Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
KiDD 6 hours ago

I guess I don't understand the concern... what does it matter if a different domain is used for Sign in with Apple and Hide My Email?

9dev 6 hours ago | parent | next [-]

Because many sites check the domain part of your email address against a blocklist, which contains entries like trashmail.com to prevent users from signing up with ad-hoc throwaway accounts. They don't want that, because they'd like to get a proper lead they can either track, sell, or reach out to.

Now Hide My Email allowed you to do just that: Create an account with an email that wasn't tied to your identity, and that you could just decommission if you didn't need it anymore. Sites had no way to detect these either, because all of the randomly generated addresses Apple provided you with just ended in @icloud.com, which is also used by tons of regular accounts - so if you blocked this domain, you'd invariably preclude millions of people from your service.

But by separating the domains, sites can simply add private.icloud.com to their trash mail blocklist, preventing the use of Hide My Email, while regular @iCloud.com addresses will continue to work. It makes the entire service useless at once.

snowe2010 5 hours ago | parent [-]

But that will completely break Sign in with Apple, which no service is ever going to do. I really don’t get the problem here.

9dev 5 hours ago | parent | next [-]

A tiny, tiny fraction of sites and apps offer Sign in with Apple. Every single service with user accounts under the sun allows signing up with a Hide My Email address.

That random online shop you order something from once? The IT forum that only shows external links for signed-in users? The whacky new AI tool you want to try out? The startup "sign up for updates" newsletter box? None of these offer Sign in with Apple. For all of them Hide My Email avoids having to disclose your real email address. This is broken now.

LoganDark 5 hours ago | parent | prev [-]

Most services would never support Sign in with Apple anyway. Honestly most services don't even support social sign-in at all

chatmasta 6 hours ago | parent | prev | next [-]

Right now it’s the same @icloud.com domain as normal personal emails. Now all auto-generated emails will use a separate domain name, so sites can block emails with that domain, without worrying about blocking people’s main personal email.

twobitshifter 6 hours ago | parent | prev [-]

Websites block certain throwaway email domains from signups. The concern is that this will happen with private.icloud.com

A good example of a throwaway email that is now useless because of these blocks is mailinator.com. Originally, you could just make up a random email on the spot like gregsrightfoot@mailinator.com, visit mailinator.com, and get the needed signup verification email. These services autodeleted messages and required no signup so they were a black hole for spam. However websites eventually got wise that their spam wasn’t being seen and started blocking the domain. Mailinator came up with alternative domains and there was a brief back and forth before the throwaway email domains all ended up being blocked.