Writing

Software, technology, sysadmin war stories, and more. Feed
Monday, September 20, 2021

Apple's private relay service does not sit still

I have an older iPhone that used to be my daily driver. It mostly just hangs around for testing random junk. It's still getting updates, and so when Apple offered it iOS 15 today, I installed it. This gave me a chance to turn on their beta "private relay" stuff which seems to be a TOR-like system.

Naturally, the first thing I did was to load my own site, and was interested to see the traffic coming from an Akamai IPv6 address instead of the boring residential network I normally appear from. That much didn't surprise me, since Apple has to be using *someone* for the "exit" point, so why not them among others?

What did surprise me is the lack of "stickiness" for these IP addresses. Every five seconds or so, it seems to hop to another address in the same (IPv6, remember) /64. If you're not down with v6 conventions yet, this means the first four parts like "xxxx:xxxx:xxxx:xxxx" stay the same, but the last four change completely every time.

If you are attempting to track people by looking at their IP addresses, you are going to have a bad time of it once they switch this on. I think it stays the same as long as you're actively doing stuff, but once you go idle, it seems to hop. This is what I've noticed in just a few minutes of playing around, and it's probably missing some finer points. Also, given the "beta" thing (oy, now Apple is doing it too), this behavior will probably change in the future.

I actually don't have any v4-only (aka LEGACY) stuff to try it on, so I have no idea what happens on that side of the world. It probably looks about the same, albeit within a much smaller range of possible source IP addresses. It probably resembles a CGNAT type situation.

It'll be fun to see what this breaks, and who howls the loudest.