 | Hacker Newsnew | past | comments | ask | show | jobs | submit | login |
|
|
| nerdjon on Jan 10, 2022 | parent | context | favorite | on: T-Mobile begins blocking iPhone users from enablin... I really hope this doesn't catch on, but I am concerned that settings has a message for this instead of it just mysteriously being not working. Makes me wonder if there is an official way carriers can block this? I know at home since I have pihole setup I got an alert that private relay can't work on my home network. |
 | woodruffw on Jan 10, 2022 | next [–] From Apple's developer docs for Private Relay: they're probably displaying that message if either of the well-known endpoints returns NXDOMAIN[1]. They explicitly identify school and enterprise networks as legitimate cases where Private Relay needs to be blocked, so that's probably how carriers are doing it as well. [1]: https://developer.apple.com/support/prepare-your-network-for... |
| | josephcsible on Jan 10, 2022 | parent | next [–] > They explicitly identify school and enterprise networks as legitimate cases where Private Relay needs to be blocked Why are these legitimate? Censorship is wrong even when schools do it. |
| | jeroenhd on Jan 10, 2022 | root | parent | next [–] I've heard from a tech in one of those "protect you child online" software companies that some American states hold their educational facilities liable for things kids do on school-issued computers (like Chromebooks) or networks (like school WiFi). If a kid Googles porn on a school laptop while doing homework and a parent gets angry, they could actually win a lawsuit in some places, and the situation would be worse if the school doesn't try their hardest to block such things from the school networks. Of course, this is from the perspective of a company selling block boxes, but apparently their story worked out. It's silly (and honestly sad) legislation but these companies were scooping up customers everywhere. If the choice is between "block porn and circumvention" or "no student internet access", choosing the latter could have devastating effects on kids without stable internet access at home. In my opinion, these laws should obviously not reach so far, and anything but a basic DNS block should even be illegal in my opinion, but reality is rarely what I want it to be. In the end, private relays suffer from the same restrictions and DoH and other privacy-enhancing protocols. |
| | woodruffw on Jan 10, 2022 | root | parent | prev | next [–] "Legitimate" in the sense of "pre-existing policies," not "I personally believe this is morally acceptable." |
| | Shank on Jan 10, 2022 | prev | next [–] If you block the domains that private relay uses, it won't work. Those are `mask.icloud.com` and `mask-h2.icloud.com`. Then it'll display a message informing you that it doesn't work. I imagine the carrier restriction just shows up in the carrier panel because there isn't a way to access the Internet on cellular via private relay if it's disabled. [0]: https://developer.apple.com/support/prepare-your-network-for... |
| | nerdjon on Jan 10, 2022 | parent | next [–] I guess thinking about it more, it would be fairly simple to say something like "if consistently can't setup private relay" and "on cellular" display this message. For a moment I was thinking it would only trigger with something specific from the carrier, but I see little reason apple would actually work with them on this. They are not really in the business of making the carriers happy. Edit: someone else pointed out it is actually a feature that the carriers can do. that... is disappointing. |
|
|
| Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact Search: |