iOS and iPadOS, some new privacy enhancement
iOS and iPadOS 15 are here. A couple of new features related to the privacy that I’ve appreciated and that I’ve immediatly activated.
Private Relay
When Private Relay is enabled, all of your browsing activity in Safari will be encrypted and then sent to Apple, so the ISP won’t see any of your web browsing requests. Once at Apple’s proxy server, the DNS request and the iPhone or Mac’s IP address will be separated. Your IP address will be retained by Apple, while your DNS request will be passed to a “trusted partner” that will let you visit the requested site. Your true IP will be hidden and the site will receive an IP provided by the “partner”. Apple didn’t name its partners, but visiting https://ifconfig.me while you have the “Private Relay” enabled, will let you see IPs owned by Akamai or Cloudfare. This means that Apple knows your IP address but not the name of the sites you’re visiting, and the “partner” knows the site you’re visiting but not your IP (so it doesn’t know who you are). Potentially neither the “partner” or Apple can easily track your navigation activities. Typically, websites we visit get our exact IP so they can build a detailed profile of who we are, where we are, and where we go online. Combine that with a few cookies it’s pretty simple to have our entire online activity profiled, tracked, traced, and sold to advertisers.
Private relay is provided as Beta service inside the new iCloud+ service released with iOS 15. I’m using the service since when the new iOS15 has been released and, for the moment, I found no problem.
Private Relay is available only if you subscribed to a iCloud+ paid storage plan.
Does it replace a VPN service?
Not at all! It’s really a nice-to-have service but it doesn’t replace at all a VPN service.
Private Relay works only with Safari and only for web navigation. It doesn’t hide any other connection and it doesn’t hide the region where we’re connecting from (but it hides the exact IP location) so we can’t access content locked out of our region or “see” websites as if we were connected from another country.
Hide my email
Back in 2019 Apple started a service called “Sign in with Apple”: it is basically a single sign on system based on the Apple ID. Through this service it’s possibile to provide a random generated email alias when you subscribe to a service. Every mail addressed to the alias are then redirected to the random generated email associated with the Apple ID. The single sign on allows you to authenticate to the services without using a dedicated password. The interesting thing is that you can decide to block the email forwarding or revoke the alias whenever you want.
With ‘Hide my email’ is now possibile to create this “fake” email alias even if you are not subscribing to any new service. With this service you can create an alias and use it as an email address to provide to different services even if they don’t offer the “Sign in with Apple” feature. Tired to received all of that spam from a service? You can easily destroy the alias. Are you receiving too many unsolicited email due to the fact that your email address has been sold to too many advertiser? Destroy the alias!
