower MIM. It’s basically a “don’t be as trusting” mode. To indicate that not enabling a VPN shows either a lack of reading comprehension OR an intentional attempt to obfuscate so that their tweets will have the furthest reach.
Last edited:
This is essentially the mindset I think the developers had here to begin with. It's a totally legitimate reason for a VPN client to simply connect securely to an office or home network from outside, so the device behaves like it's on that local network while tunneling in.
This whole thing of using a VPN so nobody can determine what kind of traffic you're sending or receiving and to where? That's a completely different use-case which you can't be certain all VPN clients or connections will offer you.
There was just an article yesterday complaining about Google writing the Android VPN so it leaks data even when in supposedly secure mode, too .... Sounds just like this iOS issue.
Not slow, careless. Apple’s software quality lately is just shocking.
If it's for connecting two networks securely, surely you will agree that having some data escaping being securely transmitted between those two networks is a problem, right?
Privacy is not the problem here, the problem is that an extremely basic feature is not functioning as intended for several OS updates and Apple don't care making it as it should work. That's the problem, corporate apathy.
Doesn’t matter what it was originally intended to do. This is what it has become and people expect it to be.
Are they? It's my world too and I have never seen a split tunnel setup. What we use VPN for is accessing secured resources in house from remote users. It's nice to be able to encrypt all data to and from so any older protocols that we do need to use (legacy stuff), are basically unseen by anyone else. Ours is a full tunnel with the stipulation you don't attach if the client is requesting a split tunnel. It wouldn't be secure enough as a split tunnel traffic could be sniffed too easily from outside.
I know why some might want to use a split tunnel -- to keep normal internet traffic from remotes taking up bandwidth, but there's no way it's as secure. (easy out is to not allow outside internet traffic passthrough)
Are we sure this issue doesn't stem from the fact that a socket is already open to the APNS or other Apple servers before VPN connects therefore new routing doesn't yet get applied?
It's like if you're downloading something on data and turn on wifi. Unless you pause/resume download or the system does it automatically for you, the data will keep flowing through data even if wifi is on and connected and is the new preferred routing.
It's like if you're downloading something on data and turn on wifi. Unless you pause/resume download or the system does it automatically for you, the data will keep flowing through data even if wifi is on and connected and is the new preferred routing.
Can anyone provide a reasonable description of and explanation for what exactly is "leaking" and why this is a problem? This is a serious question. The discussion of the issue back in August was mostly people catastrophizing over the "leaks" but I didn't read anything that clearly explained what the risks were. So far the discussion here has also mostly been catastrophizing and criticism without explanation of why it's an issue.
I get the feeling that Apple, Google, Microsoft etc whoever you have a VPN with there may be a possibility that there is a leak. and we may well not be told that a company that cries out privacy will be put under the microscope as Apple have been here. no Government wants the public to have complete anonymity at the end of the day, there’s always a chance it will get abused Whether that be a terrorist or a sex trafficking ring you just can’t give them that kind of hardware If you had a truly hardened handset that couldn’t be monitored at all think of the damage that could be done with that so, I think it’s probably a given that even if we don’t know about other leaks they may exist somewhere along the chain as I said our information is leaked probably from every VPN used thats used even If it’s not in the 14 countries. I imagine there will be a footprint somewhere because it’s just too much of a risk and even though I think we should be allowed complete anonymity I can understand why we can’t because not every human being is a trustworthy upstanding honest person.
If Apple created a phone that was so hardended and no one could track it imagine the damage that could be done with that phone. I’m not saying it’s right I’m just saying people will always use something for nefarious purposes if it’s got the ability to be used that way, and if a company stands up and advocates its privacy it’s going to get picked apart more than companies that don’t, I think we’re given the illusion that we have privacy when we don’t we can limit the vectors up to a certain point but somewhere today so will be collected in the UK ISPs and say that the providers keep meta data for I think it’s two years and I think that phone that’s sold to be used on those networks by the general public would like information I think is a little naive, but that’s just my view.
I just don’t think if you have an online presence you will ever be completely hidden it’s just not possible in this day and age. Now I’m sure there are phones out there that are very hardened and and they’re designed for people who need that kind of anonymit, but unless you work for say GCHQ or the cia etc you’ll never going to get that kind of equipment from a public vendor unless they create it especially for those people, maybe that’s why so many people are going back to using typewriters and paper it’s not perfect but if it’s not plugged in it’s got a great airgap and it’s a lot harder to hack.
If Apple created a phone that was so hardended and no one could track it imagine the damage that could be done with that phone. I’m not saying it’s right I’m just saying people will always use something for nefarious purposes if it’s got the ability to be used that way, and if a company stands up and advocates its privacy it’s going to get picked apart more than companies that don’t, I think we’re given the illusion that we have privacy when we don’t we can limit the vectors up to a certain point but somewhere today so will be collected in the UK ISPs and say that the providers keep meta data for I think it’s two years and I think that phone that’s sold to be used on those networks by the general public would like information I think is a little naive, but that’s just my view.
I just don’t think if you have an online presence you will ever be completely hidden it’s just not possible in this day and age. Now I’m sure there are phones out there that are very hardened and and they’re designed for people who need that kind of anonymit, but unless you work for say GCHQ or the cia etc you’ll never going to get that kind of equipment from a public vendor unless they create it especially for those people, maybe that’s why so many people are going back to using typewriters and paper it’s not perfect but if it’s not plugged in it’s got a great airgap and it’s a lot harder to hack.
What's the chances the US security services has requested Apple not to fix the bug because it is something that was requested from the beginning? Just think of all the bad people in the world using an iphone thinking they was secure from prying eyes due to using a VPN when in fact their every move could be plotted due to the hidden DNS requests that are made outside of a VPN. If Apple was to fix the bug these bad people would suddenly become invisible. Somehow I do not think the US government is going to allow that to happen.
This is exactly why many people give up on providing feedbacks through “official channel“ directly, instead gambling on blowing up the issue in the media so media could collectively report issue to Apple by making louder noises.
It behooves these “researchers” that you don’t think about what’s actually happening. Because, if they mentioned anything about what real level of concern folks would have, nowhere near as many folks would be talking about it.
Considering this has been a “thing” for years, and it has blown up previously, at this point it’ll just blow up over and over again every time a Security Researcher needs to get their name in the news.
They are likely hoping very hard that it stays JUST the way it is so that they can ‘report’ on it again when iOS 17 comes out. More publicity!
Another example of how Apple's marketing team is disjoint from engineering team. Honestly, the camera is the only thing that makes me buying iPhones.