iCloud Is Private Relay leaking my actual ISP?

[Dude2Dude]

Hi all,

I’ve been using iCloud+ Private Relay for several months. I love the idea of it; its zero trust model makes a ton of sense. But on a whim, I did a few DNS leak tests, just to see what they came up with. Most identified my ISP as iCloud Private Relay, or Akamai or Cloudflare — which was what I expected.

However, when I did a DNS leak test on a site called Whoer.net, the list of identified DNS servers included the usual suspects (i.e., Akamai, Cloudflare) but also the name of my actual ISP. And my true ISP-assigned IP addresses, I believe.

I thought this wasn't supposed to happen? How did the end destination (Whoer) website determine my true ISP?

Any input gratefully accepted!

 

[Sheepish-Lord]

Some websites might not work per Apple. Additionally, it’s still in beta so could be other things going on.

About iCloud Private Relay - Apple Support

iCloud Private Relay — part of an iCloud+ subscription — helps protect your privacy when you browse the web in Safari.

support.apple.com

 

[Dude2Dude]

Thanks for the response, Sheepish-Lord. I don;t think that's what's up here; the site identifies Apple's backbone partners as you'd expect, but digs deeper to actually uncover my actual ISP. My understanding, per the link you posted, is that the initial hop (to Apple) strips out any DNS info re: where you're headed, and that the second hop fields the DNS request, but has no idea from where it originates (i.e., my IP). This not only identified my ISP, it correctly determined the two associated DNS fields drom my router. If you want privacy, it's concerning. (I'm a journalist.)