Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple can't just enable things if governments stop them. Clearly Apple is not at fault here, blame the governments that ban this from becoming a reality in those countries.
Good point. Apple can't just ignore the laws of countries where they operate, at best they can attempt to avoid having to apply those across national boundaries.

I am curious if the relay uses your IP address to establish the relay or uses your iCloud country as the source. The former makes sense but if it's the latter then this would mean you would not need a VPN to circumvent Geoblocking. If it is the latter and works system wide as described I can ditch my VPN.
 
That's just a VPN... Period.

Should be default FORCED ON for facebook, insta & so on though... traffic is TLS encrypted anyway.

That said, something similar can already be achieved using VPN Profiles, but not on a per app basis... let's hope iCloud+ can do that.
 
Good point. Apple can't just ignore the laws of countries where they operate, at best they can attempt to avoid having to apply those across national boundaries.

I am curious if the relay uses your IP address to establish the relay or uses your iCloud country as the source. The former makes sense but if it's the latter then this would mean you would not need a VPN to circumvent Geoblocking. If it is the latter and works system wide as described I can ditch my VPN.
For performance and load reason, most likely your iCloud country setting will be used to determine the first hop to target the iCloud server. Apple most definitely have iCloud servers setup in various regions around the globe. And those iCloud servers will then go the the region's third party 2nd hop server.
 
I'll just leave this here:


GATES: We went to China for a lot of reasons. Partly to relax and have fun. We found a few McDonald's there, so we didn't feel too far away from home. It was also exciting to go and see all the changes taking place, to see different parts of the country, and to meet some of the leaders.


China is a market that Microsoft had already been investing in. We've upped that a lot since then. As a percentage of our sales, though, it's tiny--well under 1%--and so even though it will double every year for the next five years, it's really only by taking a ten-year view that we can say it's worth the emphasis we're putting on it.


Although about three million computers get sold every year in China, people don't pay for the software. Someday they will, though. And as long as they're going to steal it, we want them to steal ours. They'll get sort of addicted, and then we'll somehow figure out how to collect sometime in the next decade.

 
Indeed, is there be any point whatsoever telling me where the person logging in is located even now, let alone with Apple relay in place?
If you using your mobile carrier network your "endpoint" from which your traffic "originates" (public IP) is usually some huge internet exchange in a big city. Location information from such IPs is next to useless.
However, if you are connected from a public Hot-Spot such as in a mall or restaurant or in some cases even at home if you happen to have a static IP (cable network is often practically static), rest assured, that IP is usually geomapped to less than half a mile.
How and why? Location services of Android and iOS lookup their public IP of WiFis and send it together with your current GPS location to google/apple.
That's how WiFi location services work. However those geo-IP database created from that is publicly available (not necessarily the one from Apple)
So, if you're logged in on such a WiFi the app can determine your location just by looking at your public IP -even if location services in your phone are disabled.
 
I love how people in this forum think it's Apple who's denying the service in the countries listed. C'mon people. You should know better.
Much easier to blame Apple and to use names like “Comrade Tim”.

It’s almost like the fact that Apple is a publicly traded multinational with responsibilities to its shareholders is lost on some folk…
 
If you using your mobile carrier network your "endpoint" from which your traffic "originates" (public IP) is usually some huge internet exchange in a big city. Location information from such IPs is next to useless.
However, if you are connected from a public Hot-Spot such as in a mall or restaurant or in some cases even at home if you happen to have a static IP (cable network is often practically static), rest assured, that IP is usually geomapped to less than half a mile.
How and why? Location services of Android and iOS lookup their public IP of WiFis and send it together with your current GPS location to google/apple.
That's how WiFi location services work. However those geo-IP database created from that is publicly available (not necessarily the one from Apple)
So, if you're logged in on such a WiFi the app can determine your location just by looking at your public IP -even if location services in your phone are disabled.
I am using the Wi-Fi in my own house which is connected wirelessly to another house which has fibre optic broadband connection.

I find that the location varies considerably - as I mentioned, Aberdeen, Scotland right now but has been somewhere in the Bristol, England region and Anglesey, Wales, among others I have forgotten.

But it rather makes a joke of the 2FA prompt even mentioning the location!
 
It’s more of a supplement of vpn than a replacement. Apple does not do vpn using this relay service.
This is a textbook definition of a VPN getting access to part of Apple’s network remotely. The modern VPN industry is highly corrupt and constantly lying to trick more people into thinking they make a difference and are needed. I’m glad to see Apple and Cloudflare providing a real vpn without the hype and scare tactics.
 
Recently, when logging in to the Apple store on a computer, my 2FA alerts me (as expected). And says that I am located around five hundred miles away from my true location. (Same country, UK, but not same nation, as in it says Aberdeen in Scotland and I am not in that nation.)

(I have had lots of extremely wrong locations from such services - not just Apple. I think it is the ISP which causes the issue. Though I am quite happy at the slight step towards anonymity.)

Whilst this is already pretty ludicrous, what would it say when connected via Apple's relay service?

Indeed, is there be any point whatsoever telling me where the person logging in is located even now, let alone with Apple relay in place?

And will it identify the country?
Probably using an anycast system like Cloudflares Warp. It will be the best connection your isps peering agreements can provide. Have a tier 1 isp it will be local. Have a low tier ISP and you may travel a greater distance. Day to day stuff even NYC to say Singapore wouldn’t be very noticeable.
 
  • Like
Reactions: polyphenol
Although about three million computers get sold every year in China, people don't pay for the software. Someday they will, though. And as long as they're going to steal it, we want them to steal ours. They'll get sort of addicted, and then we'll somehow figure out how to collect sometime in the next decade.

The drug trade model, except they give it away at first. Very effective.

This is a textbook definition of a VPN getting access to part of Apple’s network remotely. The modern VPN industry is highly corrupt and constantly lying to trick more people into thinking they make a difference and are needed. I’m glad to see Apple and Cloudflare providing a real vpn without the hype and scare tactics.

I am looking forward to it since I already have a paid iCloud account. I wonder if the third party is a different company or an Apple owned subsidiary. It would make some sense to have an independent, but wholly owned, subsidiary. It separates them legally but they still have Apple's bankroll to stay in business, and any excess can be funneled back to Apple; plus Apple could also sell the service to others and make money of of it. Apple, at least on the core tech side, seems to want to keep everything under their umbrella and only leave lower value/margin stuff to others.
 
The drug trade model, except they give it away at first. Very effective.
THE OLD DOPE PEDDLER words and music by Tom Lehrer

When the shades of night are falling,
Comes a fellow everyone knows.
It's the old dope peddler,
Spreading joy wherever he goes.

Every evening you will find him,
Around our neighborhood.
It's the old dope peddler,
Doing well by doing good.

He gives the kids free samples,
Because he knows full well
That today's young innocent faces
Will be tomorrow's clientele.

Here's a cure for all your troubles,
Here's an end to all distress.
It's the old dope peddler
With his powdered happiness.
 
  • Like
Reactions: jlc1978
This is NOT system-wide protection. Apps like Bumble and Tinder do NOT bypass network filters, only Safari so far from what I can tell.

Why is this not available on iPad?
 
which is designed to encrypt all of the traffic leaving your device so no one can intercept it or read it.
From the Keynote I thought they mentioned it only applied to web traffic in Safari. But based on the text in this article it sounds like it would apply to all web traffic aka all apps on the phone. Can someone confirm if it's just Safari, or if is all apps? If so, does that even apply to VPN apps, so the vpn providers wouldn't even have access to any web traffic either?
 
Did anyone talk back to Tim when he said “Privacy is a fundamental right” by saying “except for China”? :rolleyes:
 
From the Keynote I thought they mentioned it only applied to web traffic in Safari. But based on the text in this article it sounds like it would apply to all web traffic aka all apps on the phone. Can someone confirm if it's just Safari, or if is all apps? If so, does that even apply to VPN apps, so the vpn providers wouldn't even have access to any web traffic either?
Apps like Bumble and Tinder are not using this tunnel at all. I know that because I test this stuff at work all the time. A ”free” IP address app that I downloaded from the App Store, shows my fake address though. This means that it is possible dependent on the app, and not so much forcing all apps through the tunnel.
 
So brave Apple. Please lecture us more on your virtue while joining in on denying basic human rights in other countries.
Don't fool yourself into thinking Apple is more powerful than a government.

There are two actual options here:

1. Apple don't offer this service in these countries and are allowed to provide other services there.
2. Apple does offer this service in these countries and are not allowed to provide services there.
 
  • Like
Reactions: aristobrat
Don't fool yourself into thinking Apple is more powerful than a government.

There are two actual options here:

1. Apple don't offer this service in these countries and are allowed to provide other services there.
2. Apple does offer this service in these countries and are not allowed to provide services there.
The poster you quoted is not clear that Apple has to conform to local laws and doesn’t make local laws. In fact, many don’t seem to understand that.
 
This is a textbook definition of a VPN getting access to part of Apple’s network remotely. The modern VPN industry is highly corrupt and constantly lying to trick more people into thinking they make a difference and are needed. I’m glad to see Apple and Cloudflare providing a real vpn without the hype and scare tactics.
You can try to access Netflix UK website, and see if you can watch shows on there. Or you can try to visit Apple website of other region (Australia, Germany, France etc) and see if Apple prompts you to redirect. Adobe homepage works too.
Btw, check this out.
8110A05A-5D45-4A35-89EA-58D424D56C26.png

02CF7C1C-A876-4250-84B9-6C003208E915.png

If you believe This privacy relay service is a VPN, think again.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.