phil_stracchino@pluspora.com
Phil Stracchino

Macos 11: Big Sur Panopticon

Jeffrey Paul: Your Computer Isn't Yours

https://sneak.berlin/20201112/your-computer-isnt-yours/

MacOS phones home to Apple every time you open an application, reporting what application you opened, on what computer, at what time, where you were when you opened it, what ISP you were connected through at the time. These tattles are transmitted, unencrypted, via Akamai, and Apple gives US federal police and military full and unrestricted access to this data at any time, without a warrant.

Now, it’s been possible up until today to block this sort of stuff on your Mac using a program called Little Snitch (really, the only thing keeping me using macOS at this point). In the default configuration, it blanket allows all of this computer-to-Apple communication, but you can disable those default rules and go on to approve or deny each of these connections, and your computer will continue to work fine without snitching on you to Apple.

The version of macOS that was released today, 11.0, also known as Big Sur, has new APIs that prevent Little Snitch from working the same way. The new APIs don’t permit Little Snitch to inspect or block any OS level processes. Additionally, the new rules in macOS 11 even hobble VPNs so that Apple apps will simply bypass them.

The daemon that does this is MacOS 11's new ContentFilterExclusionList, meaning that it cannot be blocked by any user-controlled firewall or VPN. That list also includes CommCenter (the tool that lets you make phone calls from your Mac) and Maps.

Those shiny new Apple Silicon macs that Apple just announced, three times faster and 50% more battery life? They won’t run any OS before Big Sur.

[...]

Your computer now serves a remote master, who has decided that they are entitled to spy on you. If you’ve the most efficient high-res laptop in the world, you can’t turn this off.

Apple can ALSO, via online certificate checks, prevent you from launching any application it doesn't want you to open — or is told not to let you open. And the article goes on to explain how all of your iMessage traffic is captured as well, via insecure iCloud backups.

Apple products have been problematic from a privacy standpoint for a long time. I think MacOS just graduated from "problematic" to "nightmare".

Perhaps they should have called it "Big Sir".

#code #security #privacy #panopticon

1

There are no comments yet.