Apple’s Big Sur is a hidden trojan
Apple, I wish you’d care about privacy more
Many of us have been affected by MacOS’s outage today. According to this ArsTechnica article, other services like Apple Pay, Messages, and even Apple TV devices faced slowdowns too.
What happened?
Bugs like this just reveal what systems actually do under the hood. Usually, apps like Little Snitch help us on a daily basis to see what information is leaving our personal computers.
But according to some architectural decisions, MacOS Big Sur (version 11.0) allows traffic to bypass usual routing and firewall rules. Which simply means Little Snitch won’t be able to monitor and block this, and neither can a VPN be able to help or hide you. MacOS has now simply forbidden it.
I would say “I could care less — it’s an OS level process and API, why should the user be able to control it?” but.. I would also not agree to it unless implemented properly, because;
- It’s unencrypted, meaning Apple is sharing some info to some 3rd parties: to your WIFI peers, ISP, CDNs, etc.
- Information like your library of apps, and your’s IP fingerprint: Date, Time, Computer, ISP, City, State, Application Hash
I believe (or hope) that Apple’s intention is good, and that they only aim to increase our security with this approach by improving notarisation of developer signed applications;
“Apple uses certificate stapling to help streamline the process of having millions of Apple devices checking the validity of millions and millions of certificates every day”
But really, unencrypted? Apple — I wish they would care about their user’s privacy more. I remember the time when Apple was pioneering privacy the right way — transparent location sharing, user notifications, etc.
My conclusion — neither MysteriumVPN, nor other VPNs can prevent this, as it’s handled on a hardware level.
I hope they will fix this, or in the meantime, we can use a dVPN to at least mask my IP, which should help with these 3rd party cases:
1. These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables.
2. These requests go to a third-party CDN run by another company, Akamai.
But it certainly will not prevent Apple from identifying my behaviour on my computer, if they really want to.
