Good overview of one of this week’s biggest announcements from Dave Hamilton for The Mac Observer:
Apple’s iCloud Private Relay works similar to a VPN in that it
routes your traffic through other servers, hiding your IP address
from the websites you visit, and hiding your traffic from whomever
manages your local network. Where it differs is that a VPN is
generally just one server between you and the website you’re
visiting. With a VPN, your traffic takes the route of You ↔︎ VPN
Server ↔︎ Website. Private Relay adds another server to the
mix, which ensures that no one in the chain — not even Apple — can see the whole picture: You ↔︎ Apple’s Ingress Server ↔︎
Content Provider’s Egress Server ↔︎ Website.
This is, as Apple calls it in their “Get Ready for iCloud Private
Relay” WWDC Session on the topic, “Privacy by Design.”
Apple made specific mention that while the “Ingress Proxy” servers
are run by Apple, the “Egress Proxy” (aka the server which
communicates with the websites you visit) is not controlled by
Apple and is under the control of “a (trusted) content provider”.
This means that Apple doesn’t know what site(s) you’re visiting,
and the third-party content provider doesn’t know who you are.
I’m using this on both an iPhone and iPad running the new OS betas, and it doesn’t seem to slow anything down. I did run into a problem where initially, both devices were saying I needed to upgrade to a paid iCloud account to enable the feature in Safari (also for Mail’s new tracker privacy protection), even though I’ve got an Apple One family account. I “fixed” that by restarting both devices after poking around the iCloud section in Settings. Not a bad bug for a developer beta 1 — just figured I’d mention it here in case anyone else runs into it.