iOS VPNs and portable storage for Apple devices

Mark Gibbs | April 11, 2013
First up, serious networking stuff concerning Apple and how iOS supports VPNs and how it won't in future.

If you plan to use a mobile device in the real world where security matters then you'll need to use a VPN to connect back to the mothership. What Apple supported in iOS has been an automatic VPN invocation method called an "On Demand VPN," such that when a connection is attempted, a VPN is always invoked.

Alas, a company called VinetX (often cited as a "patent troll") took Apple to court with the claim that this technique was covered by a patent it holds and VirnetX won ... to the tune of $368 million in damages!

Apple has decided that the solution to this loss is that future versions of iOS (6.1 and later) will only establish a VPN if needed rather than always requiring one, and then only if the host DNS can't be resolved. In other words, a key method for locking down network access for iOS devices in the enterprise will be broken in the near future.

What will this mean in practice? Rather than slice and dice the topic here, I recommend reading a white paper written by my friends at Mobile Active Defense. Bottom line: Enterprises lose a feature that has been very handy and will have to rethink their "call home" strategy.

Interestingly, in 2010 Microsoft was also found guilty of infringing the same VirnetX patent and had to pay damages of $200 million, while last month Cisco was ruled to not infringe the same and thereby dodged a bullet worth $258 million! Just how broken does the patent system have to become before something is done about it? Please comment below ...

