Last year, we discovered a vulnerability in iOS that causes connections to bypass VPN encryption. This is a bug in iOS that impacts all VPNs. We have informed Apple, and we are now sharing details so you can stay safe. https://protonvpn.com/blog/apple-ios-vulnerability-disclosure/
@protonvpn forgot to mention, awesome work discovering and reporting this!
@protonvpn hmm, apparently this is already known and documented by OpenVPN:
“Many Apple services such as Push Notifications and FaceTime are never routed through the VPN tunnel, as per Apple policy.”
Found in this bird site thread: https://nitter.snopyta.org/BucciaBuccia/status/1243292224827383814
Hey @protonvpn, does this issue only affect IKEv2 VPN configurations or also OpenVPN and WireGuard (when both aren’t set to “always-on”)?
Also, do you know if this additionally impacts iOS 13.4 that was just released?