Proton avoids internal IP fingerprinting
Security experts found that Proton VPN is the only service tested that avoids internal tunnel IP fingerprinting on iOS, a vulnerability that can expose a user's real IP address through VPN tunnels. Other VPNs tested were susceptible to this privacy flaw.
Background
- **Proton VPN** is a popular VPN service (from the same Swiss company behind Proton Mail) often praised for its privacy-focused, no-logging stance.
- **IP fingerprinting** works even when you are connected to a VPN. Normally, a VPN hides your public IP, but internal VPN tunnel IP addresses (assigned to your device within the provider's network) can still be used to track you across sessions — a flaw known as "internal IP leakage."
- The key finding: security researchers tested multiple major VPN providers on iOS and found only Proton correctly randomizes or masks the internal tunnel IP, preventing this kind of tracking. Competitors like NordVPN, ExpressVPN, and Surfshark reportedly failed this test.
- **Why it matters:** This vulnerability is especially relevant for iOS users because Apple's network stack makes it harder for VPN apps to fully hide internal IPs by default. Proton developed a workaround that other providers have not yet implemented.