How private is Apple's Private Relay, really? - eviltoast

You’re forced to use Cloudflare. Don’t they track … everything?

  • WetBeardHairs@lemmy.mlOP
    link
    fedilink
    arrow-up
    3
    ·
    10 months ago

    My main concern is that cloudflare knows what content it is serving and it is certainly fingerprinting your browser. So regardless of how you request the data, cloudflare knows.

    • histic@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      10 months ago

      yea but cloudflares probably gonna know anyway cause they serve a large portion of the Internet anyway

    • LWD@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      10 months ago

      After reading their documentation a little closer, I discovered something else unsavory about Private Relay: it “relays” your approximate location, as it could usually be derived from your IP address.

      Updated my comment.

    • IphtashuFitz@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      10 months ago

      Hate to break it to you but all the major CDN providers do the exact same things. My employer runs multiple websites mainly for US and European users. We use Akamai for both CDN and WAF services. For any CDN and/or WAF to operate properly it needs access to unencrypted content. Part of Akamais WAF tools includes what they call Bot Manager, which can identify traffic coming from over 1000 known bots and can also classify unknown ones. Part of how it works is by browser fingerprinting as well as TLS session fingerprinting and other proprietary fingerprinting.

      So any time you visit a large website you’re likely being fingerprinted and otherwise analyzed by the CDN and security tools used by those sites.