iOS 15 iCloud Private Relay vulnerability leaks user's real IP address

iOS 15 iCloud Private Relay vulnerability leaks user's real IP address

[[426360]]

The iCloud private relay service vulnerability introduced in Apple iOS 15 caused the user's real IP address to be leaked.

iCloud Private Relay service is a new feature introduced in Apple's iOS 15 beta, which allows users to browse the Internet in a more secure and private way through the Safari browser. The service ensures that the traffic leaving the device is encrypted, and uses 2 Internet relays to allow users to browse the Internet without using their real IP address and location.

Client IP address leaks using iCloud Private Relay

FingerprintJS security researchers found that users can obtain the proxy's IP address through HTTP requests received by the server. The real IP address of the client can also be obtained through webRTC. WebRTC (web real-time communication) is an open source project that aims to provide real-time communication for web browsers and mobile applications through APIs, which can achieve point-to-point audio and video communication without installing plug-ins or apps.

The real-time media information exchange between two terminals is established through a discovery and negotiation process called signaling. A framework called interactive connectivity establishment (ICE) is used in signaling. There are two methods in the framework that can be used to find and establish connections.

FingerprintJS researchers found that when data needs to be transmitted between terminals through the NAT (Network Address Translation) protocol, the STUN server will generate a "Server Reflexive Candidate". STUN is a tool used to extract the public IP address and port number of the network device behind NAT.

The vulnerability stems from the fact that STUN requests are not proxied through iCloud Private Relay, which will cause the client's real IP address to be exposed when ICE candidates are exchanged during the signaling process.

FingerprintJS said it has reported the security vulnerability to Apple, and Apple has fixed it in the latest version of macOS Monterey. However, it is still not fixed in iOS 15 system using iCloud Private Relay.

This issue shows that iCloud Private Relay cannot replace a virtual network. Users who want to hide their real IP address should still consider using a virtual network or browsing the Internet through Tor, and use JS to turn off WebRTC-related features when using the Safari browser.

For full technical details, see: https://fingerprintjs.com/blog/ios15-icloud-private-relay-vulnerability/

This article is translated from: https://thehackernews.com/2021/09/apples-new-icloud-private-relay-service.html. If reprinted, please indicate the original address.

<<:  iFixit shares iPhone 13 Pro disassembly report: repairability is only 5/10 points

>>:  WeChat cloud storage charges kill three birds with one stone, but it is "going against the trend"

Recommend

The value of the Randeng seovip private school system course is 3580 yuan

The course comes from the official website of the...

TikTok Dou+ Nuggets Training Camp (Third Session)

: : : : : : : : : : : : : : : : : : : : : : : : : ...

Which copywriter is the best at leveraging the Labor Day campaign?

It’s not Labor Day yet. The chat mode of " w...

With similar overall prices, which one should I buy, AMD Ryzen or Intel i7?

Last week, AMD officially released and launched th...

Tips for creating advertising landing pages!

In the customer acquisition process, in addition ...

The reason why pine and cypress are evergreen may be because... they react slowly?

Qiān (qiān) is a plant that is both familiar and ...

Will free traffic service become the next “free lunch”?

Earlier this year, Dan Check, vice president of t...

How can Microsoft Windows 9 avoid repeating the mistakes of Windows 8?

It is said that Microsoft will release the latest...

Talk about the hidden rules of App operation

First, let’s deconstruct the position of App Oper...

This epidemic forces people to give up delicious food (not stomach problems)

Do you have friends like this around you? Are the...

How to design a high-conversion training camp from scratch?

I've been receiving a lot of inquiries about ...