No iOS VPN changes on already shipped devices

By , Apr 26, 2013

iOS 6 (Settings, VPN On)

On April 5, Apple acknowledged via a support document that it “will be changing the behavior of VPN On Demand for iOS devices using iOS 6.1 and later” due to a lawsuit by patent holding firm VirnetX file against Apple in November 2011. VPN technology, which stands for Virtual Private Networking, extends corporate networks securely across public networks like the Internet, allowing users to access a private network as if they were directly connected to it.

Apple originally planned to remove the ‘Always’ configuration option for VPN On Demand with the ‘Establish if needed’ option. The revised document specifically mentions Apple will not be changing the VPN behavior on “devices that have already been shipped”

A revised support document reads:

Apple no longer plans to change the behavior of the VPN On Demand feature of iOS 6.1 for devices that have already been shipped. The “Always” option will continue to work as it currently does on these devices.

As MacRumors speculates, the mention of “devices that have already been shipped” leaves room for interpretation that it may make changes to devices that have yet to ship.

iOS 6.1 VPN On Demand changes

A federal jury in November 2012 ordered Apple to pay $368.2 million to VirnetX in damages.

But as the two parties later worked out a royalty deal, it’s fairly possible that Apple’s backtracking on the previously announced VPN changes in iOS is a direct result of the two sides possibly reaching a mutually beneficial agreement.

  • Share:
  • Follow:
  • pauleebe

    But it will have to be implemented software-side. VPN is a software service, and I doubt Apple wants iOS devices out there running multiple variants of iOS depending on when they were manufactureed. So I think we’ll see a 6.1.4 or 6.2 with other features to rectify this.

    • Falk M.

      Probably just a plist setting and newer devices will have a “false” where older devices will be have a missing or “true” entry.

      On updating the iOS firmware that value is kept or set as true for devices that lack a flag for this feature’s availability and accordingly to that value the phone will act accordingly.

      Problem solved.

      • pauleebe

        No .plist is low level enough to prevent being changed when a DFU restore is performed. Apple just isn’t changing their software it seems.

      • Falk M.

        Restore means that an old value is written back.
        Either no value is written which equates to “true” (the feature is active) and will be translated to true later on again or it’s clearly false, a “flag” that only newer devices ever will get, because it shipped with it.

        If you mean restoring from an old device, I guess that iTunes could simply check for the manufacturing date of the phone and create the false flag itself.

      • pauleebe

        A DFU restore wipes clean from the IPSW that is supplied via Apple’s servers, or is at least, verified to be an exact match of what Apple’s servers permit on that device. I’m not talking about a restore from backup. And there is only one variant of iOS per device on Apple’s servers (I have direct links to verify this)

        So I don’t entirely think what you are saying is wrong, but if no modification to software is being issued to address this, and if they are using flags in a .plist, phones manufactured past date XYZ will have no VPN functionality, as their functionality will just be “disabled”.

      • Falk M.

        Oh right, that you mean. Yeah, that’s true.
        Didn’t pay enough attention to your words I guess haha :P

      • myfriend 123

        Nice info .