Thought this was pretty cool!
After 9 months of development, we’re super excited to finally launch Psylo, a new kind of private web browser for iOS and iPadOS.
In Psylo, each tab is its own “silo” with isolated storage, cookies, and even its own IP address. Psylo introduces advanced anti-tracking and anti-fingerprinting features that go beyond what a VPN can offer.
Tor Browser and Safari + Apple Private Relay already do this and have proven track records.
They do it somewhat differently. Look into it more.
I’ve been testing it for months now. It’s basically an SPN browser but not as low as Tor and way better than Apple Relay from what I could understand.
Yes, they can improve on many things still though. But not every piece of privacy tech needs to be or meet the highest of highest standards like GOS all the time for all the things.
I just mean, don’t discount it right away as you seem to have done given your comment.
I did read it… it is proprietary, they want $100 a year (Tor is free and iCloud+ is $12 a year), is capped to a pitiful 50GB a month, and they’re still under the steep limitations that Apple enforces on browsers.
And Apple’s APIs to proxy a tab is extremely awful and a leak fest.
I thought you could not download the TOR browser on iOS?
On this site:https://psylo.app/location/
Brave browser (android) with privacyguides configuration while connected to a vpn leaks my real location. I did the same test with Iron Fox with its default settings and it does not leak my location, why is that?
Should we only use Brave on android without a vpn and use Iron Fox with a vpn instead?
Yes yes. Good points.
I am just now reading the full manner in which they released it. I was given an understanding that they would be taking all the advice and recommendations for what privacy enthusiasts are asking for in the FOSS spirit. I didn’t know the specifics of the full release until right after I immediately commented on your comment.
I had only been testing this far.
I’m a little disappointed too now that I read all of how they seem to have released it.
Doesn’t sound like a bad browser, but as Tavi said, it’s not special as compared to iCloud Private Relay + Safari Private Browsing.
It’s proprietary, so not even that is an advantage compared to Safari.
Subscription tracking must rely exclusively on randomized identifiers.
iCloud Private Relay uses blind signatures. Not clear what they mean with randomized identifiers and how private are they.
Also, when you use Safari Private Browsing with iCloud Private Relay:
Separate sessions per tab. Every tab that the user opens in Private Browsing now uses a separate session to the iCloud Private Relay proxies. This means that web servers won’t be able to tell if two tabs originated on the same device. Each session is assigned egress IP addresses independently. Note that this doesn’t apply to parent-child windows that need a programmatic relationship, such as popups and their openers.
Not sure if this is the case in this browser.
Also
Psylo also includes more common anti-fingerprinting measures, such as canvas randomization, typically only found in desktop versions of privacy-focused browsers such as Brave, but not on iOS. This is due to Apple limiting apps to use the system-provided WKWebView.
Not true. Safari has had Canvas randomization in Private Browsing by default for a while, and it will be on even in normal browsing in iOS 26.
Overall, it can definitely be worse, but not sure about its advantages, especially with the fact that iCloud Private Relay also covers Mail, unencrypted http connections made by apps, and it encrypts your DNS requests + iCloud+ has other nice things with the relay, like mail aliases and E2EE cloud storage.
your real location is absolutely not leaked at all. that website simply uses a lookup table to determine a possible likely broad region based off of language locale and timezone.
Private Relay just doesn’t let you use servers outside of your general location and relies on the sheer size of the user base to cover that. Probably the best for overall usability, and also keeps sites like Netflix with region-specific content happy.
What is a SPN browser?
I am very interested in trying out Psylo, but the annual plan only has 50GB of data? Doesn’t seem like a lot even if I’m web browsing.
Doesn’t iOS still restrict all browsers to use WebKit? Does Psylo build on top of it and ensure privacy and security?
Will there be an Android version?
How come PG doesn’t recommend Apple Private Relay?
It’s only on Apple platforms and it doesn’t cover all device traffic. But for what it is, it’s pretty good. I use Private Relay all the time and it’s definitely a great option if you’re on iOS/macOS.
PG does have a guide on Safari. I’m surprised Private Relay wasn’t mentioned. I’ll turn it on then. I can’t use the private tabs for sites that I have to log in though. I wish some of the privacy/security features from private were available on the main tabs.
I think all of the same features are available in regular tabs except they won’t be ephemeral. You can use profiles to keep your browsing separate,
https://mysk.blog/2025/06/30/psylo-1.0-system-architecture
We’re excited to reveal that we’re currently working with Proton VPN to provide VPN connections for each proxy server. Websites accessed via Psylo only see Proton VPN IP addresses, and Psylo users enjoy many of the benefits provided by Proton VPN.
Why would one simply not get Proton VPN directly that’s also a better deal in several ways instead?
Proxy servers cannot inspect the contents of HTTPS traffic, although they do see destination hostnames. Our strict no-log policy ensures no host or IP data is logged or stored.
This is a big issue, with a two-party architecture like this the first node shouldn’t be able to see the destination. This essentially completely breaks the entire point. The DNS lookup should be done by the exit node. They’re using Cloudflare apparently who already offer ODOH anyway so I’m confused as to why this is done like this.
Do you think it might be some kind of policy limitation? I don’t really see why Cloudflare Warp would be able to build/tear down device-wide MASQUE connections and Apple can do the same for Safari/unencrypted traffic- but this is not available to a third-party browser. Assuming here that MASQUE doesn’t have the hostname exposing problem.
EDIT: Or maybe a platform limitation as per