Your Mac Isn't Yours - worse, it spies on you and sends it home unencrypted

On modern versions of macOS, you simply can’t power on your computer, launch a text editor or eBook reader, and write or read, without a log of your activity being transmitted and stored.

This means that Apple knows when you’re at home. When you’re at work. What apps you open there, and how often. They know when you open Premiere over at a friend’s house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city.

Well, it’s not just Apple. This information doesn’t stay with them:

  1. These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables.
  2. These requests go to a third-party CDN run by another company, Akamai.
  3. Since October of 2012, Apple is a partner in the US military intelligence community’s PRISM spying program, which grants the US federal police and military unfettered access to this data without a warrant, any time they ask for it. In the first half of 2019 they did this over 18,000 times, and another 17,500+ times in the second half of 2019.

Your computer now serves a remote master, who has decided that they are entitled to spy on you. If you’ve the most efficient high-res laptop in the world, you can’t turn this off.

4 Likes

Corresponding tweet for this thread:

Share link for this tweet.

1 Like

So Apple’s “secure enclave” and “the most secure personal computer in the world” and all the other marketing BS doesn’t mean :poop: then!!

2 Likes

We need more people like @Andy to kick up a fuss about things like this. I remember last time he threatened to leave Apple because they had neglected pros/developers for so long they brought out the 16" MBP and it’s one of the best Macs they’ve released for years!!

I think Apple needs to be completely transparent about which information they receive, store, and share with others AND we need to be able to switch it off if we want to - completely!

I love my Mac but I don’t appreciate being spied on, and I have always paid a premium for their products because they keep telling us they are the only ones who care about our privacy - it’s going to be very damaging for them if this turns out not to be the case.

1 Like

But do you still have doubts?

Did you read the part where they send the data over http, not https?

I always have a little doubt Paulo :sweat_smile:

For now I have blocked trustd in LittleSnitch :nerd_face: are there any other steps people are recommending?

2 Likes

You can’t do anything in the new OS.

Or you can do, but you need to ditch Apple to the curb.

2 Likes

Hopefully it is something they will fix, lots of people talking about it:

https://twitter.com/patrickwardle/status/1318437929497235457

Maybe it’s time we all start using Linux… on our Macs with Apple’s T2 chip - who knows what else it is doing :rofl:

The Apple T2 Security Chip is Apple’s second-generation, custom silicon for Mac. By redesigning and integrating several controllers found in other Mac computers – such as the System Management Controller, image signal processor, audio controller and SSD controller – the T2 chip delivers new capabilities to your Mac.

For example, the T2 chip enables a new level of security by including a secure enclave coprocessor that secures Touch ID data and provides the foundation for new encrypted storage and secure boot capabilities. And the T2 chip’s image signal processor works with the FaceTime HD camera to enable enhanced tone mapping, improved exposure control and face detection-based auto-exposure and auto-white balance.

There’s no mention about Apple being able to bypass LS… maybe we need Objective Development to comment on whether Little Snitch will be able to filter ALL network access in Big Sur like it always has…

This is pretty well documented at this point - I suspect Objective Development doesn’t want to publicly bite the hand that feeds and/or advertise that it’s less useful than before.

If you’re still looking to block Apple traffic, you’ll need to also incorporate a packet-filter-based firewall. I know Murus does this; there’s probably others, too.

That said, it’s not as nice or convenient an experience – packet filters have no idea what application is trying to call out, just packet-specific things like the IP address, port, protocol, etc. I’d still keep something like Little Snitch and just use Murus for what it can’t block.

I’m not all that sure I personally care so strongly – if I did set up a packet filter it’d just be out of pigheadedness and spite – but I’m waiting a month or two to upgrade. Perhaps my thinking will change.

1 Like

This did cross my mind as well. Nevertheless I might email them to find out for sure when their next version is out - I think we should know if we’re getting the protection we think we are, especially if we have to pay an upgrade fee or buy a new license.

I am hoping Apple will fix it… perhaps they will after all this negative publicity?

@pragdave already does it, and many others.

The article I linked says that the new Mac API’s make it impossible for LS to do anything:

The version of macOS that was released today, 11.0, also known as Big Sur, has new APIs that prevent Little Snitch from working the same way. The new APIs don’t permit Little Snitch to inspect or block any OS level processes. Additionally, the new rules in macOS 11 even hobble VPNs so that Apple apps will simply bypass them.

Not even VPNs can be used safely, Apple even bypasses them. What a ball move from them and total disregard by their customers.

No, Apple will never fix it, NEVER, instead they will doing more to lock you to them while don’t caring about what you say or by the matter to your privacy.

Why?

I was salesman in the past and one think I can guarantee you is that no matter what market you are in, the brand(s) that have the status can do whatever they want, that the majority of the clients will always forgive or ignore, because in the end what matter is the status. I seen this in cars, computers, phones, appliances, and I can go on…

1 Like

You could configure a VPN on the router I suppose - though that’s not really going to help any data making it’s way to them.

If it hurts their reputation, which goes on to impact sales, then I think it will. Profit is what drives most of these companies - we saw that when they abandoned pro users - they eventually came through with some nice products! Let’s hope the same thing happens here :smiley:

Don’t dream awake :wink:

The profit that this will affect on them is near to none, compared with the profit they get from all the data they get from you.

And the reactions I am seeing to this type of events in Apple just confirms what I say… people just say they will not stop using them.

Trust that when I am telling you that status in a brand is very powerful in the mind of people… In my professional life I have seen this for 3 decades in lots of different markets, and this attitude will never change from people as a whole.

The day that people have realized they totally lost control of their life’s will be to late to change, just give it some more decades… You are young, thus just mark my words and remember them when the time comes.

1 Like

Don’t give up before the battle has even been fought Paulo :person_fencing:

Anything is possible :smiling_imp:

Seriously tho, I don’t think status has much to do with - it might be a gateway for some people, but once they use Apple products and then compare them to others that’s when they truly appreciate what it is that people like about them.

If I could get the same (or better!) experience on Linux or some other open OS I would jump to it in a heartbeat, but the reality is that, in my experience at least, nothing comes close. (But I wish that wasn’t the case - real competition is healthy for people.)

1 Like

Well it looks like Jeffrey’s article wasn’t as accurate as it should have been…

https://forum.devtalk.com/t/does-apple-log-every-app-you-run-a-technical-look/4064

This looks related to this:

https://sigpipe.macromates.com/2020/macos-catalina-slow-by-design/

1 Like

I wouldn’t make a bet on your claim:

https://twitter.com/patrickwardle/status/1327726496203476992

1 Like

TL;DR

  • No, macOS does not send Apple a hash of your apps each time you run them.
  • You should be aware that macOS might transmit some opaque information about the developer certificate of the apps you run. This information is sent out in clear text on your network.
  • You shouldn’t probably block ocsp.apple.com with Little Snitch or in your hosts file.

https://blog.jacopo.io/en/post/apple-ocsp/

This thread was posted by one of our members via one of our automated news source trackers.

3 Likes

I am turning trustd back on for now.

Interestingly when I was using rubular.com earlier it was hanging a lot on requests sent to their site, turning trustd back on fixed it - so there certainly appears to be some sort of link there.