Apple is deceiving our/iCloud Private Relay users? Ideas?

In the user interface, Apple says:

iCloud Private Relay keeps your internet activity private Private Relay hides your IP address and browsing activity in Safari and protects your unencrypted internet traffic so that no one-including Apple-can see both who you are and what sites you're visiting

BUT when I look at the Apple IT support documentation the above is contradicted.

Based on it, what would be true is:

iCloud Private Relay keeps your WEB activity private Private Relay hides your IP address and browsing activity in Safari and protects your unencrypted WEB and UNENCRYPTED APP traffic.

In addition to the corrections I made above, the rest of it (below) is just…terribly problematic! I’m not even sure how to correct it but it’s wrong. Agreed? I mean any aware user is (likely) going to know that if you tell a website like your bank) who you are, while using iCloud private relay (IPR), it will know who and where you are. But they’ll also know your IP, since Apple is saying only to us that encrypted internet traffic doesn’t go through IPR. This would include HTTPS, SMTPS, IMAPS, GOPHERS, … And even a fairly savvy user reading the following isn’t going to realize that Apple is not fixing the Panopticon problem, meaning that as is, the following part is generally false and de deceiving:

…so that no one-including Apple-can

see both who you are and what sites you're visiting.

What’s a customer going to think when they realize that our apps aren’t delivering what Apple‘s promising because it’s inconsistent about what is promising to who?

Is there already discussion going on about this? seems like a big issue…

Fortunately, Apple is saying the product is in beta, so they will likely be extra open to and relatively responsive to feedback. But I wanted to talk with other developers about it so that’s why am bringing it up here. Maybe I’m misunderstanding stuff.

Up vote post of MrElvey Down vote post of MrElvey
1.6k views
Posted by
MrElvey
Reply

  • Eaton’s provided some helpful info here but it does seem to confirm the issue: https://developer.apple.com/forums/thread/683957

    MrElvey

  • I noticed iCloud private relay doesn’t relay traceroute packets either but does relay some https traffic. I think perhaps it should be called alpha? Seems completely unpredictable

    MrElvey
Add a Comment

Replies

To clarify, the following traffic is protected by Private Relay:

  • All Safari traffic (including safari view controller). This is all traffic, whether HTTP, HTTPS, or anything else.
  • Unencrypted DNS traffic generated for apps
  • Unencrypted TCP port 80 and other http:// scheme traffic in apps

This is what is described as “activity in Safari” (all Safari) and “unencrypted Internet traffic” (DNS and HTTP). The Apple IT documentation is consistent with this, to my reading.

Posted by
Frameworks Engineer
Post not yet marked as solved Up vote reply of Frameworks Engineer Down vote reply of Frameworks Engineer

  • from the specific writing of it, should we assume that Chrome, Firefox or other browsers are not afforded the benefits and that the traffic is routed via IPR is mostly a Safari benefit?

    Yes it mentioned “on apps” for dns and http but the way it’s written now seems to the greatest benefit of IPR is Safari only. I’m just trying to understand and not accusing Apple of anything.

    netling
Add a Comment