iCloud Private Relay di Apple

• Gli indirizzi IP sono identificativi univoci che rappresentano una fonte di attività su internet. Possono essere assegnati a un dispositivo connesso come un telefono, a una connessione wifi o ancora a una rete aziendale. Per la maggior parte della storia di internet, sono stati usati per identificare approssimativamente un utente di internet e fornire informazioni sulla posizione dell'utente, ossia la città in cui si trova.
• Our communities rely on IP addresses as their core identity and security model.
  • Users have always been able to edit without logging in. Their IP address has been their sole form of identity—the way that they receive messages, are tracked, and are blocked.
  • For users who are logged in, IP addresses are the main tool for identifying persistent abusers. They can be blocked based on their IP logs.
  • In some cases, whole ranges of IP addresses are blocked for being persistent sources of abuse.

• The nature and availability of IP addresses is changing. With the advent of IPv6, IP addresses are more dynamic than before. This problem will only be worse in the future as more users come online.
• Additionally, IP addresses and user agent information have become personal data. Hiding them has become a service more and more internet users want.
• External market and government actions make these changes. They are not under the control of the Wikimedia movement or WMF.
• The Anti-Harassment Tools team at WMF has been looking into the issues surrounding IP addresses. It is building tools that may reduce the effect of these changes. But the work will not prevent IP addresses from becoming less useful over time.
• Apple is starting to provide a service called “iCloud Private Relay”. It masks the IP address of a Safari user such that they appear to be coming from a central pool of Apple IP addresses. It will apply to Safari browsing behavior on both desktop and mobile devices.
• iCloud Private Relay is available only for the willing iCloud+ subscribers (on an opt-in basis) and is labeled as “Beta”. This is likely to become a non-beta feature, then default (opt-out). It may also eventually be included in the operating system for free, as a similar service for how Mail is now free.
• These models can quickly spread. Once Apple makes this change, other browser providers like Google and Mozilla may remove browser information sent with requests as well. For example, after Google announced that Chrome will no longer send user agent info, Mozilla also announced that similar changes were in the works for Firefox browsers.

• We want administrators to feel safe and supported. The quality and reputation of Wikimedia projects needs to be protected. Marginalized editors who need protection should also be supported. Casual good faith participants should be able to edit on the browser and device of their choice. The loss of IP-as-identity challenges all these goals.
• When users of iCloud Private Relay attempt to edit, they will appear with one of the dedicated Relay IP addresses.
• Decisions around whom to block and why are made at a local community or global governance level. There are rare “office actions” to ban users. But in principle, blocking is an area with a long history of community self-governance. Large communities and global sysops have decided that “open proxies”, virtual private networks (VPNs), shared IP services, iCloud Relay, and similar services will be blocked on all wikis.^[1] The reason is that identity fraud is too easy to commit using them, since IPs are our identity model.
• Certain IP addresses are blocked from editing even by logged-in users. As a result, iCloud Private Relay will affect logged-in users as well.
• To estimate the potential effect, we looked at the edits coming through Safari browsers. Next, we combined them with estimates around the update of iCloud Private Relay.
  • In the last 90 days, 11.6% of logged-in editors edited with Safari and 17.7% of logged-out editors edited with Safari.
  • We used these numbers and estimated when iCloud Relay will become widespread. We believe 1.6% of logged-in editors and 2.5% of logged-out editors will be blocked in the month after iCloud Private Relay comes out for macOS.
  • When iCloud Relay becomes opt out, we estimate 4.6% of logged-in editors and 7.2% of logged-out editors will be blocked each month.
  • The usage of Safari for editing varies by wiki. Please see the accompanying table for numbers on the most and least affected wikis.
• The way to request an IP block exemption (IPBE) is not designed with large numbers or global groups in mind. Even a cautious estimate is that a few thousand logged-in editors will be blocked. This is far more than existing IPBE processes are set up for. If we don't change the way IPBE works, for those users it will be difficult to ask for and gain exemptions or explanations in their language. What's more, on small and medium wikis there may be no related policies. Also, communities of those wikis may not know how to help the affected users.

La tabella seguente mostra per ciascun wiki selezionato quante persone hanno effettuato modifiche col browser Safari nelle ultime settimane. Su alcuni wiki (es. Wikipedie in giapponese, svedese e norvegese bokmål) l'uso di Safari è più alto che altrove (es. Wikipedie in bengalese e hindi). Nota bene che solo una parte degli utenti di Safari usufruirà di iCloud Private Relay.