Apple Addresses Privacy Concerns Surrounding App Authentication in macOS
Following the release of macOS Big Sur on Thursday, Mac users began to experience issues with opening apps while connected to the internet. Apple's system status page attributed the situation to issues with its Developer ID notary service, with developer Jeff Johnson specifying that there were connection issues with Apple's OCSP server.
Shortly after, security researcher Jeffrey Paul shared a blog post titled "Your Computer Isn't Yours," in which he raised privacy and security concerns related to Macs "phoning home" to Apple's OCSP server. In short, Paul said that the OCSP traffic that macOS generates is not encrypted and could potentially be seen by ISPs or even the U.S. military.
Apple has since responded to the matter by updating its "Safely open apps on your Mac" support document with new information, as noted by iPhoneinCanada. Here's the new "Privacy protections" section of the support document in full:
macOS has been designed to keep users and their data safe while respecting their privacy.
Gatekeeper performs online checks to verify if an app contains known malware and whether the developer's signing certificate is revoked. We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices.
Notarization checks if the app contains known malware using an encrypted connection that is resilient to server failures.
These security checks have never included the user's Apple ID or the identity of their device. To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs.
Apple clarifies that user-specific data is not harvested during the security check and that it plans on removing all IP information from the logs. In addition, it plans on introducing several changes to the system over the next year, including:
- a new encrypted protocol for Developer ID certificate revocation checks
- strong protections against server failure
- a new preference for users to opt out of these security protections
Some users have advocated blocking the traffic to Apple's authentication servers, but it appears that Apple will provide this option to end-users in the future as well.
Popular Stories
Apple today updated the 14-inch MacBook Pro base model with its new M5 chip, which is also available in updated iPad Pro and Vision Pro models.
In addition, the base 14-inch MacBook Pro can now be configured with up to 4TB of storage on Apple's online store, whereas the previous model maxed out at 2TB. However, the maximum amount of unified RAM available for this model remains 32GB.
Like...
Apple today announced the next-generation iPad Pro, featuring the custom-designed M5, C1X, and N1 chips.
The M5 chip has up to a 10-core CPU, with four performance cores and six efficiency cores. It features a next-generation GPU with Neural Accelerator in each core, allowing the new iPad Pro to deliver up to 3.5x the AI performance than the previous model, and a third-generation ray-tracing ...
Apple plans to announce new products "this week," according to Bloomberg's Mark Gurman.
Apple's "Mac Your Calendars" teaser last October
In his Power On newsletter today, Gurman said the products set to be updated this week include the iPad Pro, Vision Pro, and "likely" the base 14-inch MacBook Pro, with all three likely to receive a spec bump with Apple's next-generation M5 chip.
Gurman...
We didn't get a second fall event this year, but Apple did unveil updated products with a series of press releases that went out today. The M5 chip made an appearance in new MacBook Pro, Vision Pro, and iPad Pro models.
Subscribe to the MacRumors YouTube channel for more videos.
We've rounded up our coverage and highlighted the main feature changes for each device below.
MacBook Pro
M5...
Apple marketing chief Greg Joswiak today teased the launch of an upcoming product, saying "something powerful is coming" on social media.
Subscribe to the MacRumors YouTube channel for more videos.
A short animation accompanying Joswiak's teaser reveals a brief glimpse of a MacBook Pro along with the words "coming soon." The shape of the MacBook Pro is a V, which is the Roman numeral...
Apple's AirPods Max have now been available for almost five years, so what do we know about the second-generation version?
According to Apple supply chain analyst Ming-Chi Kuo, the new AirPods Max will be lighter than the current ones, but exactly how much is as yet known. The current AirPods Max weigh 0.85 pounds (386.2 grams), excluding the charging case, making it one of the heavier...
Apple today updated the Vision Pro headset with its next-generation M5 chip for faster performance, and a more comfortable Dual Knit Band.
The M5 chip has a 10-core CPU, a 10-core GPU with Neural Accelerators, and a 16-core Neural Engine, and we have confirmed the Vision Pro still has 16GB of RAM.
With the M5 chip, the Vision Pro offers faster performance and longer battery life compared...
Apple on Wednesday updated the 14-inch MacBook Pro, iPad Pro, and Vision Pro with its next-generation M5 chip, but previous rumors have indicated that the company still plans to announce at least a few additional products before the end of the year.
The following Apple products have at one point been rumored to be updated in 2025, although it is unclear if the timeframe for any of them has...
Apple is going to launch a new version of the MacBook Pro as soon as tomorrow, so we thought we'd go over what to expect from Apple's upcoming Mac.
M5 Chip
The MacBook Pro will be one of the first new devices to use the next-generation M5 chip, which will replace the M4 chip.
The M5 is built on TSMC's more advanced 3-nanometer process, and it will bring speed and efficiency improvements. ...
The new 14-inch MacBook Pro with an M5 chip does not include a charger in the box in European countries, including the U.K., Ireland, Germany, Italy, France, Spain, the Netherlands, Norway, and others, according to Apple's online store.
In the U.S. and all other countries outside of Europe, the new MacBook Pro comes with Apple's 70W USB-C Power Adapter, but European customers miss out....
