Can you trust iCloud+ Private Relay?
QAlthough I love the idea of iCloud+ Private Relay, when running DNS leak tests I found one site where it’s reported as failing. Is it flawed after all? byROB LYNDON
AiCloud+ Private Relay has a different aim from that of a full virtual private network (VPN) service. Private Relay uses an ordered sequence of two independent servers as relays to prevent individual parties, including Apple and internet service providers (ISPs), from collecting details of your web browsing. Those relays replace your Mac’s original IP address with one that can’t be traced to you, and gives only vague location information. One test used to check this looks for DNS leaks, a flaw in a VPN service that reveals DNS requests to an ISP or eavesdropper allowing them to see which websites you visit, because those requests are sent direct rather than through the VPN. Most test sites fail to detect any leak, but trace connections back to the second relay, a large service provider such as Akamai or Cloudflare, who provide this service for Private Relay. One test site, whoer.net, recognises that Private Relay is being used, and gives the approximate physical location you’d expect from this service. However, that site’s leak test claims DNS queries aren’t protected, while giving a list of those IP providers for the second relay. That doesn’t demonstrate that Private Relay isn’t providing the protection it intends to.
iCloud+ Private Relay is still in beta at present, and does appear to deliver the service claimed, but it isn’t a substitute for a VPN, if that’s what you’ve decided you need.