Apple Will Offer Onion Routing for iCloud/Safari Users

At this year’s Apple Worldwide Developer Conference, Apple announced something called “iCloud Private Relay.” That’s basically its private version of onion routing, which is what Tor does.

Privacy Relay is built into both the forthcoming iOS and MacOS versions, but it will only work if you’re an iCloud Plus subscriber and you have it enabled from within your iCloud settings.

Once it’s enabled and you open Safari to browse, Private Relay splits up two pieces of information that—when delivered to websites together as normal—could quickly identify you. Those are your IP address (who and exactly where you are) and your DNS request (the address of the website you want, in numeric form).

Once the two pieces of information are split, Private Relay encrypts your DNS request and sends both the IP address and now-encrypted DNS request to an Apple proxy server. This is the first of two stops your traffic will make before you see a website. At this point, Apple has already handed over the encryption keys to the third party running the second of the two stops, so Apple can’t see what website you’re trying to access with your encrypted DNS request. All Apple can see is your IP address.

Although it has received both your IP address and encrypted DNS request, Apple’s server doesn’t send your original IP address to the second stop. Instead, it gives you an anonymous IP address that is approximately associated with your general region or city.

Not available in China, of course—and also Belarus, Colombia, Egypt, Kazakhstan, Saudi Arabia, South Africa, Turkmenistan, Uganda, and the Philippines.

Posted on June 22, 2021 at 6:54 AM20 Comments


NombreNoImportane' June 22, 2021 8:48 AM

“Not available in China, of course — and also Belarus, Colombia, Egypt, Kazakhstan, Saudi Arabia, South Africa, Turkmenistan, Uganda, and the Philippines.”

So these are the countries doing DPI, gotcha.

metaschima June 22, 2021 10:24 AM

Ok, but what if the site is running JavaScript? which all sites do. The site can use JS to grab your real IP, right? I mean that’s why you should disable JavaScript when running tor. Admittedly the tor browser omits WebRTC, which prevents outright nabbing of you real IP, but there are plenty of other ways to get your real IP address using JS.

Humdee June 22, 2021 10:56 AM

The more and more Apple tries to convince me that it cares about security and privacy the more and more suspicious of their shenanigans I become. I can’t help but feel Apple is collecting all the fish in a barrel right before the killing spree. Guess I have become jaded and cynical in that way.

Impossibly Stupid June 22, 2021 11:46 AM

Never mind the intended design, I’m only interested in the details of Apple’s actual implementation, especially when it comes to abuse. For Tor, it seems I invariably end up blocking most exit nodes because someone tries to use it to probe for web vulnerabilities. If Apple doesn’t have a policy in place to nip that kind of activity in the bud, they’ll be tainting whatever IP space their requests are coming from, too. Maybe they think only providing it to subscribers will limit the abuse, but I can see that just as easily creating an attack surface for malicious web sites (or extensions) to hijack any visitors using Privacy Relay to launch a DDoS (or similar).

Ross Snider June 22, 2021 12:05 PM

Why not remove the requirement for iCloud subscription? How is it customer privacy value to link this to iCloud?

Why not have this be a local configuration (so it can’t be manipulated remotely)? How is this customer privacy value to rely on remote management?

Why not use the TOR network, rather than add an Apple managed (one-hop) proxy in the middle? How is this customer privacy value?

I’m skeptical this can be “privacy from everyone but us”?

metaschima@ has a good point re: browser fingerprinting. Humdee@ has a good point about centralization. Privacy model seems to still rely on trust in Apple. Security model isn’t captured, but I worry Safari isn’t hardened the same way Tor browsers are.

SpaceLifeForm June 22, 2021 2:09 PM

Add Brown Sugar, Cinnamon, Butter, and now you’re cooking!

Otherwise, this is not a sound recipe.

NateD June 22, 2021 10:46 PM

“Private Relay splits up two pieces of information that — when delivered to websites together as normal — could quickly identify you. Those are your IP address (who and exactly where you are) and your DNS request”

Because the DNS request is “normally” or “commonly” sent to the web host rather than your DNS provider?

Since when is your DNS query sent to the web-host? This seems to combine all sorts of misinformation with wizardry to “make things better” without actually doing anything.

Tor has failed in so many ways to obfuscate connections. I fail to see how this makes this better for users or corporate security.

SpaceLifeForm June 23, 2021 2:58 AM

This court ruling is insane.

Some may recall pre-DNS days.

We need to go back to the future.


Ismar June 23, 2021 4:23 AM

Interesting, but what is this measure aimed at – undermining Google’s tracking for advertising purposes might be one option?
They cannot possibly think that exisiting TOR users would opt in for a solution based on closed proprietary code ?

Denton Scratch June 23, 2021 7:30 AM

“Since when is your DNS query sent to the web-host?”

Yeah, that business about splitting DNS and IP address didn’t make sense to me either. If you have an internet proxy, then all your internet traffic goes through the proxy, whether it’s DNS or HTTP.

It looks like Private Relay (not Privacy Relay) uses two hops, where Tor uses three. That’s OK; Tor bridge nodes are needed to protect against the possibility of collusion between an entry node and an exit node. And of course, there’s no possibility of Apple (provider of the ingress proxies) colluding with the subcontracted (and unnamed) CDN provider that runs the egress proxies. That would be unthinkable (I just unthunk it).

So your DNS and HTTP packets presumably all pass through the ingress proxy. They are then forwarded to an egress proxy. DNS packets are sent on to some resolver (who knows who runs that), which might be a forwarder or a recurser – dunno. The answer comes back to the client via the ingress proxy. And then the HTTP request goes to the same ingress proxy, and emerges via the same or some other egress proxy, and is delivered to the website, which responds via the same egress proxy and ingress proxy used to deliver the request.

So maybe this business about separating DNS and HTTP just means that different egress serveers are used for your DNS and HTTP requests. But I can’t see what that gains you, whether or not collusion is possible.

/me not an Apple user, so I have no dog in this race. It all looks rather shifty to me.

Scott Lewis June 23, 2021 9:47 AM

@Ross Snider “Why not remove the requirement for iCloud subscription? How is it customer privacy value to link this to iCloud?”

Apple’s goal here is to promote privacy when web browsing for their paying customers. You can be security focused, and for-profit all at once.

Robber June 23, 2021 10:14 AM

@Scott, Apple is using the onion routing protocol and creating their own relays because they want control.

Apple has built jails so shiny that People would pay to be admitted. They could have made this a service based on Tor and contributed back to the upstream, given back to the Tor nodes which are run by many folks privately.

But we got to keep privacy!! We shall Keep it!!

Buy Jails!! Then Jailbreak??

Winter June 23, 2021 10:40 AM

“@Scott, Apple is using the onion routing protocol and creating their own relays because they want control.”

Tor nodes are run by volunteers. It would be “inappropriate” if Apple would abuse these volunteers by using the nodes for high volume commercial traffic.

Svarog June 23, 2021 10:52 AM

Apple is doing this solely to continue to promote themselves as the only company that cares about privacy. The message is simple: if you care about privacy, we offer the best, for a price.

This is classic business strategy: find the thing that your competitors are weakest at (Android anyone), and position everything to exploit that. So, of course they put this behind their most expensive offering. After all, they are masters of premium.

David Leppik June 23, 2021 2:00 PM

This is designed to be much faster than TOR, which has a reputation for being painfully slow. Apple claims this will be as fast as regular browsing.

Rather than using volunteers, Apple is using its own servers along with the major edge providers (Akamai, Fastly, and Cloudfare) so that the onion routing is done on fast computers near the user.

Obviously adding extra hops necessarily adds latency to the requests, but because this is a commercial operation running in commercial data centers, there’s a good chance that the extra hops will be in the same data center as the web server you’re trying to reach. So the latency should be equivalent to a website adding one extra level of middleware.

Apple will be charging for this service, but what do you expect when all of your web traffic is being processed by their servers? If you price what it would take for you to host a personal proxy on AWS, it wouldn’t be expensive, but it’s well beyond what Apple can afford to do for free for all their users.

As others have noted, this does require you to trust Apple to do things properly. But if you’ve already got an Apple computer running Apple software and using Apple services, you’ve already made that concession. Unfortunately the only other choice is Android, which requires putting the same level of trust in Google and your cell phone manufacturer.

Bruce said years ago that we were entering an era of feudalism, where you can’t secure yourself against the increasingly sophisticated attackers, so you have to choose one big team to trust. As it’s turned out, one of those teams (Google) seems more interested in targeted advertising than security.

echo June 23, 2021 5:49 PM

To some service providers the cost of the data pipe is effectively free. It’s the same as being the owner of an airline. You get to travel for free on all airlines because of “indstry standard” peering arrangements.

Apple are providing a limited specification service. There will be kickbacks off this either off ISPs or security services.

Corporate hypocrisy usually doesn’t happen for no reason. It happens because of a culture of pwoer tripping and favouritism, and them and us culture, and lack of strict adherance to the meaning or spirit of the law, and decisions being “washed” via different departments or layers of an organisation, and legal advice which carefully tracks what they can get away with as opposed to what is strictly legal or in the public interest.

The US fundamentally does not respect human rights and they are not explicitly wired into the constitution so always get a back seat whether it’s at the political level, or regulatory level, or lower level organisational or personal level.

See also:

Key word: “Fraud”.

Tom Ace June 25, 2021 9:30 PM


Ok, but what if the site is running JavaScript? which all sites do.
The site can use JS to grab your real IP, right?

The proof-of-concept pages I found that claim to do this didn’t work when I tried them. But even if they did, finding out my machine is at doesn’t tell anyone where I am.

Buggy June 28, 2021 6:39 PM

So, I’m as dubious of corportocracy as the next guy here, and I’m not a fanboi, but everyone here is jumping up and down saying “we need to build security and privacy into products, and build that overhead into the cost of products as well” and when some company comes along and tries to differentiate on security (a closed eco-system is the only possible safe one, unless you’re willing to actually check all the open source on the planet yourself) and privacy (and I do think this is one area that Apple is really trying, at least on some fronts), all we hear is “shenanigans! it’s a front! sounds super-shady!” Yeah, I’d like to see the spec first, but this is one company with the funds and incentive (privacy as a service/differentiator) to change the big picture, and how about we kick them in the groin later, when they’ve proven this was all to haz your data (which I don’t personally think it is, but wouldn’t bet on it).

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.