Apple Is Using Akamai, Cloudflare, and Fastly for iCloud Private Relay ⇥ streamingmediablog.com
On Monday, Apple announced some new privacy features in iCloud, one of which they are calling Private Relay. The way it works is that when you go to a website using Safari, iCloud Private Relay takes your IP address to connect you to the website and then encrypts the URL so that app developers, and even Apple, don’t know what website you are visiting. The IP and encrypted URL then travels to an intermediary relay station run by what Apple calls a “trusted partner”. In a media interview published yesterday, Apple would not say who the trusted partners are but I can confirm, based on public details (as shown below; Akamai on left, Fastly on the right), that Akamai, Fastly and Cloudflare are being used.
Dave Hamilton, the Mac Observer:
Apple made specific mention that while the “Ingress Proxy” servers are run by Apple, the “Egress Proxy” (aka the server which communicates with the websites you visit) is not controlled by Apple and is under the control of “a (trusted) content provider”. This means that Apple doesn’t know what site(s) you’re visiting, and the third-party content provider doesn’t know who you are.
I imagine the Oblivious DNS over HTTPS standard proposed by Apple, Cloudflare, and Fastly last year is relevant to this, and I have to wonder about this week’s Fastly outage, too.