Questions about iCloud Private Relay

MojoBojo · March 12, 2024, 10:14am

Hello everyone,

I wanted to ask some questions about iCloud Private Relay.

Do you recommend enabling this feature on iOS / macOS (while using Safari without a VPN)?

Does it leak some of the web traffic outside the encrypted tunnel? Or does it leak your IP in some situations?

If I install Mullvad DNS / NextDNS profile, is it ok to enable private relay ? Can it cause any leaks or problems ?

Rasta · March 13, 2024, 8:35pm

If you’re not using a VPN I don’t see any reason to not use it. Using it with a VPN provider though doesn’t work in my experience, it would notify me that it wasn’t useable when on a VPN. I’m not sure about DNS service compatibility though.

jordan · March 13, 2024, 9:50pm

You should get a warning if a website needs to bypass iCloud Private Relay.

From Apple’s overview document:

Private Relay helps protect users from this kind of unwanted tracking by
ensuring the traffic leaving their devices is encrypted, and by sending their
requests through two separate internet relays so that no single entity can
combine IP address, location, and browsing activity into detailed profile
information. It’s built directly into the networking framework of iOS, iPadOS, and
macOS, and protects traffic most susceptible to tracking: web browsing and
any connections that are unencrypted. As a result, Private Relay protects all
web browsing in Safari and unencrypted activity in apps, adding both privacy
and security benefits.

From Apples overview:

Custom DNS settings
If a user has configured custom-encrypted DNS settings using a profile or an
app, the DNS server specified will be used instead of ODoH. Safari connections
and all unencrypted HTTP connections will also resolve names using the
specified DNS server prior to routing through Private Relay.
An unencrypted DNS server provided by a local network or manually edited
in Settings (iOS) or System Preferences (macOS) will not be used for iCloud
Private Relay traffic.

Source: iCloud Private Relay security – Apple Support (AU)

MojoBojo · March 14, 2024, 8:32am

So, If I use Custom DNS with DoH Profile it will just replace the DNS server from Cloudflare to Mullvad for example but still hide my ip with a secondary server ?

jordan · March 16, 2024, 4:09am

Yes that is the way that I understand Apple’s documentation.

Topic		Replies	Views
Self-Hosted Multi-Hop VPN (iCloud Private Relay Alternative?) Guide Suggestions	9	939	May 5, 2024
Encrypted DNS (AdGuard Home, NextDNS, Quad9) with iCloud Private Relay Questions	1	804	October 10, 2023
Should I use a VPN? And if so, how? Questions	3	925	October 1, 2022
Hide.me VPN Tool Suggestions	2	385	February 9, 2024
Is my internet activity private if I use Mullvad VPN but have an ISP-provided router with closed-source firmware? Questions	14	618	December 18, 2023

Questions about iCloud Private Relay

Related Topics