You already know that privacy and security are very important to me. Hence I’ve been using a VPN on my iPhone, iPad, and Mac for a little over six years. I actually used it because it was already left for me. A VPN that has been with me 24 hours a day, 7 days a week, now replaced by iCloud Private Relay.
Yes, I know they’re not the same, but in my particular case, they perform practically the same function. Change such a deep-rooted habit and Such an important component of the security configuration of my device ecosystem was not something I took lightly. I thought about the idea for months, tested it for weeks and finally decided.
The errors that make me ask the question
For most of those six years with a VPN, my VPN of choice has been NordVPN. Both in terms of security guarantees – very important – as well as in terms of performance, price, speed and other variables I consider it one of the best VPNs out there and yet… There wasn’t a day that I didn’t have to reconnect it more than 5 times.
If I had used the VPN intermittently the problem would have been very different, I know, but I used the VPN 24 hours a day. On the Mac, the connection was more stable because the communication with the network was constant during use. But on the iPhone and iPad, which were incorporated years ago Systems to avoid investing so much energy to always be connected to the network the topic has changed a lot.
I have to say that a few years ago I hadn’t noticed that many failures, but for some time, especially a few weeks ago, the situation became untenable. I noticed it every day, it got in the way of simple tasks and didn’t make using my devices as comfortable as it should be.
iCloud Private Relay seems to have the answer
iCloud Private Relay was introduced with iOS 15, and while little has changed with iOS 16 – I expected it to cover all connections, not just Safari – it came out of beta and became much more stable. Back then, I didn’t consider iCloud Private Relay as an alternative to my VPNbut today my habits have changed, so yes.
I’ve thought long and hard about Apple’s browsing protection service and I’m still aware of the changes I need to make in my habits I was drawn to the simplicity of Apple’s proposal.
iCloud Private Relay is not a VPN, for better or for worse
be clear. iCloud Private Relay is not a VPN. Some things are much better, some less. What can it do better? When we choose a VPN service, we must ensure that it does not record or monitor our connections. It has to be what we call zero-log, and while there are many external audits, it’s a matter of trust.
By using iCloud Private Relay, we don’t have to trust Apple. The system features a dual relay that lets Apple know who we are but not where we’re going, and its partners (primarily Cloudflare, Akamay, and Fastly) know where we’re going but not who we are. The end result is that browsing is truly private. an architecture zero trust the most interesting.
Meanwhile, the options to switch servers and country that the vast majority of commercial VPNs offer aren’t included with iCloud Private Relay. It’s just not there for that. It’s not about accessing streaming services as if we were in a specific country, but about protecting browsing.
Likewise, and the difference is very important, iCloud Private Relay only covers Safari browsing and mail connectivity. Nothing more. This means third party applications can still see our IP and identify and geolocate us.
Speed and reliability as the most important arguments
When the situation with NordVPN became untenable for me, I started testing iCloud Private Relay. I will confess that the only ones I had done before that were just after they were released. What I discovered on that occasion was that the Connection speeds were much faster with iCloud Private Relay than any commercial VPN I’ve tried.
I’ve reviewed MacPaw’s ClearVPN and also ExpressVPN along with the aforementioned NordVPN. In the picture above these lines You can see the number of measurements I took over several days where iCloud Private Relay consistently outperformed other alternatives in speed.
The holes that lead me to less commitment
A VPN as a privacy and security measure is interesting as long as there are no leaks. Leaks refer to times when some of our traffic exits the VPN tunnel. And that happens. I know exactly.
The way I configured it, all connections should be dropped when NordVPN gets confused, but sometimes when the reconnect time is long, things slip through. At this point it’s done. The service you are accessing already has your IP and therefore your location.
Likewise, Several Apple services escape a VPN’s tunnel due to their importance and need for reliability and connect directly to the servers. We’ll talk about that later because I don’t think it seems too serious, but it’s something to consider.
Another consideration is that the connections made from the Apple Watch (when connected to Wi-Fi and not solely to the iPhone) do not go through a VPN. Neither does Apple TV connections., where it is not possible to install a VPN. Yes, I’ve tried routers with built-in VPN, but the speed is 30x slower than what I usually have. And we are talking about routers with a price of just under 1000 euros.
The encryption of services leaves little information visible
The topic of privacy concerns me long before using a VPN. I have always taken care of e.g. Use trusted DNS servers, never that of the operator. I personally chose OpenNIC years ago, but there are many others. So I’m familiar with the kind of exposure you can have by not using a VPN.
An exhibition emerges from this the operator and various nodes in the network see the connection themselves. The other is to intercept the DNS request (which encryption can prevent) or respond to it. The system’s services use Apple’s DNS to reach the company’s servers, and moreover, almost everything ends up on the same server.
In other words. The operator doesn’t know what Apple service we’re requesting, while whether we’re using the Photos, Maps, or iMessage app, everything goes to .icloud.com, .iCloud-content.com, mzstatic.com, or directly to .apple goes to .com, just to name a few. So that When you walk past the connection, little information is displayed.
This is why, Personally, I never found it alarming that some Apple services went on the open network.. That now, by switching to iCloud Private Relay, everyone is doing it was nothing to stop me from making the change.
Safari is the holy grail of our data
What yeah what If you see that we use a specific application or another, you can create a profile our tastes or preferences. There are clearer apps than others, yes. Dating apps, for example, really reveal something very personal about us, but let’s remember that I pretty much only use Apple apps.
And since preparing to make the jump to iCloud Private Relay, I’ve pared down third-party apps even more. Five on the iPhone and six on the iPad. Applications that either do not connect to the network (verified with the Apps Privacy Report) or I disconnected this connection with my firewall.
So the most important thing is protected. To have the navigation completely safe from strangers’ eyes, I ran out of arguments to keep using my VPN. Many services, let’s call it Twitter, the bank or others have web applications, so I can access almost everything from Safari. For example, another day I’ll tell you about my RSS client, which is hosted on my own servers.
Hiding the IP is really that important
I was almost convinced I wanted to switch to iCloud Private Relay when I had to coldly analyze the IP and location issue. Me My main concern was the applications and services that knew who I was (not my random identifier). These were the ones that cost me the most to see that they could access my location by locating the IP.
On the other hand, the fact that someone like CNN saw a visit from Barcelona didn’t worry me much. Of course you will see many more. To minimize the list, Slack was the only app that knew who I was and where I was. I could live with that. More so when I consider that my real IP had crept in more than once through outages in the VPN.
Everything that can be seen I can say and have said
So I wasn’t too concerned about individual applications having access to my IP. Less considered that restarting iPhone or router changed it, but yes, Telefónica, my operator, has seen too much. I had to find a compromise here.
I don’t have to hide the fact that Telefónica knows that I have Slack open all day and that it sees my open connections to Apple’s servers. Another very specific app is also no secret Usage patterns blur with background refresh, among other. I have already told you that my privacy is very important to me and what apps have passed my filter and I use. It’s public information, so to speak.
Yes. The operator is the weakest point in my whole argumentbut I had to keep going. The stability and speed benefits of iCloud Private Relay were too great to consider elsewhere.
Getting used to a new system
I admit. I’m looking at the Wi-Fi connection on the iPad, I don’t see the VPN signal and it seems strange. Previously, it was the indicator that something was wrong with the connection. Of course I didn’t have to think about it at all. Syncing has improved and the overall experience with my devices is much more satisfying.
I realize that at some point I might want to reverse my decision to switch to iCloud Private Relay from a VPN, but for now I’m really pleased. obligations? Yes, I mentioned them before. But ultimately, a change that has been for the better for me with my usage patterns and needs. Much better.
Source : www.applesfera.com