Google adds VPN to iPhones using Google Fi plans

AppleInsider · June 25, 2021 11:18AM

Google has announced that iPhone users on any of its Google Fi phone plans will now automatically get a built-in VPN service.

Google Fi for iPhone now includes a VPN

Previously announced

on "Safer Internet Day" in February 2021, Google has now begun rolling out its VPN service to iPhone users (check for the best VPN deals). The VPN has been available on Android, where it has seen high usage on its Google Fi phone plans.

Announced on the official Google Fi Twitter account, the new service is rolling out now.

Starting today, we're expanding our built-in VPN to iPhone.

With the Fi VPN, you get a private online connection and more protection from hackers included on all plans. Learn more https://t.co/TABM9FSYFB pic.twitter.com/WVfTlcpTRO
-- Google Fi (@googlefi)
June 24, 2021

"We aren't updating every user all at once," continued Google Fi support on Twitter. "But the update will be widely available to users over the coming weeks."

"The Fi VPN helps you stream, browse and download on an encrypted, private connection," says Google in a statement. "It prevents websites from using your IP address to track your location and helps shield you from hackers - even while you're using unsecure networks."

Google Fi is a phone plan that also offers "free spam call detection and blocking." Its plans start from $20/month for one person.

Users on other cell plans can still add VPNs from third-party companies. Apple's forthcoming iOS 15, iPadOS 15, and macOS Monterey won't include a full VPN, but will offer similar privacy protection via Private Relay.

Keep up with everything Apple in the weekly AppleInsider Podcast -- and get a fast news update from AppleInsider Daily. Just say, "Hey, Siri," to your HomePod mini and ask for these podcasts, and our latest HomeKit Insider episode too.

If you want an ad-free main AppleInsider Podcast experience, you can support the AppleInsider podcast by subscribing for $5 per month through Apple's Podcasts app, or via Patreon if you prefer any other podcast player.

Read on AppleInsider

gatorguy · June 25, 2021 12:14PM

No sign of the VPN here. I've been on Google Fi for several weeks now, 100% happy with it so far BTW, and updated the app yesterday. When the VPN becomes available you will know it because "Privacy" settings tab will change to "Privacy and Security". Rolling out in stages is certainly accurate.

edited June 2021

gaby · June 25, 2021 12:15PM

Well you’d have to be pretty stupid to use a google VPN. Though in truth I’m dubious about all modern VPNs. There was one that came with Ironkey’s more premium device years ago that I used when necessary. Of course they have their uses but I’d advise anyone only to activate for the bare essentials. If it’s browsing related, Tor is the more secure option. It’s certainly one way of them solving the problem of all the valuable data they have been losing over the last couple of years, and smart/sly to boot. They ensure that one way or another they’re creating detailed profiles on vast swathes of the population - again relying on the average person’s lack of understanding. Of course with schemes such as these they can perpetuate the notion that they are becoming more privacy focused by slowly deprecating cookies etc thus increasing user trust in them.

jeromec · June 25, 2021 12:16PM

Having an always-on VPN from Google ?????

Makes it easier for Google to see all your traffic.

What could possibly go wrong ?

edited June 2021

gatorguy · June 25, 2021 12:22PM

jeromec said:

Having an always-on VPN from Google ?????
Makes it easier for Google to see all your traffic.

What could possibly go wrong ?

Gaby said:

Well you’d have to be pretty stupid to use a google VPN. Though in truth I’m dubious about all modern VPNs. There was one that came with Ironkey’s more premium device years ago that I used when necessary. Of course they have their uses but I’d advise anyone only to activate for the bare essentials. If it’s browsing related, Tor is the more secure option. It’s certainly one way of them solving the problem of all the valuable data they have been losing over the last couple of years, and smart/sly to boot. They ensure that one way or another they’re creating detailed profiles on vast swathes of the population - again relying on the average person’s lack of understanding. Of course with schemes such as these they can perpetuate the notion that they are becoming more privacy focused by slowly deprecating cookies etc thus increasing user trust in them.

Posting from a position of ignorance I see? You both could have done a cursory search for the Google VPN service before commenting, at least have some basic understanding to it. Or just do the typical FUD parade and know nothing. Carry on as you think best.

edited June 2021

22july2013 · June 25, 2021 12:50PM

Encryption by itself solves nothing. If it did, everything on the Internet would be secure because every character on the Internet is encoded in ASCII, which is a code with a key. What matters is the algorithm, key production, and key management. A VPN may use a good algorithm, but the session keys are held by the VPN provider, in addition to yourself, which could completely negate the security of both the algorithm and the key.

wood1208 · June 25, 2021 12:51PM

Would be nice if Google Fi on iPhone can dynamically switch carriers similar to google phones.

gatorguy · June 25, 2021 12:54PM

wood1208 said:

Would be nice if Google Fi on iPhone can dynamically switch carriers similar to google phones.

With T-Mo buying out Sprint who is the other dynamically switched service, I'm not sure it matters anymore.

gatorguy · June 25, 2021 12:54PM

22july2013 said:

Encryption by itself solves nothing. If it did, everything on the Internet would be secure because every character on the Internet is encoded in ASCII, which is a code with a key. What matters is the algorithm, key production, and key management. A VPN may use a good algorithm, but the session keys are held by the VPN provider, in addition to yourself, which could completely negate the security of both the algorithm and the key.

https://www.gstatic.com/subscriptions/marketing_page/vpn/white_paper_4f995ab5d7c7edc3d3f14f2e0593f790.pdf
Page 3

"...we’ve split authentication from the data tunnel setup into two separate services:
● Authentication service: This service validates users’ access to VPN by Google One. The client first generates an OAuth token and a blinded token (see below for definition). Then, the authentication service validates and exchanges the OAuth token for a signed blinded token.
● Key Management Service: The client can then ‘unblind’ this signed blinded token using cryptographic blinding. When the client connects to the data tunnel server, it provides only this signed unblinded token to the data tunnel server.

Thus, the only piece that links the authentication server to the data tunnel server is a single, public key, used to sign all blinded tokens presented during a limited period of time. The blinding algorithm employed was first described by Chaum in 1982 , and is commonly 5 referred to as ‘RSA Blind Signing’. The goal is to never use the same identifier in the Authentication server and the Key Management Service. To accomplish this, the client generates a token, hashes it using a Full Domain Hash, and combines it with a random value and the server’s public signing key to produce a blinded token. That blinded token is then signed by our authentication server.

When the client wants to connect to the VPN, it can unblind the blinded token and its signature using the random value only it knows. The unblinded token and the signature are then verifiable by our Key Management Server. The servers are physically distinct and only share a cryptographic root-of-trust to validate the signed unblinded token; they strictly share no other information - specifically, no user identifiable information is available to the data tunnel servers."

edited June 2021

georgebmac · June 25, 2021 1:32PM

jeromec said:

Having an always-on VPN from Google ?????
Makes it easier for Google to see all your traffic.

What could possibly go wrong ?

Google wants to be the only one watching what you do.

I guess that's better than anybody & everybody.

mac_dog · June 25, 2021 4:20PM

Oh, christ, users beware.

mejsric · June 26, 2021 5:58AM

checking the date and it's June, not April.

correct me if im wrong... time has been confusing since i learn about TVA.

jeromec · June 26, 2021 1:57PM

gatorguy said:

jeromec said:

Having an always-on VPN from Google ?????
Makes it easier for Google to see all your traffic.

What could possibly go wrong ?

Gaby said:

Well you’d have to be pretty stupid to use a google VPN. Though in truth I’m dubious about all modern VPNs. There was one that came with Ironkey’s more premium device years ago that I used when necessary. Of course they have their uses but I’d advise anyone only to activate for the bare essentials. If it’s browsing related, Tor is the more secure option. It’s certainly one way of them solving the problem of all the valuable data they have been losing over the last couple of years, and smart/sly to boot. They ensure that one way or another they’re creating detailed profiles on vast swathes of the population - again relying on the average person’s lack of understanding. Of course with schemes such as these they can perpetuate the notion that they are becoming more privacy focused by slowly deprecating cookies etc thus increasing user trust in them.

Posting from a position of ignorance I see? You both could have done a cursory search for the Google VPN service before commenting, at least have some basic understanding to it. Or just do the typical FUD parade and know nothing. Carry on as you think best.

Not really ignorant.
This is a VPN, or at least is presented as such by Google.
That means Google has access to your IP address as well as all your non-VPNed traffic at the exit point.
Note that since in the case of Google Fi, Google also acts as ISP, and therefore already sees all your traffic unless you use a 3rd party VPN, it does not matter much.

This is how, by providing a Facebook-owned VPN, Facebook identified the trends in Snapchat stories for example.
So I never would give such access to Google, whom I do not trust much more than Facebook.

Apple made great efforts explaining how their iCloud Private Relay, and how it is different from a VPN.

gatorguy · June 26, 2021 9:14PM

jeromec said:

gatorguy said:

jeromec said:

Having an always-on VPN from Google ?????
Makes it easier for Google to see all your traffic.

What could possibly go wrong ?

Gaby said:

Well you’d have to be pretty stupid to use a google VPN. Though in truth I’m dubious about all modern VPNs. There was one that came with Ironkey’s more premium device years ago that I used when necessary. Of course they have their uses but I’d advise anyone only to activate for the bare essentials. If it’s browsing related, Tor is the more secure option. It’s certainly one way of them solving the problem of all the valuable data they have been losing over the last couple of years, and smart/sly to boot. They ensure that one way or another they’re creating detailed profiles on vast swathes of the population - again relying on the average person’s lack of understanding. Of course with schemes such as these they can perpetuate the notion that they are becoming more privacy focused by slowly deprecating cookies etc thus increasing user trust in them.

Posting from a position of ignorance I see? You both could have done a cursory search for the Google VPN service before commenting, at least have some basic understanding to it. Or just do the typical FUD parade and know nothing. Carry on as you think best.

Not really ignorant.
This is a VPN, or at least is presented as such by Google.
That means Google has access to your IP address as well as all your non-VPNed traffic at the exit point.
Note that since in the case of Google Fi, Google also acts as ISP, and therefore already sees all your traffic unless you use a 3rd party VPN, it does not matter much.

This is how, by providing a Facebook-owned VPN, Facebook identified the trends in Snapchat stories for example.
So I never would give such access to Google, whom I do not trust much more than Facebook.

Apple made great efforts explaining how their iCloud Private Relay, and how it is different from a VPN.

I gave everyone a link to read up on how Google's VPN works. You should take advantage of it BEFORE posting. Perhaps you missed it, or didn't care to read it, but on the off-chance you're interested here it is again.
https://www.gstatic.com/subscriptions/marketing_page/vpn/white_paper_4f995ab5d7c7edc3d3f14f2e0593f790.pdf

Apple's cloud relay....
https://www.intego.com/mac-security-blog/is-apples-icloud-private-relay-a-vpn-not-even-close-heres-why/

edited June 2021

Google adds VPN to iPhones using Google Fi plans

Comments