What Happened?
According to TechSpot, a security researcher and blogger claimed that all VPNs on iOS are broken. Researcher Michael Horowitz and ProtonVPN believe that every VPN on iOS has been leaking data for the last two years – since 2020.
“The problem is when a user activates a VPN on an iPhone or iPad, the device won’t first terminate all internet connections before restarting them within the VPN tunnel,” states the TechSpot article. This causes a problem because connections outside the tunnel can potentially leak a device’s IP address or other important data.
It’s also concerning because ProtonVPN announced the issue and reported it to Apple in 2020, but Horowitz’s recent testing shows that it remains unsolved in the latest versions of iOS and iPadOS (15.6). Horowitz recommends not to trust any VPN on Apple iOS devices.
How Could It Have Been Prevented?
The problem with third-party securities, such as a VPN is a lack of control over what is being secured. With known vulnerabilities that are being exploited, VPNs cannot be the end-all be-all for secure communication. In order to counteract those vulnerabilities, companies must implement technology that offers them control over their security future. Eclypses MTE Technology adds an extra layer of security and has the ability to work alongside a VPN to ensure data remains secure even if a VPN tunnel is compromised. MTE is different than a VPN because it secures data as soon as it is created rather than waiting until the transport layer like a VPN does. With MTE Technology companies can take control of their security by securing their applications and not relying on anything they don’t control to protect their data.
Want to discuss how MTE technology can work for your organization? Contact our team today.