September 25, 2022

SHSU Houstonian Online

Read all latest news headlines from USA, UK and around the world, get today's breaking news and live updates on politics, elections, business, sports, economy,​ …

Researcher: Current connections in iOS 15.5 bypass the VPN tunnel – tablets and phones – news

The built-in VPN module all VPN clients are built on top appears to be able to route all traffic through the tunnel, but it doesn’t cut existing connections when the tunnel is set up.

So if the connections are already at the OS level (and it’s no coincidence that these connections are basically or only standard OS connections, listening for incoming Facetime calls, updates, etc.)
Then they stay out of the tunnel.

It’s a bug that, I think, should be very easy to fix. But only Apple can do this because it is in the iOS unit.

Well, indifference is an understatement.

The problem has been known at least since iOS 13.3.1 with ProtonVPN version 13.4, somewhere in March 2020Even the current version of iPadOS15.4+ with OVPN 0.5.0 or ProtonVPN 3.1.3, this problem exists.

This is about 2.5 years old, because it intuitively raises some questions:
1> How reliable is pcap recording/monitoring?
2> What settings (Apple or third party) affect this at all?
3> How it is described in the relevant EULAs, Terms of Service, etc.
4> How do these answers relate to the discussion of privacy?

And what does Apple guarantee?

Apple recommends the use of Always-on VPN to mitigate this issue. This method requires the use of device management, so unfortunately it does not mitigate the problem for third-party apps like ProtonVPN or Mullvad.

So this is not just about iOS unit; It’s all about device / device And all third-party software. Notifications, updates, FaceTime, Game Center, as well as Amazon Web Services seem to get preferential treatment.

See also  Exchange ProxyShell Vulnerability Under Active Attack After Disclosure - Computer - News

By the way, Apple Always-on VPN has been available since iOS 8 and Google and Microsoft can’t be far behind, because the word “bigtech” doesn’t exist for nothing.

In November 2020, you also had a story about ContentFilterExclusionList, AppleSupport FB8817119, which was removed in the beta build of macOS 11.2. The issue involved 53 apps, including iStore, iCloud, and Maps.

This means that socket filter firewalls (such as LuLu) can now comprehensively monitor and block all network traffic. macOS 11.2 beta 2 has removed the privacy vulnerability after the Big Sur privacy upgrade)

The bug was centered on Apple apps that don’t accept Network Kernel Extensions (NKEs) in Big Sur (iOS11). However, Apple has not provided any evidence or details about the malware attack.

[Reactie gewijzigd door Bulkzooi op 18 augustus 2022 20:32]