Apple Addresses Privacy Concerns Surrounding App Authentication in macOS

by

Following the release of macOS Big Sur on Thursday, Mac users began to experience issues with opening apps while connected to the internet. Apple's system status page attributed the situation to issues with its Developer ID notary service, with developer Jeff Johnson specifying that there were connection issues with Apple's OCSP server.

macosmojaveprivacy
Shortly after, security researcher Jeffrey Paul shared a blog post titled "Your Computer Isn't Yours," in which he raised privacy and security concerns related to Macs "phoning home" to Apple's OCSP server. In short, Paul said that the OCSP traffic that macOS generates is not encrypted and could potentially be seen by ISPs or even the U.S. military.

Apple has since responded to the matter by updating its "Safely open apps on your Mac" support document with new information, as noted by iPhoneinCanada. Here's the new "Privacy protections" section of the support document in full:

macOS has been designed to keep users and their data safe while respecting their privacy.

Gatekeeper performs online checks to verify if an app contains known malware and whether the developer's signing certificate is revoked. We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices.

Notarization checks if the app contains known malware using an encrypted connection that is resilient to server failures.

These security checks have never included the user's Apple ID or the identity of their device. To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs.

Apple clarifies that user-specific data is not harvested during the security check and that it plans on removing all IP information from the logs. In addition, it plans on introducing several changes to the system over the next year, including:

  • a new encrypted protocol for Developer ID certificate revocation checks
  • strong protections against server failure
  • a new preference for users to opt out of these security protections

Some users have advocated blocking the traffic to Apple's authentication servers, but it appears that Apple will provide this option to end-users in the future as well.

Top Rated Comments

dracarysar Avatar
dracarysar
15 weeks ago
The larger issue here in my opinion is that Apple is bypassing firewalls and vpn apps and exposing your public ip. If you go to the trouble of using a vpn to hide your traffic apple shouldn’t be bypassing those measures and broadcasting unencrypted packets.

Although this particular traffic is relatively harmless, the very idea that they thought that was a good design decision is disturbing.
Score: 70 Votes (Like | Disagree)
Kung gu Avatar
Kung gu
15 weeks ago
Good to see them addressing this and not keeping quiet!!
Score: 57 Votes (Like | Disagree)
jjjlevin Avatar
jjjlevin
15 weeks ago
im glad apple is actually responding to this. I half expected them to ignore it.
Score: 45 Votes (Like | Disagree)
DiscoToast Avatar
DiscoToast
15 weeks ago
Still hella sketchy. I still trust Apple more than any other big tech company... but honestly not by much.
Score: 33 Votes (Like | Disagree)
dracarysar Avatar
dracarysar
15 weeks ago

They didn't explain or acknowledge this at all.
Exactly, which is arguably worse because they are basically acting like that aspect wasn’t a big deal.
Score: 30 Votes (Like | Disagree)
Bandaman Avatar
Bandaman
15 weeks ago

The larger issue here in my opinion is that Apple is bypassing firewalls and vpn apps and exposing your public ip. If you go to the trouble of using a vpn to hide your traffic apple shouldn’t be bypassing those measures and broadcasting unencrypted packets.

Although this particular traffic is relatively harmless, the very idea that they thought that was a good design decision is disturbing.
They didn't explain or acknowledge this at all.
Score: 26 Votes (Like | Disagree)
Read All Comments

Top Stories

microsoft edge ios android

Bill Gates Says His Preference for Android Over iPhone is Due to Pre-Installed Software

Friday February 26, 2021 3:35 am PST by
Microsoft co-founder Bill Gates this week participated in his first meeting on Clubhouse, the increasingly popular invite-only conversation app, where he fielded a range of questions as part of an ongoing book tour. Gates was interviewed by journalist Andrew Ross Sorkin, and given that the Clubhouse app is currently only available on iOS, naturally one of the questions that came up was...
Read Full Article304 comments
Top Stories 47 Feature copy

Top Stories: MacBook Pro, iMac, and AirPods Rumors, macOS 11.2.2, MagSafe Wallet Revisited

Saturday February 27, 2021 6:00 am PST by
March is right around the corner, and that means our first good opportunity for Apple product launches in 2021 as the company frequently has significant launches in March or April each year. We're hearing rumors about MacBook Pro, iMac, AirPods, and more, although many of these will be coming out at different times over the course of the year. This week also saw a macOS update to address a ...
Read Full Article36 comments
iphone 6 in hand

Apple Faces Another iPhone Lawsuit Over 'Programmed Obsolescence'

Monday March 1, 2021 6:44 am PST by
Apple faces a new class-action lawsuit that accuses it of deliberately releasing iOS updates that slowly reduce the performance of an iPhone, forcing customers to upgrade their devices. The lawsuit comes from the Portuguese Consumer Protection Agency, Deco Proteste (via Marketeer), which in a statement says that it will proceed with a case against the Cupertino tech giant because it...
Read Full Article250 comments
maxresdefault

HomeKit Essentials Worth Checking Out

Saturday February 27, 2021 7:05 am PST by
HomeKit was slow to take off after its 2014 launch, but now that it's been around for seven years, there are hundreds of HomeKit products available, ranging from doorbells and speakers to TVs, lights, and cameras. In our latest YouTube video, we rounded up some of our favorite HomeKit products that we find most useful. Subscribe to the MacRumors YouTube channel for more videos. HomePod...
Read Full Article124 comments
First Look Big Sur Feature2

Apple Releases macOS Big Sur 11.2.2 to Prevent MacBooks From Being Damaged by Third-Party Non-Compliant Docks

Thursday February 25, 2021 10:07 am PST by
Apple today released macOS Big Sur 11.2.2, the fourth update to the macOS Big Sur operating system that launched in November. macOS Big Sur 11.2.2 comes two weeks after the release of macOS Big Sur 11.2.1, a bug fix update. The new ‌‌‌‌macOS Big Sur‌‌‌ 11.2.2‌ update can be downloaded for free on all eligible Macs using the Software Update section of System Preferences....
Read Full Article245 comments
iphone 12 pro display video

iPhone 13 to Include 1TB Storage Option and LiDAR Across the Board, Says Wedbush Analyst

Monday March 1, 2021 4:00 am PST by
Apple's forthcoming iPhone 13 could include a 1TB storage option for some models and LiDAR Scanners across the entire lineup, according to a report from Wedbush analysts. In a new note to investors, seen by MacRumors, Wedbush analyst Daniel Ives said that initial Asian supply chain checks gave the firm "increased confidence" that Apple's 5G-driven product cycle would extend well into 2022,...
Read Full Article79 comments
flat mbp 14 inch feature yellow

Redesigned 14-Inch MacBook Pro Expected to Feature Brighter Mini-LED Display With Slimmer Bezels and More

Thursday February 25, 2021 7:48 am PST by
Apple plans to unveil new 14-inch and 16-inch MacBook Pro models with Mini-LED-backlit displays in the second half of this year, according to industry sources cited by Taiwanese supply chain publication DigiTimes. The report claims that Radiant Opto-Electronics will be the exclusive supplier of the Mini-LED backlight units, while Quanta Computer is said to be tasked with final assembly of the...
Read Full Article206 comments
mac mini developer transition kit photo feature

Apple Requiring Developers to Return DTK Mac Minis by March 31

Friday February 26, 2021 3:57 pm PST by
Apple today sent out emails to developers who are in possession of a Developer Transition Kit, asking them to return the machines by March 31. The Developer Transition Kits are Mac minis with A12Z chips that Apple provided for development purposes ahead of the release of the M1 Macs. Apple in the emails provided developers with shipping instructions, and plans to begin collecting the DTKs...
Read Full Article170 comments
iphone 12 120hz thumbnail feature

Kuo: iPhone 13 Lineup to Feature Smaller Notch and Larger Batteries, 120Hz Display for Pro Models, and More

Monday March 1, 2021 7:50 am PST by
iPhone 13 models will all feature a smaller notch, while the two Pro models will be equipped with low-power LTPO display technology for a 120Hz refresh rate, analyst Ming-Chi Kuo said today in a research note obtained by MacRumors. Several other sources have previously claimed that some iPhone 13 models will support a 120Hz refresh rate, including display industry analyst Ross Young, leakers ...
Read Full Article77 comments
unc0ver version 6 release

Jailbreak Tool 'unc0ver' 6.0.0 Released With iOS 14.3 Compatibility

Sunday February 28, 2021 9:26 am PST by
The team behind the "unc0ver" jailbreaking tool for iOS has released version 6.0.0 of its software, which can allegedly be used to jailbreak any device running iOS 11.0 through iOS 14.3 using a kernel vulnerability. The unc0ver website describes how the tool has been extensively tested across a range of iOS devices running various software versions, including an iPhone 12 Pro Max running iOS ...
Read Full Article89 comments