|
40 Years of the Digest ... founded August 21, 1981 |
Copyright © 2021 E. William Horne. All Rights Reserved. |
The Telecom Digest for Wed, 19 Jan 2022
Volume 41 : Issue 13 : "text" format
Message-ID: <20220118142306.GA21962@telecom.csail.mit.edu>
Date: Tue, 18 Jan 2022 14:23:06 +0000
From: Bill Horne <malQRMassimilation@gmail.com>
Subject: Re: T-Mobile begins blocking iPhone users from enabling
iCloud Private Relay in the US
On Mon, Jan 17, 2022 at 02:39:29PM -0600, Doug McIntyre wrote:
> "Dave Garland" <dave.garland@wizinfo.com> writes:
> >On 1/10/2022 3:35 PM, Monty Solomon wrote:
>
>>> Now, in addition to some carriers in Europe, it appears that
>>> T-Mobile/Sprint in the United States is also blocking iCloud Private
>>> Relay access when connected to cellular data.
>
>> Not being an Apple user, I gotta ask, does iCloud Private Relay do
>> anything that a VPN doesn't? My VPN vendor has an apps for Android and
>> iOS, as well as most desktop OS and the popular web browsers. This
>> must be pretty standard, I checked a few of the reputable ones (Nord,
>> PIA, Express, Mullvad) and they all did. Only issue is, they're not
>> free and included on the phone.
>
> I believe many VPNs don't necessarily force DNS requests all over the
> tunnel, and still uses the local DNS resolvers as defined by the
> local setup (at least a few VPN services I have used have acted this
> way, I can't say definitively what every service does).
I'm sorry, but we're missing the point by debating the technical
details. This isn't a problem caused by technical methods or
procedures.
This blocking is due to a squable between two major players in the
mobile Internet sector of the industry: Apple wants it's users to
think that their click lists aren't going to be inspected by cellular
carriers. One of those carriers is fighting back by putting up a
blockade and demanding that Apple share the (immense) wealth that
comes from selling the click lists of iPhone users.
Apple has spent a long time constructing a Potemkin Village, made from
press releases and posturing, where they try to demand that their
users pay attention to the smoke and mirrors, and ignore that man
behind the curtain: the company has been staging Kabuki theatre
episodes that feature sincerly pretty spokesmen claiming that Apple is
standing on principle, and denying local law enforcement this or that
detail from this or that suspect in this or that local crime, but none
of it matters. We could debate - endlessly - the merits or demerits of
any given company's "security" features, but it's shadow boxing: the
NSA vacuums up anything it wants to see, and delivers those printouts
to any government employee or officeholder that asks for them.
The question we need to talk about is WHY U.S. citizens don't have
anything but a small fraction of the privacy protections European
cellular users enjoy. THAT is worth talking about.
Bill
--
Bill Horne
(Please remove QRM from my email address to write to me directly)
Message-ID: <jqudnbFdKZKcSXj8nZ2dnUU7-RvNnZ2d@giganews.com>
Date: 17 Jan 2022 14:39:29 -0600
From: "Doug McIntyre" <merlyn@dork.geeks.org>
Subject: Re: T-Mobile begins blocking iPhone users from enabling
iCloud Private Relay in the US
"Dave Garland" <dave.garland@wizinfo.com> writes:
>On 1/10/2022 3:35 PM, Monty Solomon wrote:
>> Now, in addition to some carriers in Europe, it appears that
>> T-Mobile/Sprint in the United States is also blocking iCloud Private
>> Relay access when connected to cellular data.
> Not being an Apple user, I gotta ask, does iCloud Private Relay do
> anything that a VPN doesn't? My VPN vendor has an apps for Android and
> iOS, as well as most desktop OS and the popular web browsers. This
> must be pretty standard, I checked a few of the reputable ones (Nord,
> PIA, Express, Mullvad) and they all did. Only issue is, they're not
> free and included on the phone.
I believe many VPNs don't necessarily force DNS requests all over the
tunnel, and still uses the local DNS resolvers as defined by the
local setup (at least a few VPN services I have used have acted this
way, I can't say definitively what every service does).
Part of the meta data providers suck up is through DNS lookups.
Comcast pretty was hard opposed to DNS over HTTP until they setup
their own DoH servers so they can still collect their meta data. Their
xFi routers have no option to setup your own DNS servers (by some
reports) to be handed out via DHCP to your network (you could always
do this manually yourself, but the percentage of users that do that is
a rounding error).
iCloud Private Relay does tunnel both web traffic and DNS through
Apple's network, and then a 2nd hop through the CDN network.
Also, iCloud Private Relay does rotate exit IP addresses from time to
time, while a VPN service probably will have you come out of the same
exit IP everytime you connect through the endpoint you choose. Of
course, you could always switch up your end VPN endpoints from time to
time to mimic this, but the private relay does it automatically.
So, a few differences.
--
Doug McIntyre
doug@themcintyres.us
End of telecom Digest Wed, 19 Jan 2022