However, it seems that errors in the system made it unsafe. This was discovered by researcher and developer Sergey Mostsevenko who found that the error led to the user’s IP address being disclosed. Evidence of the erroneous idea being practiced can be found at FingerprintJS page.
Mostsevenko explains this by saying, “Because Safari does not represent STUN when requesting via iCloud Private Relay, STUN servers know your actual IP address. This is not an isolated case, for he has no other choice; However, Safari transceeds ICE loggers with specific IP addresses to JavaScript. Deleting a personal name will be a matter of separating your real IP address from those who want to join ICE – which is easily done using the internet. ”
The good news is that the bug seems to have been caught in the most recent beta MacOS Monterey, but it hasn’t been shipped in iOS 15, but we think Apple should be getting closer.