6.1 VPN Detection
Service: VPNDetectionService
What it does: Detects if VPN is active and shows installed VPN configurations.
Technical Implementation
- Checks network interfaces for VPN tunnels (utun, ipsec, ppp)
- Analyses network configuration using NEVPNManager
- Detects both system VPNs and app-based VPNs
What is Checked
- VPN connection active status
- VPN configuration installed
- VPN protocol type (IKEv2, IPSec, etc.)
6.2 Network Profiling (Local VPN)
Service: NetworkProfilingService + PacketTunnelProvider
What it does: Creates a local VPN tunnel to monitor all network connections from your device.
Technical Implementation
- Uses iOS Network Extension framework with Packet Tunnel Provider
- Creates a local-only VPN tunnel (no external servers)
- Batch packet forwarding for minimal performance impact
- Async metadata processing (doesn't block traffic)
- Hardware-accelerated packet handling via Accelerate framework
What is Monitored
- All TCP and UDP connections
- Destination endpoints (IP addresses and hostnames)
- Port numbers and protocols
- DNS requests (highlighted in green)
- Connection timestamps and data volume
Privacy Guarantee
- All traffic passes through unchanged - nothing is blocked or modified
- No data is sent to external servers
- Profiling data stays on your device
- You can stop profiling at any time
How to Disable
To disable the local VPN:
- Stop profiling from within the app, OR
- Go to iOS Settings → General → VPN & Device Management → VPN
- Find "PrivacyInsights" and tap the (i) button
- Toggle "Connect On Demand" off, or tap "Delete VPN" to remove completely