Clicky

Apple’s MacOS caught sending user data to Apple every time an app is opened

Apple's supposed commitment to privacy falls short.

Tired of censorship and surveillance?

Defend free speech and individual liberty online. Push back against Big Tech and media gatekeepers. Subscribe to Reclaim The Net.

Last week, as Apple’s servers were under stress from the downloads of its latest Mac operating system update, Big Sur, many Mac users were finding that they weren’t able to open any apps on their laptops and desktops.

It soon became apparent that when a user opens an app on Mac, Apple’s own servers get pinged for authentication. Yet, with Apple’s servers under heavy load, this couldn’t take place and users were unable to open programs.

Click here to display content from Twitter.
Learn more in Twitter’s privacy policy.

Of all the tech companies failing on their original promise and message (and that includes stiff competition from Google’s “Don’t be evil” slogan from its early days), Apple seems to have had the most fascinating negative story arc.

It went from emerging as basically “alt tech” of the day, cementing this image with the famed “1984” commercial that showed a dystopian future where Apple was the antidote to tech monopolies (it was IBM back then) – to, in 2020, silently tracking every move users of its operating system, MacOS, make.

Security researcher Jeffrey Paul writes about this to explain that a unique identifier of every program launched when the computer is connected to the internet is sent to Apple, when a user’s IP becomes visible on the giant’s servers receiving this information.

Other than what program was launched, Apple in this way also knows when, and can geo-locate that user at ISP and city level.

“This means that Apple knows when you’re at home. When you’re at work. What apps you open there, and how often. They know when you open Premiere over at a friend’s house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city,” Paul writes.

The situation somehow manages to get even worse, because the Online Certificate Status Protocol (OCSP) requests in question are unencrypted and therefore visible to anyone who has access to the network, starting with the user’s ISP.

And then, these requests “go to a third-party CDN run by another company, Akamai” – while the data Apple has access to is also available without a warrant to US law enforcement and military, since Apple is a member of the PRISM program or its modern-day equivalent.

Users who wanted to block this behavior were until recently able to use “Little Snitch” – a program that allowed disabling transmission of this information from people’s computers to Apple. But macOS 11.0 (“Big Sur”) “has new APIs that prevent Little Snitch from working the same way,” the report reveals.

“Your computer isn’t yours,” the headline of Paul’s piece said. True enough if you use Apple’s proprietary software and participate in its walled garden “ecosystem.” But your computer can still be yours if you run Linux on it. There’s no guarantee that all sorts of nefarious stuff can’t be sneaked into its code, too – but at least Linux is open source, that can be audited and freely modified for security or functionality by its users, at all levels of the system.

If you're tired of censorship and dystopian threats against civil liberties, subscribe to Reclaim The Net.

Tired of censorship and surveillance?

Defend free speech and individual liberty online. Push back against Big Tech and media gatekeepers. Subscribe to Reclaim The Net.

Read more

Share