I don’t see any need for even debating. It doesn’t meet the criteria if you know how to read, so it should be removed for the moment. It’s pretty simple. If you want to discuss changing the criteria or put a disclaimer, create another thread ?
5 Likes
At a minimum, a note needs to be added ASAP that it doesn’t work as advertised on all platforms and therefore does not meet minimum criteria.
4 Likes
If we’re going to make a change at all, just remove it. Why even have minimum requirements if they won’t actually be followed?
Why are people contorting themselves to argue in favor of keeping ProtonVPN recommended even though no one is disputing the fact that it doesn’t meet the minimum requirements?
6 Likes
Please submit actual proofs of it being broken. Did you contact support?
Also, does any traffic flow out except system traffic etc? How does it compare to Mullvad?
Removing Proton VPN is a big ask, so please provide proofs of your claims.
Proton confirms the macOS issue in the linked Reddit thread. The linux issue has been confirmed by Proton as well according to the linked article and has been replicated by users on this forum several times
Yes
I haven’t seen anyone directly test Mullvad for the macOS issue yet, but I also haven’t seen any evidence that it suffers from the same problem. I tested the linux leak with Mullvad myself and did not see the leak that others were seeing with Proton.
Please read through the thread more carefully. All of your questions have already been addressed.
4 Likes
Why exactly is this such a big ask? There seems to be a surprising amount of resistance to this even given the available evidence and I’m not sure I understand why. Killswitch functionality is essential in a VPN client in my view, and PG seems to feel the same given that it’s one of the minimum requirements. When we have excellent alternatives like Mullvad and iVPN it just seems like a no brainer.
7 Likes
If we are not careful, there will be no recommended VPNs. Especially if the EU gets its way next year.
Vulnerabilities
The following potential privacy issues exist in Apple’s iOS and iPadOS.
1. Traffic to Apple services can bypass the VPN tunnel. This includes iCloud, Maps, Siri and notifications.
Solution: None. Apple does not make it possible to send this traffic through a VPN.
2. Connections that were established before you connected to Mullvad can bypass the VPN tunnel.
Solution: Connect to Mullvad, enable Airplane mode, turn off Wi-Fi if it’s on, then disable Airplane Mode.
3. Apps on the device can be designed to bypass the VPN tunnel by routing traffic over cellular/mobile data.
Solution: Disable cellular/mobile data.
4. A malicious Wi-Fi network can instruct the device to send Internet traffic outside of the VPN tunnel. This is known as the TunnelCrack LocalNet attack.
Solution: None.
5. When connected to Mullvad VPN and switching from one VPN exit server to another, during the switching process, any apps running in the background that had established connections (from within the tunnel) may leak traffic outside the VPN tunnel. Server switching can be user initiated, or happen automatically for a variety of reasons.
Solution: None.
2 Likes
Aren’t all of those just limitations of iOS/iPadOS? I wouldn’t be opposed to adding a note about those issues but I don’t feel that those belong in this thread.
Yes. That is the real question. Why is one using an Apple device if privacy is such a concern? It seems Apple does not play well with VPNs in general. Asking to remove Proton from an OS that is awful for privacy at best (regardless of VPN provider) is throwing the baby out with the bathwater.
3 Likes
100% agreed. Man, I really hope that they will add 
as a reaction option.
This makes no sense to me. The issues with Proton brought up in this thread involve both linux and macos and are not due to OS level limitations. If it’s the VPN provider’s fault, we should hold them accountable.
9 Likes
I think the iOS issue still persists as it always did. Don’t think they fixed it unless I missed that news. Killswitch works with other VPNs on macOS so that feels like a Proton issue.
The problems are also fragmented.
2 Likes
I think that I’ve seen you mention a few times that you were a macOS user. Have you personally experienced those kill switch issues yourself? Just wanted to ask out of curiousity.
Yes I do use macOS and Linux. On Mac, I stopped using Proton because it wasn’t working as well where I moved so I started using Mullvad instead.
I did experience issues with Proton with killswitch but it worked sometimes and didn’t other times. It mostly didn’t. It wasn’t as fool proof as Mullvad is. I don’t know what it is, perhaps how Proton builds for Mac with the network extension which may be at fault on Apple’s end too? I’m not sure.
Mullvad’s and IVPN’s kill switch works well on Mac though.
2 Likes
Both VPNs leak IPs on Apple - just for different reasons. The rest is semantics.
Amending the VPN criteria is also on the table.
Though, I’m curious why iVPN and Mullvad, the other 2 recommended providers don’t have the same issue? Any pointers?
No clue, but… I’ve seen this movie before:
4 Likes
It’s not semantics. The killswitch should work as well as possible on every platform. You also continue to ignore the linux issue.
7 Likes
I’d vote for amending the criteria instead. I concern with two points:
Point #1:
We require all our recommended VPN providers to provide standard configuration files which can be used in a generic, open-source client. If a VPN provides their own custom client, we require a kill switch to block network data leaks when disconnected.
This phrase should be amended to:
We require all our recommended VPN providers to provide standard configuration files which can be used in a generic, open-source client. If a VPN offers its own custom client, and it’s been proven feasible to implement a kill switch on a platform, we require a kill switch to block network data leaks when disconnected on that platform.
Point #2 is regarding “responsible marketing”:
If a kill switch is advertised, the feature should works as expected.
Can’t implement a kill switch on certain platforms? Then don’t implement it. It’s that simple. Selling a kill switch while knowing that it’s impossible and doesn’t work as advertised is irresponsible.
4 Likes
I actually made a proposal for making some modifications to the current Privacy Guides VPN recommendations page/section in a thread here, as a middle-ground alternative to the proposal made in this thread. You can take a look at it and leave your comments and thoughts on it in the replies on there if you’d like. You’ll find the proposal itself, along with all of my logic and reasonings behind it in both the OP and the subsequent replies that I made below it.
Except, PG also recommends VPNs for its ability to ‘hide traffic from ISPs’.[1]
Without a functional “killswitch” (one that’s at least enforceable on installed / 3p apps even if OEM / 1p apps are exempt), the clients by recommended VPN providers aren’t even required to do that. So, in essence, PG might as well stop recommending using VPNs, altogether?
In short, VPN can’t even hide traffic like they claim? There’s a word for such services and it rhymes with cake foil (: maqp, where art thou?
Should I use a VPN? Yes, almost certainly. A VPN has many advantages, including: Hiding your traffic from only your Internet Service Provider. How Do VPNs Protect Your Privacy? Our VPN Overview - Privacy Guides / https://archive.vn/ovnP1 ↩︎
1 Like