Onavo Protect is a free and popular VPN owned by Facebook.
Facebook ostensibly uses Onavo to monitor user network traffic, specifically to gain insight into what is and isn't working in competing apps. That kind of sucks if you're building a consumer app and aren't planning on selling it to Facebook.
Detecting if the people who use your app are also using Onavo and encouraging them to disable it might be helpful to you.
Here is some Swift code that does that:
func checkForBadIP (_ ip: String) -> Bool {
let badIPs = [
"147.75.208.",
"147.75.209.",
"147.75.210.",
"147.75.211.",
"147.75.212.",
"147.75.213.",
"147.75.214.",
"147.75.215.",
"147.75.216.",
"147.75.217.",
"147.75.218.",
"147.75.219.",
"147.75.220.",
"147.75.221.",
"147.75.222.",
"147.75.223.",
"185.89.216.",
"185.89.217.",
"185.89.218.",
"185.89.219.",
]
let startsWithBadIp = badIPs.reduce(0, { (result, prefix) -> Int in
if ip.hasPrefix(prefix) {
return result + 1
}
return result
})
return startsWithBadIp > 0
}Use it like this:
// you'll probably want to use your own API to get the device's external IP if possible
let url = URL(string: "https://api.ipify.org?format=json")!
URLSession.shared.dataTask(with: url, completionHandler: { (data, response, error) in
guard let data = data, error == nil else { return }
do {
let json = try JSONSerialization.jsonObject(with: data, options: .allowFragments) as! [String:Any]
guard let ip = json["ip"] as? String else { return }
if self.checkForBadIP(ip) {
// show a UIAlertController explaining why you might want this person to disable Onavo
} else {
// ... load as normal ...
}
} catch let error as NSError {
print(error)
}
}).resume()A few caveats:
- This code could be a lot better
- This might not be a conclusive list of IP addresses
- What you do when detecting a "bad" IP address is up to you. A strongly worded
UIAlertControllerthat educates someone about Onavo might do the trick. Or, if you're extra paranoid, you might lean towards blocking access to your app entirely.