Hide My Email worked because nobody could tell it apart. Apple is about to tell everyone.
Hide My Email kept you private by hiding in the crowd at icloud.com. This summer Apple moves every alias to its own subdomain and hands any service a one-line rule to block them all. What changes, and the version no vendor can switch off.
Apple shipped a short developer note last week that reads like routine housekeeping. "New domain for Sign in with Apple and iCloud+ Hide My Email," it says, and explains that later this summer both features will move under one shared domain, private.icloud.com. Four sentences, no drama. It also quietly removes the only reason Hide My Email ever worked.
The trick the feature was built on is one almost nobody who used it ever noticed. When you let Apple hide your real address, the alias it handed you lived at @icloud.com. The same domain as every ordinary iCloud user on the planet. Your throwaway address and your aunt's real mailbox were, from the outside, indistinguishable.
Why that one detail was the whole feature
A service that does not want disposable signups has an obvious move: block the domain that hands them out. With Hide My Email that move was poisoned. To block the aliases you had to block @icloud.com, and blocking @icloud.com means turning away every real iCloud user who ever wanted to sign up. No growth team on earth signs off on that. So the aliases got tolerated. Nobody loved them. They survived because the cost of swatting them was the entire iCloud userbase.
Calling it a privacy feature oversells what it was. The privacy did not come from encryption or a clever protocol. It came from camouflage. The alias was safe because it stood in a crowd wearing the same coat as everyone else, and Apple was vouching for the whole crowd.
Sign in with Apple already lacked this. Its relay addresses sat on @privaterelay.appleid.com, a domain that does nothing but relay, so it was always trivial to spot and filter. Hide My Email was the one that blended in. This summer, that ends.
Od tego autora
What actually changes
Both systems collapse onto private.icloud.com. Every alias, old purpose or new, now wears a domain that announces exactly what it is. A service that wants them gone writes one rule, reject *@private.icloud.com, and every privacy alias bounces at signup while real @icloud.com accounts sail through untouched. The expensive choice became a one-line filter.
Apple is even helping the other side learn the syntax. The same note tells developers to update their allowlists so mail from the new domain gets through. An allowlist and a blocklist are the same knowledge pointed in opposite directions. Apple just published the string.
A few things to keep straight. Existing aliases on the old domains keep working and forwarding, so nothing in your inbox breaks overnight. And despite some early panic, there is no new phone number or identity check to generate an alias. The whole change is the domain, nothing more. That is what makes it elegant and grim at the same time. There is no new friction here at all. Apple simply pulled off a disguise.
So why do it
Apple has not said. It declined to comment, which is its right and also its tell. The charitable reading, the one a couple of outlets reached for, is plumbing: one domain is simpler to run than three, and easier to reason about. The less charitable reading is that a feature which let people dodge marketing lists and ban-evade was always going to draw commercial and legal heat, and consolidating it onto a blockable domain is a quiet way to let that heat out.
The legal angle is not hypothetical. Earlier this year Apple handed over the real account details of a Hide My Email user who had used an alias to send a threatening message. Whatever you think of that specific case, it settled the question of what the feature was: a convenience that frays the moment someone with a subpoena leans on it. The anonymity was always on loan.
If you depend on this, the clock is real. The new domain has not landed yet, and people are busy minting as many @icloud.com aliases as the rate limiter allows, somewhere around thirty an hour, to bank a stash that still blends in before the switch flips.
Od tego autora
The version nobody can switch off
Step back and the lesson is not really about Apple. It is about the difference between a privacy feature you rent and one you own.
Hide My Email is a setting in someone else's product. Its value lived entirely in a property Apple chose to give it and has now chosen to take away, and you had no vote and no warning beyond a developer footnote. That is the deal with every convenience like it. It works until the vendor decides it works differently.
The version that does not have an off switch is the boring one I keep coming back to. A domain you own, a catch-all, and a different address for every service. I wrote up how I left Gmail for that setup and what it costs you to run. A service can still block your whole domain if it really wants to, but that is a fight on your terms, with an address you control and can rotate, on infrastructure no quarterly review is going to quietly downgrade. Camouflage you borrow gets taken back. A door you own stays yours.
Od tego autora
Buy Me a Coffee
Fuel my creativity with a coffee — every sip keeps this blog running!
Support This Blog — Because Heroes Deserve Recognition!
Whether it's a one-time tip or a subscription, your support keeps this blog alive and kicking. Thank you for being awesome!
Tip OnceYou read this far.
I write up the privacy and self-hosting trade-offs that vendors bury in a footnote. One post a week, plainly. Subscribe.
SubscribeDOGE: DSYxsbfWKAX8wWED9aWeqLEVXU7KihKk6h
Canary: pro-it.rocks-canary-a67c49d5
