Recently i came across this article:
https://appleinsider.com/articles/22/08/17/all-ios-vpns-are-worthless-and-apple-knows-it-claims-researcher
this makes me wonder if it’s safe to use protonVPN on IOS? assuming I am browsing a HTTPS site with the VPN turned on, is it still possible for my ISP to intercept my traffic and discover what webpage I’m on? I was never aware that IOS had these types of security vulnerabilities, and I frequently use protonvpn to bypass government censorship, so I’ve become very worried if I have been unknowingly leaking my traffic. Thanks in advance to anyone who can give me some clarity!
VPN’s are useless for apps, because apps can have unique identifiers. They are great for websites, and Proton works for websites on iOS.
It’s basically just saying the connection may or may not be routed through the VPN tunnel if you don’t close and reopen apps first. This isn’t isolated to just iOS, happens with MacOS also.
If you want to be absolutely sure, either do a reboot or deploy ProtonVPN at the network level.
Most probably they are talking about tunnel encryption some kind of attack which is more resilient on android and linux
Safe? Of course it is. I use it all the time with kill switch on. As another poster stated, make sure you restart your phone with the VPN connected or toggle Airplane Mode for about a minute to make sure existing, persistent connections are reset and running through the VPN tunnel.
No, that doesn’t classify a VPN as “useless”.
hmmmm… if i use duckduckgo for example, would that still be considered an app even though it’s used as a browser for visiting websites? what is the definition of app in this case? just curious.
I was aware of the need to close and reopen apps on iOS, but not on macOS.
Could you please provide a reference for your comment?
by apps, does it refer to downloaded browsers as well, like duckduckgo? should I need to close and reopen the browser every time i want to make sure the vpn is securely routed? building upon that, should i trust dnsleaktest.com or should i assume that somewhere in the background something might be leaking despite what the site tells me? thanks!
Duck duck go would be fine, and most browsers would.