Why Apple’s Private Relay Proves You Need a VPN

Yesterday, Apple announced several new privacy-oriented improvements to their iCloud+ service. And we have to admit: they are exciting, particularly Private Relay. While it might seem like this would be a competitor to PrivadoVPN, we prefer to think that Private Relay will help more people understand the benefits of a full VPN.

In fact, we applaud Apple’s recent moves toward greater consumer privacy. Sometimes the hardest thing to overcome is inertia, and for too long people have treated online communications as safe when they are anything but. By mainstreaming privacy tools, it begins to change public perception such that more people recognize that while the Internet is great, it also requires a certain level of caution.

That being said, let’s take a closer look at what Private Relay seems to be based on the details we’ve been given.

What Private Relay Is

When Apple released iOS 14, the biggest story was that they would make cross-app tracking opt-in by default. That means that you have to actually agree to let apps track your activity and use it to guide advertisements in other apps. This resulted in only 6% of US users opting in as of mid-May and only 15% of users globally.

Overlooked in this was the addition of the Safari Privacy Report. This introduced a feature that would allow users to not only block web trackers but also review that activity. The Privacy Report shows what trackers were blocked on a given website, helping users make more informed surfing decisions.

With upcoming changes, tracker blocking will be active by default. But Apple is also introducing a change to iCloud+ that sounds very similar to a VPN: Private Relay.

While the video doesn’t give too much information about the service, we can glean a bit from what we’ve been told.

First, Privacy Relay is designed to hide your IP address while surfing. We’ve discussed at length why hiding your IP is important to maintaining your online privacy. This goes a long way toward securing your identity and keeping bad actors from getting an initial grasp on your data.

However, the really exciting part is that your browsing data will be encrypted on your device before leaving. Not much was said about this, but we can speculate that this will be integrated into Safari as a browser extension. 

All requests from your computer will be sent through two separate Internet relays to hide your identity. This actually reminds us a little of the Tor network, but presumably much faster. All due respect to Tor, but it’s a fairly small project compared to a juggernaut like Apple.

We’re also guessing that the exit node will be randomized, preventing spies trying to watch your connection from following the data flow. That being said, this is also speculation and we don’t know how Apple will write the code to control this.

The Apple presentation makes a point of calling out that nobody can see your online activity, even Apple. That’s a good policy and helps make the service even more useful.

Why We Think Private Relay Is Great

Apple has come a long way since there was a question of whether they would install backdoors for the government to access an iPhone. Faith in the company’s dedication to privacy seems to have skyrocketed since the iOS 14 update as well. It will be interesting to see actual data on that and compare it to these numbers from 2019.

Like any company, they are doing this for profit, not principle. That being said, it says a lot that increased consumer security is considered a profitable position, especially when compared to convenience. This is a bellwether of consumer attitudes regarding online security and what they are willing to do to protect their data.

Of course, as is always the case with mass media, it is also a trend driver. Apple products are among the most popular personal electronics in the world. In 2016, Time magazine ranked the iPhone as one of the 50 most influential gadgets of all time, a list that includes the Victrolla, the first cell phone, and four other Apple products. When Apple makes a big push for increased privacy, users are more likely to pay attention.

That all being said, Privacy Relay is just a good first step toward securing your online data.

A VPN is Still Better

You can get certain benefits from Privacy Relay, but ultimately, they are just a handful of the features you can get with a high-quality VPN. Here’s the difference.

Browser Extension

First of all, we don’t know exactly how Privacy Relay will be used. Again, based on what little we were told, there’s a good chance that it will be a Safari browser extension that tunnels past ISPs.

Regardless, this limits your protection only to the apps that utilize Privacy Relay (i.e. Safari). It’s great to think that your browsing history will be encrypted and hidden, but what about downloads? What about iCloud syncs? Amazon orders, craft store coupons, online banking…there’s a lot that isn’t protected when you limit your encryption to a handful of apps.

With a VPN, you get the same IP masking and encryption technology, but for all of your data.

No Server Choices

Apple claims that the addition of two relays to data transfer will have no impact on performance, but we are skeptical. It’s not impossible to have servers that are just that fast (in fact, we do). However, from what we’ve been told so far, it seems like the nodes that are used for the relay are randomized. No matter how good your servers are, there will always be some sort of speed reduction based on physical distance. So either Apple will have a genuinely random relay selection, at which point your exit node could be across the country, or they will choose nodes near to the point of origin, which limits the effectiveness of the system.

The solution to this problem is simple: server choice. With a genuine VPN, you can pick the server that you’re connecting to, so you know what to expect for transfer speeds. You can also take advantage of changing your server location.

With this extra layer of control in place, users can better customize their Internet experience while still being safe.

Unknown Encryption

Ideally, we’ll be getting encryption specifications soon from Apple. But until then, we have no idea what level of encryption they are using, what protocols they will offer, or what ciphers they plan to utilize. It’s up in the air and can have a major impact on how secure their service is.

By subscribing to an established VPN like PrivadoVPN, you can easily see what encryption technology is being utilized. For example, we use 256-bit AES encryption and the AES-256-CBC cipher. It’s easy to look up what that means and how it protects you. With Privacy Relay, we just don’t know yet.

It’s also somewhat troubling that they specifically call out that “the traffic leaving your device is encrypted,” but make no mention of incoming data. That makes it seem like only half of any data request is actually protected.

With a VPN, your data is encrypted coming and going. At PrivadoVPN, we build an end-to-end encrypted tunnel between your computer and the destination so that data flowing, either way, is safe from spies and snoops.

Private Relay Is A Good First Step

We don’t want to rain on Apple’s parade. Again, at PrivadoVPN, we applaud any company that takes active measures to protect consumer privacy.

However, it’s important to understand that this is a single step to better #SecurityHygiene. Apple wants to dip its toes into the VPN market, but that doesn’t make them Michael Phelps.

In the end, you should use these new options. They will help protect your privacy. But you should also get a full-featured, ultra-secure VPN to fill in the gaps left by Private Relay.