According to a comprehensive study by cybersecurity researcher Michael Horowitz, iPhone VPNs do not deliver on the promise made to their users. Indeed, the expert noticed that even after rerouting your connection to a third-party server, the path taken by your data”leak“ so that a malicious Internet user can potentially have access to it more easily…
It is not known if the problem has been fixed with iOS 15.6.1, which arrived a few hours ago with a major security patch. On the other hand, the incident does affect devices running iOS 15.6, the previous version. Suffice to say that most current iPhones are affected, including the iPhone 13, iPhone 13 Pro and third-generation iPhone SE.
Apple is aware
According to Horowitz, it was first ProtonVPN who mentioned the flaw in March 2020. Cupertino has since been alerted but no reliable measures have been put in place to resolve the problem. And in addition to mobiles, tablets are also affected, but we know that many of them are favored by companies for their equipment. Personal and sensitive information therefore passes through a very risky network every day…
Worse still: for the developer, any VPN is in fact a victim of this breach because third-party customers rely on the native functionality of iOS to offer their services. The only simple advice that seems to protect against danger is to simply avoid going through the private network of the iPhone. It’s unclear if the iCloud Private Relay option, available with iCloud+, is also affected, but it’s possible.
Otherwise, it may be wise to go through another VPN but this time installed directly in a physical router, rather than on iOS. The price of this type of product varies from a few tens of euros to several hundred for the most efficient.
iOS 16 on the way
Hopefully iOS 16, due out this fall, will come with a patch to make VPN more secure. The new program should be published around mid-september.