It’s possible Apple’s Private Relay VPN isn’t so private after all
Private Relay is ignoring firewall rules and sending some data back to Apple
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
A potential security flaw iniCloud Private Relaycan leadApple’sVPNto ignorefirewallrules and send some data back to the iPhone maker’s servers.
This leak itself was first discovered by the VPN companyMullvadwhich was monitoring network connections while working on its own app.
Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022.Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.
For those unfamiliar, Private Relay functions in a similar way to aVPN tunnelor howTorworks by routing a user’s encrypted network through relay servers before it reaches the internet. The service is currently still in beta and is only available in certain regions though it also requires a paidiCloud+subscription.
TechRadar Proreached out to Apple regarding this potential leak iniCloudPrivate Relay but we’ve yet to hear back at the time of writing. However, since the service is still in beta, this issue could be rectified before it becomes generally available. Since iCloud Private Relay’s beta release coincided with the launch of iOS 15, Apple could make the service available in full with the release ofiOS 16in September of this year.
Ignoring firewall rules
According to a newblog postfrom Mullvad, the VPN company was monitoring network connections when it noticed thatQUICtraffic was leaving one of its computers outside of a VPN tunnel.
Disabling Apple’s Private Relay feature made the leaks stop and the company has even provided instructions so that other users can reproduce the leak on their own. Mullvad also pointed out in its blog post that Private Relay (mostly) disables itself as soon as any firewall rule is added to the Packet Filter (PF) system firewall on macOS devices.
T-Mobile denies blocking iCloud Private Relay, but admits some users won’t have access>What is Apple Private Relay and is it worse than a VPN?>This Google Chrome challenger could be the best browser for private surfing
As such, the company believes that the leak itself is just some kind of heartbeat signal calling home to Apple. Although it’s impossible to know what information is transmitted to Apple’s servers, the leak does send a clear message to both your local network and ISP that you might be a macOS user.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
At this time, Mullvad is unaware of any way to prevent Private Relay from leaking user traffic back to Apple but the company recommends that users disable the feature altogether for the time being if their threat model forbids their local network or ISP from knowing what kinds of devices they’re currently using.
ViaAppleInsider
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
Should your VPN always be on?
3 reasons why PIA fell in our best VPN rankings
iStorage Group acquires Kanguru Solutions as it looks to expand security offering
