According to a security researcher, Apple may have a big problem with regard to how it routes VPN traffic. And is Apple’s M2 Pro and M2 Max chip about to go into production?
VPN traffic
As reported by Ars Technica, a researcher discovered that iOS doesn’t route all network traffic through a VPN when activated. The researcher in question, Michael Horowitz, states that all VPNs appear to work correctly upon connection. However, any existing connections or sessions that were established prior to enabling the VPN do not deactivate.
The expected behavior, of course, is that when you enable your VPN, it terminates any existing connections. Then, the VPN re-activates these connections in a secure way and routes the traffic through the VPN.
“Data leaves the iOS device outside of the VPN tunnel,” Horowitz writes. “This is not a classic/legacy DNS leak, it is a data leak. I confirmed this using multiple types of VPN and software from multiple VPN providers. The latest version of iOS that I tested with is 15.6.”
Michael Horowitz via Ars Technica
Although Arstechnica has reached out to Apple for comment, the publication is yet to hear back. For his part, Horowitz doesn’t provide any direct solutions. Instead, he suggests that a dedicated VPN router would be the most secure solution.
The AppleTLDR take
This is a serious problem that Apple needs to address and fast. The company touts its mantra that “privacy is a fundamental human right”. But for some consumers who rely on a VPN to protect their privacy, it can literally be the difference between freedom and incarceration or worse. As Horowitz puts it:
Those at highest risk because of this security flaw are people in countries where surveillance and civil rights abuses are common”
It isn’t acceptable for this flaw to be left unaddressed. Certainly not for any longer than necessary to identify the source of the problem and to provide a fix. For now, the best option would be to consider a dedicated VPN router if you have immediate concerns. Not ideal as this will come at a cost. But it might be the safest bet if this is critical for you.
M2 Pro and M2 Max
In a report from Taiwan’s commercial times, industry sources claim that Apple’s 3nm M2 Pro and M2 Max chips are about to go into production. The chips would follow in the footsteps of the M2 chip that was unveiled along with the new MacBook Air, offering many of the same benefits albeit with greater levels of performance.
The report further details that the M2 Pro and M2 Max will be amongst the first chips made with TSMC’s new 3nm process. By moving to a 3nm die, the chips should be able to provide increased performance while also further reducing power consumption.
For some context, the M2 chip offers an 18% faster CPU, 35% faster GPU a 40% faster neural engine, and over 50% greater memory bandwidth compared to the M1 chip.