• Security experts reveal Proton is the 'only VPN' to avoid interna

    From TechnologyDaily@1337:1/100 to All on Fri Jun 19 15:45:25 2026
    Security experts reveal Proton is the 'only VPN' to avoid internal tunnel IP fingerprinting on iOS

    Date:
    Fri, 19 Jun 2026 14:33:22 +0000

    Description:
    According to a security researcher at Mysk, Proton VPN may be the only app that successfully dodges internal tunnel IP fingerprinting on iOS. But that tells more about Apple than Proton's competitors.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Proton VPN uniquely blocks IP tunnel fingerprinting on iOS, researchers say Mullvad is among other porvider that remain vulnerable to the flaw The issue stems from iOS networking behaviour Proton VPN is the only VPN that successfully avoids internal tunnel IP fingerprinting on iOS, according to recent tests carried out by security researchers at Mysk.

    Internal tunnel IP fingerprinting is the ability to correlate a VPN session using the 'fingerprints' left by a recurring private IP address assigned inside a VPN tunnel. Many of the best VPNs assign a static and unique IP address per session or device, leaving these traces behind.

    The issue is that in the iOS ecosystem, apps can freely read the VPN tunnel's internal IP address, meaning it can be used as an additional tracking signal across apps.

    Instead, Proton VPN assigns the same reserved local internal IP address specifically 10.2.0.2 to all users, removing the individual fingerprints
    left by your own online activity. You may like Mullvad addresses WireGuard exit-IP fingerprinting concern after researcher flags privacy risk Mullvad to patch VPN fingerprinting issue to stop your activity from being tracked
    across servers Proton VPN review Swiss privacy pedigree and undeniable security What researchers found Imagine you are a member of a private club and, whilst visiting the building, you leave your fingerprints everywhere.

    Even if no one can identify who they belong to, the fact that they are found on specific objects might give an idea of what a particular person has been doing.

    This is effectively the problem with iOS. When you have a stable internal IP address allocated by WireGuard in any VPN this acts as a digital fingerprint, and iOS allows any app to read it. This, in turn, can be used as a shared identifier, making it easier for those apps to deduce that they are running on the same device and within the same VPN session.

    Proton VPN has chosen to address this problem head-on. Using a novel
    approach, users are all assigned the exact same internal IP address. This appears identical to those of all other users connecting to the service using the WireGuard protocol. Using Loupe, we found out that Proton VPN is the only VPN that prevents internal tunnel IP fingerprinting by assigning 10.2.0.2 to all users. Other VPNs, such as Mullvad, assign a static and unique IP per session. This allows iOS apps to track user sessions across apps. https://t.co/2yUxMaPjpD pic.twitter.com/zOyR8lZBWQ June 15, 2026 This week, security researchers at Mysk used software they have developed to illustrate the issue definitively . Using Loupe, they found that their iOS app reads a unique fingerprint while using Mullvad VPN , for example, but only reads a generic one while connected to Proton VPN. What to read next The best VPNs
    for iPhone top choices for iOS based on expert testing GrapheneOS patches an Android VPN bypass that Google decided to leave alone Mullvad pushes update
    in a bid to make your iOS VPN app even more secure but there's a catch

    While TechRadar confirms the findings regarding Proton, the team could not independently verify whether every other VPN service is affected.

    However, Mullvad previously pointed out issues related to having a static IP address and how this could bring privacy concerns.

    In January, the VPN provider, which is highly regarded for its rigid privacy stance and no-logs policy, already noted that keeping a static IP for each device could be leaked via technologies like WebRTC , and help identify and track user activity.

    In its blog, Mullvad advised that it was planning to introduce WG-dynamic assignment to help with the issue. In May, the provider announced its intention to fix another IP fingerprinting issue after researchers raised the matter. An iOS issue Researchers appear to confirm that the issue is on the platform level, suggesting that Apple's operating system needs updates in its VPN handling rather than the other way around.

    It is not yet clear whether Apple is actually addressing these issues.

    This isn't the first time Apple's platforms clash with VPNs, either. Both security researchers at Mysk and Mullvad have also been publicly complaining about another iOS behaviour that could lead to a traffic leak during the
    app's updates.

    In April, Mullvad decided to push an update to make its iOS app more secure, leveraging an iOS configuration option called includeAllNetworks to act as an airtight kill switch.

    "We have decided that we are not going to wait anymore and we would like to offer our users the best possible privacy and security, even if it comes with major UX limitations," Mullvad said in its blog post , while admitting that traffic will keep leaking during the update process.

    Apple, however, doesn't seem to be aiming to fix this issue. Even in the newest iOS and iPad OS beta, Mysk found that the device's real IP still leaks during updating a VPN app while it is active.

    At least for this 'leak,' though, Mullvad users will now receive a notification beforehand so they can choose the safest moment to update. While for IP fingerprinting, non-Proton users may need to wait a big longer for a fix. Today's best VPN deals NordVPN 2 Year 2.59 /mth View +3 months free Surfshark 24 Months 1.49 /mth View Proton VPN 24 Month 2.39 /mth View We
    check over 250 million products every day for the best prices



    ======================================================================
    Link to news story: https://www.techradar.com/vpn/vpn-services/security-experts-reveal-proton-is-t he-only-vpn-to-avoid-internal-tunnel-ip-fingerprinting-on-ios


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)