Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple's iOS 9 Breaks VPNs

Posted by timothy on from the but-I-love-my-central-posterior-nucleus dept.

An anonymous reader writes with a report from The Stack that researchers have discovered a crucial security problem in the latest version of iOS 9: it breaks VPN connections to corporate servers. According to the linked piece, "The flaw was first detected in the iOS 9 beta, and has not been fixed in the released version. Neither has the bug been removed in the current iOS 9.1 beta." The workaround might not be what you want to hear, either, if you've happily upgraded to the latest version: it's to downgrade to iOS 8.4.1.

4 of 88 comments (clear)

  1. Android Too by Anonymous Coward · · Score: 2, Interesting

    Makes you wonder why:

    1. Cell manufacturers are moving to devices that cannot be truly turned off by removing the battery.
    2. Android after 4.4 broke persistent VPN support.
    3. Now iOS 9 breaks VPN support.

    Coincidence? Who might prefer to have a citizenry carrying locator beacons that cannot be turned off and where encrypting all data communication has been disabled?

  2. Re:Of course Apple wants into enterprise though? by Ayanami_R · · Score: 4, Interesting

    They have a LOT to do. We have had to switch our clients over to a chip and pin AD login from a regular local account. There is no easy way to do this, We can't apply the new security to the old accounts directly, or so I am told, so we have had to make another account and then "port" the old account data into the new one. Time machine broken, because it is protected by UID, no matching UID no backup, period. Keychain wonkiness, everything you know can go wrong with a keychain, has. Dropbox broken, easily fixed, but still... The best part, when 10.11 comes out no one can update because it will break al the chip and pin stuff and users won't be able to login. We have had to send 2 FAQ's on dealing with the asininity of all of this, and we are still stumbling across issues. One of my co-workers is tasked with something to do with programmers and root, that does not like these new accounts. No, I am not helping with that crap. BTW, when this happened with windows, they just pushed a package that did all the wizardry, which was simply installing a card reader driver, and a script that made sure that if there was a matching local account UID that it inherited that account.

    That brings me to the next issue, patch management, or rather the lack of it. When 10.11 comes out we have to hope everyone listens, because otherwise we're playing fun account movement games after downgrading them back to 10.10. users cannot install printers now, we have people bringing their printers in to work, so that we can install them. We have to patch everyone manually as there is no way to manage them with what we have.

    IT has been an absolute mess, and the boss, who is normally ok with letting a small thing slide without a ticket, is demanding that every interaction related to this, even 15 seconds, have a ticket so that he can show the massive time costs of this nonsense.

    --
    "Science is the power of man"
  3. Downgrade? by Anonymous Coward · · Score: 2, Interesting

    You can't downgrade if you didn't have a backup already.

    IOS 9 broke other things as well. IOS 9 won't connect to hidden SSID WIFI networks either. I can verify this issue. There are some other grumblings of WPA / WPA2 connection issues for some as well.

    Even some popular apps, like Words with Friends in my case don't work in IOS9.

  4. Great by allquixotic · · Score: 1, Interesting

    Switched from Android to iOS because Google won't fix their Bluetooth stack. I'll have to try my VPN on Friday and see if iOS 9 broke it. If so, I'll have to have two phones just so I can use two of the most important OS features that have been around for years but nobody can seem to get right (all at once, within one device, that is).