Solved

VPN Information Leakage on iPhone?

Posted on 2014-02-03
2
664 Views
Last Modified: 2014-02-04
Friends,

Does anyone know the technicality of how Apple has implemented VPN via iPhone (iOS 7).  I need to know if my iPhone is leaking information when in standby via 4G/LTE once Wi-Fi goes out (which is typical to save battery life even when Wi-Fi is still strong and active).

Thank you all.
0
Comment
Question by:neowillendit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 39832299
This is a short brief on Apples VPN - note the VPN on demand various setting which will establish a connection automatically when accessing predefined domains. Out of the box, iOS supports Cisco IPSec, L2TP over IPSec, and PPTP. Split- tunneling should be disable to ensure all traffic route through the VPN tunnel, and also to lockdown proxy to Enterprise authorise proxy prior to any device surfing - this ensure internet traffic is not available unless VPN is up first.

http://images.apple.com/ipad/business/docs/iOS_6_VPN_Apr13.pdf

More stringent lockdown is App VPN or called "Per App VPN" feature in iOS7. This is must be implemented by the developers themselves. So when Apps can phone home through a VPN tunnel as soon as they are launched, and send all their network traffic (and only their network traffic) through it. There can be control by the Enterprise MDM admin, on top of the app developer incorporation using the configuration profile.

https://discussions.apple.com/thread/5318472

The link on the configuration profile and setting specific is a good means to ascertain what the device is able to lockdown and the granularity of it. These are also specific to what iPhone Configuration profile to be provisioned into the iPhone set. Key word search on VPN and Wireless will shed more details in the section

https://developer.apple.com/library/ios/featuredarticles/iPhoneConfigurationProfileRef/Introduction/Introduction.html#//apple_ref/doc/uid/TP40010206-CH1-SW37

Having said that, to be network connected, be it wireless of via the phone network signalling, the device is likely to be "leaking" device info already. See the Wifi-Payload on above link for the parameter to likely to be make available in open to establish connection.

Side note, for Android, if your Wi-Fi is turned on, even though it is not connected to any network, your phone will periodically broadcast a unique number (the MAC address), as well as all the Wi-Fi network names and addresses it remembers ever connecting to. With newer Android versions this can happen even if Wi-Fi is turned off, due to a feature called "scanning always available", which helps your device better determine its location.
0
 
LVL 1

Author Closing Comment

by:neowillendit
ID: 39832996
This is top-notch feedback and answers my question completely.  Thank you.
0

Featured Post

Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Installation of Nessus Professional 5 115
Trusted Platform Module with Windows 10 - Upgrading TPM 1.2 to TPM 2.0 13 86
PCI compliance 16 60
Rensome / malware protection 9 76
There is a security feature on iOS devices that is nearly impenetrable when it has been activated.  This article will provide some possible solutions as well as necessary steps to take to ensure you do not end up with a locked device.
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
Users will learn how resize a batch of photos from a single command in Photoshop via Photoshop's Image Processor. Open up an Image you'd like to resize in Adobe Photoshop: Adjust the image size according to your preferences. Image > Adjustments > …
Users will learn how to set proper sequence settings, scale images, paste attributes, add transitions, fades, and music. Open up Final Cut Pro 7 and Create a new Project: Set the Sequence Settings. a) Click File > Easy Setup > Format > Apple ProRe…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question