Menu
What's new
By:
Filters Better Search

iPhone pinging mask.icloud.com with Private Relay turned off

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Implement3443

Implement3443

New Around Here
Does anyone know why iPhone ping mask.icloud.com and mask-h2.icloud.com even with Private Relay, Private Wi-Fi address, and Limit IP Address Tracking turned off? What could be causing it?
 
Implement3443 said:
Does anyone know why iPhone ping mask.icloud.com and mask-h2.icloud.com even with Private Relay, Private Wi-Fi address, and Limit IP Address Tracking turned off? What could be causing it?
Click to expand...
IMG_0269.jpeg

Is this turned on in mail?
 
Difides said:
I have these domains blocked.. it's a bypass method and tracking at the same time
Click to expand...

I can’t say if it’s a tracking method utilized by apple or not.

But I can say for sure loading any email locally directly to your phone IS a tracking method for people that sent the email.

How it might work below is speculative.

Photos even pixel size photos that load a picture to your phone from a remote server track your email is alive, and your ip address, and probably other information. They can track generally or uniquely by the photo having a unique url referenced to your email.

So by masking your ip address it does provide some security through obscurity.

Does that mean masked loading remote images won’t confirm to them your email is alive. Unlikely if it load an image that’s probably enough for them to hit you with waves of junk mail.
 
DJones said:
But I can say for sure loading any email locally directly to your phone IS a tracking method for people that sent the email.
Click to expand...

And how accessing a picture somewhere from an unknown IP address is associated to my particular Gmail, for example?

Difides said:
it's a bypass method and tracking at the same time
Click to expand...

No, it's a secure DNS with tracking prevention available for whoever wants to use it.
 
Tech9 said:
And how accessing a picture somewhere from an unknown IP address is associated to my particular Gmail, for example?



No, it's a secure DNS with tracking prevention available for whoever wants to use it.
Click to expand...

Again speculation I don’t assert this as fact.

In this scenario you’re using pop3 or imap to sync your mail to your phone or computer. And you don’t use a vpn obsessively or cellular or a method of masking your ip. It could give port scanners a better target then casting a wide net.

Could remote loading of any photo or pixel tracking be done with any ad tracking to obtain your ip on any website sure.

If you generate unique urls for the tracking pixel or photos that are associated with that email in a database once the photo is loaded and a request is made of the server with that unique url they should be able to log the requested ip.

If you’re on a cellphone using cellular and not wifi it really shouldn’t matter because the ip address should change frequently. But from ISP’s that have really long lived ip addressing that’s where I think it might be beneficial for phishing.

The email being useful could come down to your password being known from past leaks, and commonly reused if they find a way into your system.

How they get into your system really isn’t the point. Could be malware, known application vulnerability’s, social engineering. But it would sure help if they knew your administrator password and could escalate any software they want to ring 0 kernel.

Really my point is it’s gathered information tying you to your network/system, to your email, and your passwords. individual links in the chain may not be useful immediately, but multiple weak links might.
 
Last edited:
Tech9 said:
And how accessing a picture somewhere from an unknown IP address is associated to my particular Gmail, for example?



No, it's a secure DNS with tracking prevention available for whoever wants to use it.
Click to expand...
so again .. it is a bypass of your DNS .. and there is no easier method to track internet movement than snooping dns ..
 
Difides said:
it is a bypass of your DNS
Click to expand...

It's a secure DNS bypassing any other DNS including yours. This is what it was designed to do. It's an optional paid service part of iCloud+ subscription. To track your "internet movement" just don't use iCloud Private Relay. To track your own devices on your network don't use Private Wi-Fi Address. So first - you have to know what do you want. No one is working against your preferences or settings.
 
Last edited:
Difides said:
ne, dotazy na tyto dns jsou i ve vypnutém stavu a je to bez souhlasu uživatele nebo jakéhokoli vědomí
Click to expand...

Not used for DNS resolution though. Your Asus router is contacting Microsoft domain all the time, no?
 
www.snbforums.com

iPhone pinging mask.icloud.com with Private Relay turned off

Does anyone know why iPhone ping mask.icloud.com and mask-h2.icloud.com even with Private Relay, Private Wi-Fi address, and Limit IP Address Tracking turned off? What could be causing it?
www.snbforums.com www.snbforums.com
Tech9 said:
It's a secure DNS bypassing any other DNS including yours. This is what it was designed to do. It's an optional paid service part of iCloud+ subscription. To track your "internet movement" just don't use iCloud Private Relay. To track your own devices on your network don't use Private Wi-Fi Address. So first - you have to know what do you want. No one is working against your preferences or settings.
Click to expand...
no, queries through this dns, it is without the consent and knowledge of the user and it is even when it is switched off. and it is for this reason that he is classified as a suspect
 
Tech9 said:
This feature is used for network connectivity status detection. You have blocked something your router uses in normal operation.
Click to expand...
no problem to change destination ip.. regarding security, dns and linux i have been working for many years these practices are very easy :)
 
You must log in or register to reply here.

Similar threads

V
unbound blocking apple private relay.
Replies
1
Views
621
Tech9
Tech9
saison2023
Any way to diagnose further these dnsmasq restart events?
Replies
5
Views
451
saison2023
saison2023
M
DNS Filter issues with iOS devices when iCloud private relay is on
Replies
5
Views
2K
Treadler
Treadler
Mogsy
Solved Need help with NAT fix.
Replies
1
Views
795
Mogsy
Mogsy
M
Diversion SOLVED - Diversion not working on iPhone, all other devices protected
Replies
7
Views
2K
martinr
M
Similar threads
Thread starter Title Forum Replies Date
D [ASUS AX86U Merlin] Blink Sync Module does not connect (connects to iphone hotspot) Asuswrt-Merlin 0
ApexRon AX86U Pro iPhone Log Entries Asuswrt-Merlin 2
M Finding my Correct Network/Subnet Mask Asuswrt-Merlin 10

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 975 (members: 18, guests: 957)
Top