Remove IVPN

Remove IVPN from list of recommended VPNs for it’s failure to implement a functioning kill switch.

When using Apple services on iOS 16+, a VPN connection does not fully protect your privacy against Apple. Even with an active VPN connection and kill switch enabled, traffic from your iOS 16+ device to Apple servers can leak outside the VPN tunnel and expose your local IP address to Apple. For this reason, during the next release we are removing the kill switch feature from the IVPN iOS app. Connections to non-Apple servers are not vulnerable to this leak, thus general privacy benefits of your VPN connection are unaffected.

Last time I’ve checked, Mullvad VPN also doesn’t have a kill switch on iOS.

This might just be an iOS problem instead.

While you are at it, maybe remove VPNs completely then? It is Apple issue, not a VPN software issue but people fail to see that.

This seems like an issue made due to frustration with current discussion on Proton. Platform leaks are different from leaks due to faulty implementation. One of them can be solved by the VPN vendor. Hope you are able to eventually see that.

I don’t feel it really makes much sense to remove it because of the leakage on apple devices. AFAIK, all VPN, at least on iOS suffer from the same problem because it’s the way it’s designed. Removing ivpn for this criteria would effectively mean that every other vpn that has an iOS client would also have to be removed.

Original article from IVPN: Removal of kill switch from our iOS app due to Apple IP leak issue

In my personal, unofficial opinion, between this thread and the one about ProtonVPN from the other week, the real problem here is the killswitch criteria. If we continue to enforce that, then we can’t recommend any VPNs for iOS except Private Relay, which isn’t even really a full-VPN because it only works in Safari (as I understand it) - among other concerns with that idea.

In my official opinion as a team member, I’ll bring this up to the team to discuss. But be patient with us as it is the holidays, some of our team members are on PTO, and it may take a while to get a decision sorted out.

A similar issue is DNS leakage on Android, which remains unresolved in Android 15.

But since this is an OS issue and not a VPN provider issue, it has not affected the recommended list.

I believe the same applies to this current issue. It’s information worth noting, but I don’t think it warrants removal from the recommended list.

Don’t think “killswitch” is the problem. Recommending platforms (for VPN use) that don’t enforce it are. The material that goes “hide traffic from ISPs” is. The public VPN providers that don’t implement “killswitch” are.

In short, if there’s a “killswitch”, the VPN client must implement it and optionally let the user enable it, regardless of the platform’s enforcement (or lack thereof).

In Android’s case, on a non-rooted device, the traffic “leaks” with “killswitch” is minimal, but without it, all bets are off. Recommending using VPN clients on Android, then, without a “killswitch” is diabolical and a dangerous suggestion.

In iOS’ case, from what I read on these forums, the “killswitch” only exempts Apple apps (discounting non-leaking but non-recoverable bugs such as loss of Internet connectivity when the VPN client implementing “killswitch” itself is “killed”), which is still okay in the grand scheme of Apple’s walled-garden.