You’re forced to use Cloudflare. Don’t they track … everything?
Removed by mod
Just wanted to chip in and say, what a great comment! 👌
Ah, so it’s just corporate Tor. Mega gross.
Removed by mod
iVPN has Multi-hop feature, which looks similar to what you described in the post. Speaking of it, thanks for the detailed explanation!
Removed by mod
They rent their servers, so it depends on what you consider as running the server. They have virtual access to it, but they don’t own the hardware. At least, that’s the case for countries I checked, maybe they have their own servers somewhere too.
My main concern is that cloudflare knows what content it is serving and it is certainly fingerprinting your browser. So regardless of how you request the data, cloudflare knows.
yea but cloudflares probably gonna know anyway cause they serve a large portion of the Internet anyway
Removed by mod
Hate to break it to you but all the major CDN providers do the exact same things. My employer runs multiple websites mainly for US and European users. We use Akamai for both CDN and WAF services. For any CDN and/or WAF to operate properly it needs access to unencrypted content. Part of Akamais WAF tools includes what they call Bot Manager, which can identify traffic coming from over 1000 known bots and can also classify unknown ones. Part of how it works is by browser fingerprinting as well as TLS session fingerprinting and other proprietary fingerprinting.
So any time you visit a large website you’re likely being fingerprinted and otherwise analyzed by the CDN and security tools used by those sites.
Removed by mod
I see Apple in the name, so how private? Wide open.
Damn i should’ve read into this a bit more. Didn’t see they used cloudflare
I will say that Apple is 100 percent collecting your data. Health, financial, biometric, anything you put in an Apple Device is subject. Like most large companies, the are probably also purchasing profile data from Acxiom and Experian.
I don’t know if they are doing it with this service but Apple is definitely not respecting your privacy. If you are concerned about privacy, you’re better off trying to use more specialized tools for a job than any singular ecosystem. Apple wants everybody to be in their single ecosystem to better build profiles in their systems.
Request: Your IP > Apple (1st) relay node > 3rd party (2nd) relay node > Website
Response: Your IP < Apple (1st) relay node < 3rd party (2nd) relay node < Website
Whoever has access to both relay nodes, can easily track you end-to-end.
As for Apple, they claim the 1st relay node is owned by them, and 2nd relay node is owned by 3rd party. (Source: https://www.apple.com/icloud/docs/iCloud_Private_Relay_Overview_Dec2021.pdf)
In theory, it should not be a privacy concern because -
- Website will see the request coming from 2nd relay node’s IP.
- 2nd relay node will see the request is coming from Apple (1st) relay node’s IP.
- So, only Apple knows your IP.
