New Apple iCloud Private Relay guide details what it doesn't cover
Apple's new iCloud Private Relay privacy feature remains in beta on iOS 15, but the company has now published a primer about how it works, how to use it -- and what it won't do.
Apple's iCloud Private Relay remains in beta
Originally announced as part of iOS 15, the feature has instead been in public beta, and problems have been found. Now Apple has published the "iCloud Private Relay Overview," which describes how the feature "protects users' privacy on the internet."
"Normally when a user browses the web, basic information related to their web traffic, such as their IP address and DNS records, can be seen by network providers and the websites they visit," says the document. "A user can then be targeted with unwanted ads and marketing campaigns, or have their data combined with additional data and sold to other companies."
The guide then details how iCloud Private Relay sends a user's browsing "requests through two separate internet relays so no single entity can combine... browsing activity into detailed profile information."
Apple's document chiefly reiterates the same detail that it announced at WWDC 2021, and expanded on in a developer video. What this new publication adds is detail of when iCloud Private Relay will not work.
Users who have moved between Wi-Fi and cellular hotspots may already have seen repeated notifications about iCloud Private Relay switching off, and then back on again. Apple's guide now explains why.
"Cellular services, such as Multimedia Messaging Service (MMS), telephony services (XCAP), Entitlement Server access, tethering traffic, and Visual Voicemail," it says, "do not use Private Relay. These services are always accessed directly."
There are also intentional exceptions for when a user is in an enterprise company. "Most managed network settings that are used by enterprises take precedence over Private Relay," notes Apple.
Similarly, if any user has a VPN, or certain proxy configurations, internet traffic will not go through Private Relay.
Apple also says that company networks can block access to Private Relay. If that happens, "users will be alerted that they need to either disable Private Relay for the network or choose another network."
One issue the overview does not address is how Apple's new privacy feature will not be available in all countries, notably including Russia.
Read on AppleInsider
Apple's iCloud Private Relay remains in beta
Originally announced as part of iOS 15, the feature has instead been in public beta, and problems have been found. Now Apple has published the "iCloud Private Relay Overview," which describes how the feature "protects users' privacy on the internet."
"Normally when a user browses the web, basic information related to their web traffic, such as their IP address and DNS records, can be seen by network providers and the websites they visit," says the document. "A user can then be targeted with unwanted ads and marketing campaigns, or have their data combined with additional data and sold to other companies."
The guide then details how iCloud Private Relay sends a user's browsing "requests through two separate internet relays so no single entity can combine... browsing activity into detailed profile information."
Apple's document chiefly reiterates the same detail that it announced at WWDC 2021, and expanded on in a developer video. What this new publication adds is detail of when iCloud Private Relay will not work.
Users who have moved between Wi-Fi and cellular hotspots may already have seen repeated notifications about iCloud Private Relay switching off, and then back on again. Apple's guide now explains why.
"Cellular services, such as Multimedia Messaging Service (MMS), telephony services (XCAP), Entitlement Server access, tethering traffic, and Visual Voicemail," it says, "do not use Private Relay. These services are always accessed directly."
There are also intentional exceptions for when a user is in an enterprise company. "Most managed network settings that are used by enterprises take precedence over Private Relay," notes Apple.
Similarly, if any user has a VPN, or certain proxy configurations, internet traffic will not go through Private Relay.
Apple also says that company networks can block access to Private Relay. If that happens, "users will be alerted that they need to either disable Private Relay for the network or choose another network."
One issue the overview does not address is how Apple's new privacy feature will not be available in all countries, notably including Russia.
Read on AppleInsider
Comments
Browsers on macOS are another story. If they use the system's DNS resolver stub, then they get private relay for DNS. If they use their own DNS resolution (like Chrome), they do not get private relay for DNS. That said, the biggest reason some browsers do their own DNS resolution, though, is to use DNS-over-HTTPS, which provides protection from snooping on the local network (but not from snooping by the DNS provider).
If they go through the system APIs for web requests (like URLSession), they should also get private relay for HTTP sites. Most Mac browsers have their own network engines, so they would not get private relay for HTTP sites.