Apple iOS may leak traffic outside the VPN tunnel
Apple iPhones and iPads running the Apple iOS operating system (including the newest version 13.4) have a vulnerability which allows data to bypass the VPN.
In short, when forming a VPN connection with FREEDOME or any other similar VPN product, iOS doesn't terminate the existing connections. Because of this, the existing connections remain active outside the VPN tunnel.
By using a VPN, you naturally assume that your network traffic is fully secured by the VPN. This is, however, not the case with the Apple iOS operating system at the moment, as iOS does not terminate existing connections. This means that traffic is not encrypted by the VPN, and both the source and the destination IP addresses can be seen by an eavesdropper, or for example by the owner of a website that you have connected to.
Due to the design of the iOS operating system, there is nothing that we can do to change this with a VPN app such as FREEDOME. Only Apple can fix this issue.
There is a simple workaround to this issue though:
- On your iPhone or iPad, open a FREEDOME connection to any of the available locations.
- Open Settings in FREEDOME and make sure the Keep VPN on when device is idle setting is turned on.
- Switch airplane mode on and off.
Note: Carry out these steps every time you turn on FREEDOME.
Airplane mode drops all of the open network connections. As airplane mode is disabled, FREEDOME can establish a VPN connection, which means that there aren't any existing network connections that might leak outside the VPN tunnel.
F-Secure would like to thank ProtonVPN for disclosing this information. You can find more on this topic on the ProtonVPN website here.