Serious iOS 16 Problem Leaves iPhone Owners Exposed
iOS 16 is a bug-ridden disaster, with Apple releasing a slew of dedicated bug fixes that barely touch the surface. And now, according to recent research, the possibly greatest flaw in iOS is even worse in iOS 16.
In an interview with security experts Tommy Mysk reveal that while utilizing a VPN, iOS 16 leaks user data. This issue has been present since iOS 13.3.1. What’s worse, Apple added a new ‘Lockdown Option’ in iOS 16, but researchers discovered it leaks much more data than the ordinary mode. Something that could have catastrophic consequences.
“We confirm that iOS 16 does communicate with Apple services outside an active VPN tunnel. Worse, it leaks DNS requests. Apple services that escape the VPN connection include Health, Maps, Wallet,” the researchers tweeted along with an explanatory video.
“The Lockdown Mode leaks more traffic outside the VPN tunnel than the ‘normal’ mode,” the researchers added. “It also sends push notification traffic outside the VPN tunnel. This is weird for an extreme protection mode.”
Contrast this with Apple’s description of Lockdown Mode in its support documents:
“Lockdown Mode is an optional, extreme protection that’s designed for the very few individuals who, because of who they are or what they do, might be personally targeted by some of the most sophisticated digital threats. Most people are never targeted by attacks of this nature.”
“When Lockdown Mode is enabled, your device won’t function like it typically does,” Apple continues. “ To reduce the attack surface that potentially could be exploited by highly targeted mercenary spyware, certain apps, websites, and features are strictly limited for security and some experiences might not be available at all.”
There’s a differentiation to be made here between attacks and data retention. Still, it is reasonable to assume that anyone using Lockdown Mode would not expect more data to be leaked via VPN with it enabled than without.
I have contacted Apple about these discoveries and will update this article if/when I receive a response.