The latest update for our macOS app implements a firewall-based Kill Switch to keep your data safe even if you are disconnected from your VPN server.
What is a Kill Switch?
The new, firewall-based Kill Switch prevents your IP address and DNS queries from being exposed in the event you are disconnected from a VPN server for any reason. When you enable Kill Switch, if you lose connection to the VPN service, the Kill Switch will block all external network traffic until it automatically re-establishes a connection to a VPN server.
Technical background and implementation
Proton VPN’s macOS app utilizes the IKEv2 protocol, which allows for theoretically higher speeds and connection stability (when switching networks or on the go) than the OpenVPN protocol. It also has the benefit of being natively supported by Apple at the OS level. While this has certain benefits in terms of native integration into the OS, it also imposes certain constraints. In general, a kill switch, as defined above, is not possible for IKEv2 VPNs on macOS, which is why in the past, we have provided Always-on VPN, which automatically reconnects users to a VPN server if the connection is broken, as an alternative. The Always-on VPN will remain, and will now be complemented by the improved Kill Switch feature we are introducing today. (As of version 1.5.3, the Always-On VPN setting is no longer visible in Settings. The feature is always enabled by default for security, and it is not possible to turn off Always-On VPN.)
Implementing a Kill Switch (as defined above) required us to work around certain limitations within Apple’s native VPN infrastructure, specifically that it does not allow an app to fully block network traffic outside of the VPN connection on an Apple device. To resolve this, we have created a helper application to generate a packet filter. Now, whenever you connect to a VPN server with Kill Switch enabled, the packet filter blocks all external network communications except for those routed through the VPN server you are currently connected to. Since all your network traffic is restricted to the VPN server, if connection to the VPN server is lost, all Internet traffic is stopped immediately and your data is never exposed. This workaround of Apple’s network stack allows us to achieve what was previously impossible on macOS.
It is important to note that as of today, a Kill Switch, as we have defined it, is still not possible on iOS. This is because Apple’s network level restrictions on iOS are even more stringent than they are for macOS, so we cannot replicate the workaround we designed for macOS on iOS. Thus, from a technical standpoint, Always-on VPN is the best that can be achieved on iOS today. However, in the process of designing our Kill Switch workaround for macOS, we were in close communication with Apple engineers who expressed a willingness to reconsider their native VPN infrastructure’s restrictions. Those discussions have continued and we are currently working with Apple to find a way to implement a Kill Switch on iOS.
The addition of this new Kill Switch to Proton VPN for macOS will help you stay secure no matter how unstable your connection is. If you already use Proton VPN, your app will either update automatically or prompt you to update. Please join us on Facebook, Twitter, and Reddit and let us know what you think!
The Proton VPN Team
You can get a free Proton VPN account here.
To get a free Proton Mail encrypted email account, visit: proton.me/mail