Apple Addresses Privacy Concerns Surrounding App Authentication in macOS
Following the release of macOS Big Sur on Thursday, Mac users began to experience issues with opening apps while connected to the internet. Apple's system status page attributed the situation to issues with its Developer ID notary service, with developer Jeff Johnson specifying that there were connection issues with Apple's OCSP server.
Shortly after, security researcher Jeffrey Paul shared a blog post titled "Your Computer Isn't Yours," in which he raised privacy and security concerns related to Macs "phoning home" to Apple's OCSP server. In short, Paul said that the OCSP traffic that macOS generates is not encrypted and could potentially be seen by ISPs or even the U.S. military.
Apple has since responded to the matter by updating its "Safely open apps on your Mac" support document with new information, as noted by iPhoneinCanada. Here's the new "Privacy protections" section of the support document in full:
macOS has been designed to keep users and their data safe while respecting their privacy.
Gatekeeper performs online checks to verify if an app contains known malware and whether the developer's signing certificate is revoked. We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices.
Notarization checks if the app contains known malware using an encrypted connection that is resilient to server failures.
These security checks have never included the user's Apple ID or the identity of their device. To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs.
Apple clarifies that user-specific data is not harvested during the security check and that it plans on removing all IP information from the logs. In addition, it plans on introducing several changes to the system over the next year, including:
- a new encrypted protocol for Developer ID certificate revocation checks
- strong protections against server failure
- a new preference for users to opt out of these security protections
Some users have advocated blocking the traffic to Apple's authentication servers, but it appears that Apple will provide this option to end-users in the future as well.
Related Stories
Apple recently updated its website to indicate that an upcoming iOS 15 and watchOS 8 feature that will let you add your driver's license or state ID to your iPhone and Apple Watch in participating U.S. states has been delayed until early 2022. Apple previously said the feature would launch in late 2021.
In September, Apple said Arizona and Georgia would be among the first states to introduce ...
Facebook today announced a new "Privacy Center" section on its website on the desktop. This new area will offer users a "new place to learn more about our approach to privacy across our apps and technologies" and "provides helpful information about five common privacy topics," Meta announced today in a press release.
The new Privacy Center, rolling out to a small pool of Facebook users in...
watchOS 8.5 fixes a security vulnerability in the Mail app that could leak a user's IP address when downloading remote content, security researchers have found.
Last year, it emerged that Apple's Mail Privacy Protection feature was undermined by a lack of Apple Watch support. Mail Privacy Protection was a new feature introduced with iOS 15, iPadOS 15, and macOS Monterey that hides your IP...
Earlier today, Apple announced that it had filed suit against NSO Group, the firm responsible for the Pegasus spyware that has been used in state-sponsored surveillance campaigns in a number of countries. NSO Group seeks to take advantage of vulnerabilities in iOS and other platforms to infiltrate the devices of targeted users such as journalists, activists, dissidents, academics, and government...
The security provided by Apple's Mail Privacy Protection feature is seemingly undermined by a lack of Apple Watch support, security researchers have found.
Mail Privacy Protection is a new feature introduced with iOS 15, iPadOS 15, and macOS Monterey that hides your IP address so senders are not able to determine your location or link email habits to your other online activity. It also...
Apple today released macOS Big Sur 11.6.1, a minor update to the macOS Big Sur operating system that first came out in November 2020. macOS Big Sur 11.6.1 comes roughly six weeks after the launch of macOS Big Sur 11.6.
The new macOS Big Sur 11.6.1 update can be downloaded to all eligible Macs using the Software Update section of System Preferences....
U.S. bills that would require major changes to the App Store would ultimately cause consumers to be targeted with malware, ransomware, and scams, Apple's Senior Director of Government Affairs Timothy Powderly said in a letter that was sent today to the Senate Judiciary Committee and that was obtained by MacRumors. Apple sent the letter as the Judiciary Committee prepares to consider the Amer...
Monday November 22, 2021 6:32 am PST by
Sami FathiFacebook, now rebranded to "Meta," is delaying plans to use end-to-end encryption for Messenger and Instagram messages until at least 2023, a year later than the previous deadline promised by the social media behemoth. Writing in The Telegraph, Meta's head of global safety, Antigone Davis, said that the company is pushing back its deadline to roll out end-to-end encryption as the default...
Popular Stories
Upon the release of the second-generation AirPods Pro, the AirPods Max became the oldest current-generation AirPods product still in Apple's lineup. Introducing several new features like Adaptive Transparency and the H2 chip, the second-generation AirPods Pro may provide some of the best indications yet of what to expect from the second-generation AirPods Max.
Almost two years later, rumors...
The Apple Watch Series 8 and Apple Watch Ultra are now available to purchase, but if you aren't interested in these updates you can save a lot of money on Series 7 models right now on Amazon.
Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.
The best deals are on cellular...
Apple today released iOS 16.0.2, addressing a number of bugs that iPhone 14 owners have been experiencing since the new devices launched. iOS 16.0.2 comes two weeks after the launch of iOS 16, and it follows iOS 16.0.1, an update made available to iPhone 14 owners on launch day. The update is available for all iPhones that are capable of running iOS 16.
The iOS 16.0.2 update can be...
Apple plans to release new MacBook Pro models in the fourth quarter of 2022, according to supply chain publication DigiTimes. The report does not mention specific models, but it very likely refers to the next-generation 14-inch and 16-inch MacBook Pros given that the 13-inch model was already updated earlier this year.
There has been uncertainty surrounding the timing of new 14-inch and...
Sunday September 25, 2022 6:50 am PDT by
Sami FathiApple may decide to release its remaining products for 2022, which include updated iPad Pro, Mac mini, and 14-inch and 16-inch MacBook Pro models, through press releases on its website rather than a digital event, according to Bloomberg's Mark Gurman. In his latest Power On newsletter, Gurman said that Apple is currently "likely to release its remaining 2022 products via press releases,...
Thursday September 22, 2022 7:57 am PDT by
Sami FathiA copycat version of the iPhone 14 Pro's Dynamic Island has arrived on Android's Google Play Store in the form of an app called "dynamicSpot."
The app, still in beta, offers customers several different experiences at the top of their smartphones. In its current form, dynamicSpot offers playback control for songs, timers, battery status, and more features coming soon, according to the app's...
Friday September 23, 2022 9:40 am PDT by
Sami FathiCustomers who personalize their second-generation AirPods Pro charging case with an engraving will now have that engraving reflected directly on iOS as they pair and connect their AirPods Pro. Apple allows customers to personalize their AirPods Pro charging case with a special engraving that can include select emojis and Memojis. Unlike before, starting with the second-generation AirPods...
With new Apple Watch Ultra and Series 8 models now in the hands of customers, Apple has brought a host of smart new features to many people's wrists. But there's more to come. Apple has a handful of additional features in store for Apple Watch Series 8 and Apple Watch Ultra owners before the year's end, and some of them are watchOS 9 functions, which means they will even work on older Apple ...
Apple today explained why the new silicone ear tips for the second-generation AirPods Pro are not officially compatible with the original AirPods Pro.
In an updated support document, Apple said the original AirPods Pro ear tips have "noticeably denser mesh" than the second-generation ear tips. Apple did not provide any additional details, but the mesh density could result in acoustical...
Top Rated Comments
Although this particular traffic is relatively harmless, the very idea that they thought that was a good design decision is disturbing.