Your Mac Isn't Yours - worse, it spies on you and sends it home unencrypted

You can’t do anything in the new OS.

Or you can do, but you need to ditch Apple to the curb.

2 Likes

Hopefully it is something they will fix, lots of people talking about it:

https://twitter.com/patrickwardle/status/1318437929497235457

Maybe it’s time we all start using Linux… on our Macs with Apple’s T2 chip - who knows what else it is doing :rofl:

The Apple T2 Security Chip is Apple’s second-generation, custom silicon for Mac. By redesigning and integrating several controllers found in other Mac computers – such as the System Management Controller, image signal processor, audio controller and SSD controller – the T2 chip delivers new capabilities to your Mac.

For example, the T2 chip enables a new level of security by including a secure enclave coprocessor that secures Touch ID data and provides the foundation for new encrypted storage and secure boot capabilities. And the T2 chip’s image signal processor works with the FaceTime HD camera to enable enhanced tone mapping, improved exposure control and face detection-based auto-exposure and auto-white balance.

There’s no mention about Apple being able to bypass LS… maybe we need Objective Development to comment on whether Little Snitch will be able to filter ALL network access in Big Sur like it always has…

This is pretty well documented at this point - I suspect Objective Development doesn’t want to publicly bite the hand that feeds and/or advertise that it’s less useful than before.

If you’re still looking to block Apple traffic, you’ll need to also incorporate a packet-filter-based firewall. I know Murus does this; there’s probably others, too.

That said, it’s not as nice or convenient an experience – packet filters have no idea what application is trying to call out, just packet-specific things like the IP address, port, protocol, etc. I’d still keep something like Little Snitch and just use Murus for what it can’t block.

I’m not all that sure I personally care so strongly – if I did set up a packet filter it’d just be out of pigheadedness and spite – but I’m waiting a month or two to upgrade. Perhaps my thinking will change.

1 Like

This did cross my mind as well. Nevertheless I might email them to find out for sure when their next version is out - I think we should know if we’re getting the protection we think we are, especially if we have to pay an upgrade fee or buy a new license.

I am hoping Apple will fix it… perhaps they will after all this negative publicity?

@pragdave already does it, and many others.

The article I linked says that the new Mac API’s make it impossible for LS to do anything:

The version of macOS that was released today, 11.0, also known as Big Sur, has new APIs that prevent Little Snitch from working the same way. The new APIs don’t permit Little Snitch to inspect or block any OS level processes. Additionally, the new rules in macOS 11 even hobble VPNs so that Apple apps will simply bypass them.

Not even VPNs can be used safely, Apple even bypasses them. What a ball move from them and total disregard by their customers.

No, Apple will never fix it, NEVER, instead they will doing more to lock you to them while don’t caring about what you say or by the matter to your privacy.

Why?

I was salesman in the past and one think I can guarantee you is that no matter what market you are in, the brand(s) that have the status can do whatever they want, that the majority of the clients will always forgive or ignore, because in the end what matter is the status. I seen this in cars, computers, phones, appliances, and I can go on…

1 Like

You could configure a VPN on the router I suppose - though that’s not really going to help any data making it’s way to them.

If it hurts their reputation, which goes on to impact sales, then I think it will. Profit is what drives most of these companies - we saw that when they abandoned pro users - they eventually came through with some nice products! Let’s hope the same thing happens here :smiley:

Don’t dream awake :wink:

The profit that this will affect on them is near to none, compared with the profit they get from all the data they get from you.

And the reactions I am seeing to this type of events in Apple just confirms what I say… people just say they will not stop using them.

Trust that when I am telling you that status in a brand is very powerful in the mind of people… In my professional life I have seen this for 3 decades in lots of different markets, and this attitude will never change from people as a whole.

The day that people have realized they totally lost control of their life’s will be to late to change, just give it some more decades… You are young, thus just mark my words and remember them when the time comes.

1 Like

Don’t give up before the battle has even been fought Paulo :person_fencing:

Anything is possible :smiling_imp:

Seriously tho, I don’t think status has much to do with - it might be a gateway for some people, but once they use Apple products and then compare them to others that’s when they truly appreciate what it is that people like about them.

If I could get the same (or better!) experience on Linux or some other open OS I would jump to it in a heartbeat, but the reality is that, in my experience at least, nothing comes close. (But I wish that wasn’t the case - real competition is healthy for people.)

1 Like

Well it looks like Jeffrey’s article wasn’t as accurate as it should have been…

https://forum.devtalk.com/t/does-apple-log-every-app-you-run-a-technical-look/4064

This looks related to this:

https://sigpipe.macromates.com/2020/macos-catalina-slow-by-design/

1 Like

I wouldn’t make a bet on your claim:

https://twitter.com/patrickwardle/status/1327726496203476992

1 Like

TL;DR

  • No, macOS does not send Apple a hash of your apps each time you run them.
  • You should be aware that macOS might transmit some opaque information about the developer certificate of the apps you run. This information is sent out in clear text on your network.
  • You shouldn’t probably block ocsp.apple.com with Little Snitch or in your hosts file.

https://blog.jacopo.io/en/post/apple-ocsp/

This thread was posted by one of our members via one of our automated news source trackers.

3 Likes

I am turning trustd back on for now.

Interestingly when I was using rubular.com earlier it was hanging a lot on requests sent to their site, turning trustd back on fixed it - so there certainly appears to be some sort of link there.

Check this:

1 Like

There are certainly questions that need to be answered by Apple.

I commented myself a while back how my fairly new MBP began to slow, and I guess this is to blame.

If you are a little bit cynical, you might be forgiven for thinking Apple will be able to use tactics like this to purposely slow down older macs - prompting people to upgrade more often. Maybe they are doing this already with the iPhone, as they certainly seem to get that little bit slower every 6 months or so…

A recent statement from Apple regarding these concerns:

In addition, over the the next year we will introduce several changes to our security checks:

  • A new encrypted protocol for Developer ID certificate revocation checks
  • Strong protections against server failure
  • A new preference for users to opt out of these security protections

:nerd_face:

A fairly good summary of events here for anyone who just wants to read a single article on the topic:

1 Like

It’s been removed :+1:

macOS Big Sur 11.2 beta 2, which was released yesterday, eliminates a feature that allowed Apple apps bypass third-party firewalls, security tools, and VPN apps, according to reports from ZDNet and security researcher Patrick Wardle.

‌macOS Big Sur‌ 11 included a ContentFilterExclusionList that let Apple’s apps like the App Store, Maps, iCloud, and more to avoid firewall and VPN apps that users had installed. These apps were not able to filter or inspect traffic for some built-in Apple apps.

Security researchers believed that the feature, found last October, was a major security risk as malware could be designed to latch on to a legitimate Apple app and bypass security software. Users who had VPNs installed also risked exposing their real IP address and location to Apple’s apps.

Facebook has created a new screen in its iOS app that will urge people to allow it to continue stalking their online activities for targeted advertising.

This is in response to Apple preparing to introduce a prompt that asks users whether or not they want to grant Facebook’s software permission to track them when they use other apps and websites.

I like this move from Apple :slight_smile:

1 Like