You’re forced to use Cloudflare. Don’t they track … everything?

Karna
link
fedilink
21Y

Request: Your IP > Apple (1st) relay node > 3rd party (2nd) relay node > Website

Response: Your IP < Apple (1st) relay node < 3rd party (2nd) relay node < Website

Whoever has access to both relay nodes, can easily track you end-to-end.

As for Apple, they claim the 1st relay node is owned by them, and 2nd relay node is owned by 3rd party. (Source: https://www.apple.com/icloud/docs/iCloud_Private_Relay_Overview_Dec2021.pdf)

In theory, it should not be a privacy concern because -

  • Website will see the request coming from 2nd relay node’s IP.
  • 2nd relay node will see the request is coming from Apple (1st) relay node’s IP.
  • So, only Apple knows your IP.

I will say that Apple is 100 percent collecting your data. Health, financial, biometric, anything you put in an Apple Device is subject. Like most large companies, the are probably also purchasing profile data from Acxiom and Experian.

I don’t know if they are doing it with this service but Apple is definitely not respecting your privacy. If you are concerned about privacy, you’re better off trying to use more specialized tools for a job than any singular ecosystem. Apple wants everybody to be in their single ecosystem to better build profiles in their systems.

I see Apple in the name, so how private? Wide open.

@LWD@lemm.ee
link
fedilink
31
edit-2
11d

deleted by creator

Lunch
link
fedilink
61Y

Just wanted to chip in and say, what a great comment! 👌

@WetBeardHairs@lemmy.ml
creator
link
fedilink
31Y

My main concern is that cloudflare knows what content it is serving and it is certainly fingerprinting your browser. So regardless of how you request the data, cloudflare knows.

Hate to break it to you but all the major CDN providers do the exact same things. My employer runs multiple websites mainly for US and European users. We use Akamai for both CDN and WAF services. For any CDN and/or WAF to operate properly it needs access to unencrypted content. Part of Akamais WAF tools includes what they call Bot Manager, which can identify traffic coming from over 1000 known bots and can also classify unknown ones. Part of how it works is by browser fingerprinting as well as TLS session fingerprinting and other proprietary fingerprinting.

So any time you visit a large website you’re likely being fingerprinted and otherwise analyzed by the CDN and security tools used by those sites.

@LWD@lemm.ee
link
fedilink
3
edit-2
11d

deleted by creator

@LWD@lemm.ee
link
fedilink
1
edit-2
11d

deleted by creator

yea but cloudflares probably gonna know anyway cause they serve a large portion of the Internet anyway

Ah, so it’s just corporate Tor. Mega gross.

@LWD@lemm.ee
link
fedilink
8
edit-2
11d

deleted by creator

iVPN has Multi-hop feature, which looks similar to what you described in the post. Speaking of it, thanks for the detailed explanation!

@LWD@lemm.ee
link
fedilink
2
edit-2
11d

deleted by creator

They rent their servers, so it depends on what you consider as running the server. They have virtual access to it, but they don’t own the hardware. At least, that’s the case for countries I checked, maybe they have their own servers somewhere too.

Damn i should’ve read into this a bit more. Didn’t see they used cloudflare

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 124 users / day
  • 1.05K users / week
  • 1.3K users / month
  • 4.58K users / 6 months
  • 1 subscriber
  • 3.89K Posts
  • 98.1K Comments
  • Modlog