Skip to main content

Apple’s Private Relay VPN seems to be leaking user data

When Apple unveiled iCloud+ at its Worldwide Developers Conference (WWDC) in June 2021, one of its key features was a secure VPN called Private Relay. Yet a fresh report claims the service has been leaking user data on MacOS, potentially meaning it’s not as secure as previously thought.

Private Relay works by obfuscating various identifying pieces of information when you browse the internet. It encrypts your data, separates your page requests from your IP address, then assigns you a spoof IP address. The idea is that it becomes impossible for anyone (including Apple) to see which websites you are visiting.

Apple products are seen in the store.
Jakub Porzycki/NurPhoto/Getty Images / .

However, it seems there are cracks in its defenses. Doubts were raised by VPN service Mullvad, which alleges that Private Relay can cause the system it’s installed on to ignore network firewall rules. When that happens, Private Relay can leak that the system is communicating to Apple servers.

That might not seem like much, but the upshot of this is that it signals to your local network and your ISP that you are likely using a Mac computer. It’s not the most damaging information out there, but if a bad actor is snooping on your network traffic, that could give them ideas for a line of attack.

Calling home to Apple

New iCloud features on a Mac.
Image used with permission by copyright holder

Digging into the specifics, Mullvad spotted QUIC data (that is, data from a protocol designed to make web traffic faster and more secure) leaving its test computer outside of the Private Relay VPN tunnel. In other words, this data had somehow escaped Private Relay’s secure connection and was leaking to the outside world. Disabling Private Relay stopped the leak in its tracks.

While Mullvad couldn’t determine what data was leaked (it was encrypted, after all), the fact that any data at all was leaking was cause for concern. The report’s authors explain that, “We believe [the leaked information is] just some heartbeat signal calling home to Apple.” As previously noted, that could flag up the user’s system to other network users.

Mullvad’s report claims that, for now, the only way to prevent this data leak is to disable Private Relay entirely. Until Apple patches the flaw, that might be the best course of action if you are concerned.

In the meantime, if you are looking for a replacement for Private Relay, we’ve put together a list of the best VPN services that will keep your data safe and protected.

Alex Blake
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
Apple’s Vision Pro headset may try to alter your emotions during movies
The Apple Vision Pro reveals the wearer's eyes on a front-facing display.

The Vision Pro headset is totally new territory for Apple, so it’s no surprise that the company has been dreaming up some unusual ideas for how it will work. But new information has come to light that seems pretty out there even by the Vision Pro’s standards.

That’s because the headset might be able to gauge your mood and physiological state, then change what you see in order to create a specific emotional reaction. In other words, if it detects you’re getting too stressed out by whatever is on the screen, it might automatically change your content to something more palatable. That sounds a lot like another idea Apple had that would send you on a mood-altering trip while wearing the Vision Pro.

Read more
Apple’s big M3 MacBook event could be in danger
Apple CEO Tim Cook looks at a display of brand new redesigned MacBook Air laptop during the WWDC22

We’re only about a couple weeks or so out from Apple’s September event, where the company will unveil its iPhone 15 and a slate of brand new Apple Watches. But if you’re holding out for a new MacBook Pro or MacBook Air, don’t get your hopes up -- these laptops, which are rumored to be outfitted with one of the most significant chip upgrades in years, aren’t expected to come until October.

According to Bloomberg reporter Mark Gurman’s latest Power On newsletter, the show will be the first time the public casts eyes on the iPhone 15 range, as well as the Apple Watch Series 9 (and potentially a second-generation Apple Watch Ultra). It’ll follow the now-established pattern of a prerecorded video followed by an in-person hands-on session.

Read more
Best Woot Prime Day deals: TVs, headphones and appliances
Sony WH-1000XM5

There are plenty of Prime Day deals going on right now and we don’t just mean at Amazon. The nice thing about Prime Day is that it means other retailers also launch their own sales and that includes Amazon-owned Woot. That means whether you’re looking for cheap Prime Day TV deals or high-end Prime Day headphone deals, you should check out Woot. To help you narrow things down, we’ve picked out our highlights so you can quickly find the right deal for your needs. Here’s what you need to know.
Woot Prime Day TV deals

Amazon 55-inch Fire TV Omni 4K Smart TV (refurbished) --
Samsung 65-inch The Frame QLED 4K Smart TV (refurbished) --
LG 65-inch C3 OLED evo 4K Smart TV (refurbished) --
Samsung 75-inch The Frame QLED 4K Smart TV --
LG 77-inch C3 OLED evo 4K Smart TV (refurbished) --
LG 83-inch C3 OLED evo 4K Smart TV (refurbished) --

Read more