ivpn/ios-app

Removing kill switch

jurajhilje opened this issue · 2 comments

jurajhilje commented

Description

Due to recently found iOS 16+ VPN bypass to Apple's servers, even with kill switch enabled, we will remove the feature in the next iOS app release.

More info

https://www.ivpn.net/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue/

jurajhilje commented

https://developer.apple.com/documentation/networkextension/nevpnprotocol/3131931-includeallnetworks

The older version of this document said:

A Boolean value that indicates whether the system sends all network traffic over the tunnel.

And indeed, we found that the feature (albeit it had shortcomings) did what it said in the documentation.

Current documentation says:

A Boolean value that indicates whether the system sends most network traffic over the tunnel.

It is still unclear from the documentation, as the default value is false, what the feature actually does when enabled vs. disabled. Does the device by default sends "least" network traffic over the tunnel?

gorkapernas commented

Verified on version 2.10.0 (19), it is confirmed that the killSwitch feature is removed for iOS 16+ devices. As described in the ticket, the KillSwitch no longer works as expected on the latest iOS versions, see -> https://www.ivpn.net/blog/removal-of-kill-switch-from-our-ios-app-due-to-apple-ip-leak-issue/
However, we still keep the KillSwitch on iOS 15.1-15.7.8, on these versions the KillSwitch still works, however it is not a very reliable feature as we notified when we first release it, see -> https://www.ivpn.net/knowledgebase/ios/known-issues-with-native-ios-kill-switch/

Observed issue on IVPN version update:

  • iOS 16.6 -> When the app is connected to the VPN and KillSwitch is enabled, if the user tries to update to the latest version 2.10.0 (19), the app will completely kill the internet connection. The network is not recovered even after deleting the app, the device must be rebooted in order to reestablish the connection.
    This issue is not observed when the KillSwitch is disable or the VPN disconnected.
    Also the issue is not reproducible on iOS 16.1 and iOS 15.7.1.

Warning:

It is suggested to disable the KillSwitch before updating the IVPN version to the latest version 2.10.0 (19) in order to avoid any potential issues such as the one described above.

  • 👍1