It appears that a number of Apple’s own services skip the protection of a VPN with iOS 16.
Two iOS developers, who also serve as security researchers, have discovered that iOS 16 communicates with Apple services outside of an “active VPN tunnel.” According to the research, Health, Maps, and Wallet all “escape” the VPN connection when communicating with the company.
We confirm that iOS 16 does communicate with Apple services outside an active VPN tunnel. Worse, it leaks DNS requests. #Apple services that escape the VPN connection include Health, Maps, Wallet. We used and #Wireshark. Details in the video:
We confirm that iOS 16 does communicate with Apple services outside an active VPN tunnel. Worse, it leaks DNS requests. #Apple services that escape the VPN connection include Health, Maps, Wallet.We used @ProtonVPN and #Wireshark. Details in the video:#CyberSecurity #Privacy pic.twitter.com/ReUmfa67lnOctober 12, 2022
Due to this behavior, the Mysk developers say that “you can easily monitor the network traffic of any device using this simple method” that they have laid out below:
You can easily monitor the network traffic of any device using this simple method. You don’t need a custom router for that. You just need a Mac and #Wireshark, and enjoy ✌️ https://t.co/1IBRf4F14AOctober 12, 2022
That seems concerning
Incredibly, it appears that Lockdown Mode “leaks more traffic outside the VPN tunnel than the ‘normal’ mode.”
Update: The Lockdown Mode leaks more traffic outside the VPN tunnel than the “normal” mode. It also sends push notification traffic outside the VPN tunnel. This is weird for an extreme protection mode. Here is a screenshot of the traffic (VPN and Kill Switch enabled)
Update: The Lockdown Mode leaks more traffic outside the VPN tunnel than the “normal” mode. It also sends push notification traffic outside the VPN tunnel. This is weird for an extreme protection mode.Here is a screenshot of the traffic (VPN and Kill Switch enabled) #iOS pic.twitter.com/25zIFT4EFaOctober 13, 2022
Lockdown Mode is the iPhone’s new mode that is marketed as a way to take the security and privacy of your phone to new heights. Turning on the mode takes the following measures on your phone:
- Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled.
- Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
- Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.
- Wired connections with a computer or accessory are blocked when iPhone is locked.
- Configuration profiles cannot be installed, and the device cannot enroll into mobile device management (MDM), while Lockdown Mode is turned on.
It’s concerning to hear about these vulnerabilities. Hopefully, Apple is able to rework how some of its communications work with its services so more run through the protection of the VPN tunnel.
Click Here For The Original Source.
————————————————————————————-