iOS 16 avoids VPN even with block mode on

The mobile operating system iOS 16 contains an unpleasant bug, due to which user data is merged beyond the active VPN tunnel even if lockdown mode is enabled. Tommy Misk, one of the researchers in the field of cybersecurity, told MacRumors about an interesting feature of iOS 16: the approach of the new version of the OS to VPN traffic does not change from whether the Lockdown mode is enabled or not. Typically, when a user enables a VPN, the operating system closes all current Internet connections and then reinstalls them through the VPN tunnel. In the case of iOS, things are somewhat different: sessions and connections that are established before the VPN is enabled do not end, which means that they can send data bypassing the tunnel.
As long as the user believes that his information is protected, in fact, it can remain unencrypted and fall into the hands of providers and other third parties. Moreover, the Proton report mentioned a vulnerability in iOS 13.3.1 that allows you to bypass VPN.

As experts have determined, iOS 16 interacts with some Apple services outside of an active VPN tunnel and captures DNS requests without users’ knowledge. The researchers also tried to find out if the lock mode affects this behavior and concluded that even when the protection is activated, the data is lost. Tommy Misk explained his initial findings by explaining that even more data is compromised with the lock mode on than when it is turned off. Note that Android has a similar problem: mobile devices leak traffic even when the VPN feature is always on. Crafted By: Ekaterina Bystrova 17 october 2022 – 11:54