Apple recently announced a new Private Relay service that helps users maintain their privacy online.
The new feature is available with the companies iCloud+ subscription service. This new encryption-based service was one of the many privacy features announced by Apple at the WWDC 2021.
What is Private Relay and how does it work
Private Relay is an encryption-based system that helps users maintain their privacy while surfing the web with the Safari web browser. All the user’s requests and data sent out are end-to-end encrypted which Apple claims even Apple can not read.
The data is split into two different sets of data, one that includes your IP address (Who you are) and the second that includes your DNS request (What website you are visiting) before it is encrypted. This encrypted data is then sent to an Apple Proxy server and then to a third-party proxy server that is run by a partnering company. Cloudflare is currently one such known company that would host the second server.
Apple does not hold the keys to DNS encryption hence can only see your IP address, not the websites you are visiting. Apple’s servers now forward the DNS data to the third party server but with an anonymous IP address that is created on Apple servers that only contain your very rough approximate location.
The third-party proxy server holds DNS encryption keys hence decrypts the DNS requests then resolves user requests i.e. sends it to your requested website with the random IP generated by Apple with the approximate location without your personal details.
So now the website you visit has no personal detail about you due to the anonymous IP while still has an approximate location to provide you location-specific content.
How is Private Relay different from a VPN
Apple’s Private Relay uses Oblivious DNS-over-HTTPS (ODoH) which Apple helped develop and push along with Cloudflare and Mozilla in its Safari web browser. This makes the service a Safari only privacy feature. Private Relay does not help to bypass geo-restrictions as it does use your approximate location i.e your City/Region is known.
The servers do not take any efforts to hide and camouflage in regular network hence could be restricted in school and corporate networks.
Alternatives to Apple’s Private Relay for a private internet
- A good old VPN from a company you could trust.
- Cloudflare Wrap
- Mozilla Private Network (Beta)