Hmmm…. You sure about that? A VPN is no silver bullet, but for a casual user connecting to some type of VPN is better (less insecure) than an open WiFi network.
1 Like
Not everyone agrees
Actually private relay is a form of onion routing, according to Apple’s technical documents. Kind of like Tor for Safari users.
1 Like
Thanks! I saw it described that way, but with fewer relays and much less of a performance hit than Tor.
1 Like
The dangers of public wi-fi are slightly different. It’s not like your traffic will be read by anyone because most of the connections these days are SSL encrypted, and with certificate pinning I believe most browsers and apps will refuse to work or at least will throw a huge warning.
The risk of public wi-fi comes because you are sharing the same physical access medium with the potential attackers. So they can see your computer and target it using deeper techniques by scanning for vulnerabilities on the OS level. As stated before, VPN is of no help here.
2 Likes
This is correct, I was a network engineer at the start of my career and connecting to a public network is a risk, no matter what software precautions you take. A hacker will use network scanning software and find vulnerabilities in the OS.
It’s why I never connect to public networks. I use my iPad Mini with cellular as my hotspot when travelling and even when at a hotel. I’ve had no issues and I travel frequently.
3 Likes
I use only 1Blocker on all my apple devices. How safe is 1Blocker actually? And should I be doing something ore than that?
1 Like
@pantulis and @Rob_Polding did a much better job than I. Public WiFi in any form is a source of risk even if you use a VPN.
1 Like
MacBooks clearly need a cellular option
2 Likes
Look, technically speaking a VPN is anything that encapsulates/tunnels traffic. A GRE tunnel is a VPN. VPN’s don’t necessarily mean/include encryption, or security. You’re talking about one type of VPN.
Your article is referring to one type of VPN and speaking to consumers who are expecting to encrypt/obfuscate all traffic coming from their machines.
Not arguing with anyone here. You said iCloud private relay only encrypts your DNS queries, which is incorrect. Was simply trying to explain without going into technical detail. My apologies, based on this comment I didn’t think you were an expert.
iCloud private relay is not a remote access VPN. iCloud relay does encrypt/obfuscate traffic the same way remote access VPN’s do so people can look at naughty things on the internet. As always, use case is what matters.
Was trying to keep it simple. Context matters.
It could be argued that a properly configured endpoint with VPN software/firewall is safer than a user at home behind their ISP provided router/firewall. Can a user expose certain metadata at the packet level when on a VPN? Sure. Are they protecting against some rogue nation trying to get state secrets? Probably not.
If you want to get technical, the fact that it is the same “physical network” is of no consequence. Same network segment? Sure. The whole reason why we’re generally moving away from Remote Access VPNs.
Apple been trying to build their own modems since 2018. And I doubt they will even consider a cellular option until they learn how to do that.
In iOS, the 1.1.1.1 app by Cloudflare encrypts DNS queries (and in my tests it speeds up operation as well). It has a VPN service built in called WARP. It’s all free. So I wonder how this compares with iCloud Internet Relay.
1 Like
You’re probably right, but in common use VPN has come to have a narrower meaning, a bit like a Mac is a PC/personal computer, but PC is commonly used as a synonym for a computer running Windows.
I did invite correction, and I’m certainly not offended that you did so! I may have been mixing up PR with the 1.1.1.1 app, though that seems to have also picked up VPN functionality.
Why? They already offer cellular in iPads, another portable computing device that can’t be used as a cellphone.
Because they don’t want to design another product using Qualcomm modems?
“They hate Qualcomm’s living guts,” says Edward Snyder, a wireless industry expert and managing director of Charter Equity Research, in comments reported by the WSJ
1 Like
Warp encrypts all traffic from your phone. Private Relay only encrypts Safari and Mail, I think.
Warp lets Cloudflare see your traffic and identify it as yours. (Not saying they abuse this.) Private Relay anonymizes your traffic and sends it through a VPN partner so neither Apple nor the VPN can associate you with your traffic.
Due to the extra hop, all else equal, Private Relay is probably slower than using Warp. Private Relay is fast, though - the VPN partners are Cloudflare, Fastly and Akamai.
1 Like
From the same article:
the company wanted to break from Qualcomm, which Apple sued in 2017 over excessive patent fees.
Apple hates when others do to them what they do to others.
Can we sue Apple over excessive RAM and storage upgrade fees?
i am a paid up member of the “tin foil hat” brigade trying to prevent aliens from reading my thoughts…but on a serious note, I know anonymity is dead, but privacy is almost doable. A combination of VPN+Private Relay+Alias for email+Safari is my security blanket. TOR is too cumbersome and I also feel that level of security merely draws the crabs. Back to courier pidgeons it seems…
2 Likes
I hear a lot about Express VPN. and how glorious it is. What does Express VPN do that 1Blocker doesn’t? Does anyone know?