On November 12, Mac users complained that their computers were slow. This slowness coincided with the release of Big Sur, Apple's latest Mac update. At the same time, a glitch has broken the servers Apple uses for OCSP requests, the data packets that verify a computer's SSL certificate when it accesses online applications.
Whenever a user opens an application (even offline), that action is flagged and tracked by Apple's OCSP servers. This feature was introduced in Apple's Catalina update, but some tools (like Little Snitch) could be used to circumvent it.
Now, with Big Sur, there is no practical way for Mac owners to counter the feature. Apple (Apple shares with ticker: AAPL) has always said that privacy is at the heart of its mission, but these new revelations bring to light some flaws in data collection.
What's more, Apple's collection of data with Big Sur may not even be the main issue as these OCSP requests are transmitted in the clear, meaning the content can be read by any party that intercepts it.
Mac update allows offline activity recording
"In modern versions of macOS, you simply can't turn on your computer, start a text editor, and write or read without a log of your activity being sent and stored," hacker and security researcher Jeffrey wrote in a post. Paul.
He explained that he does not think that "Apple has bad intentions", but that its goal is to monitor malware and other illicit software on its devices. The problem is that these OCSP requests are not encrypted and therefore "vulnerable to passive monitoring".
This leaves the data open for collection and analysis by “large-scale passive monitoring organizations”. This type of concern has led to views against centralized servers for contact tracing in the EU.
Data protection solutions
For all Mac users hoping to escape surveillance, solutions will be sought out of Apple's reach. “MacOS Big Sur (version 11.0) allows traffic to bypass normal routing and firewall rules.
Which simply means that Little Snitch won't be able to monitor and block it, and not even a VPN can help or hide you. MacOS has now simply banned it. " Sean O'Brien, the lead researcher at ExpressVPN's Digital Security Lab, said that ultimately a VPN won't "prevent Apple from being able to collect this data, but it will at least protect users from other network intermediaries."
There is a way to disable the feature, although Paul said only MacOS experts should try it. “In reality, though, the first thing consumers can do to protect their privacy when using Apple devices is * never * use iCloud and not use iMessage,” continued Paul. ICloud data isn't encrypted, he said.
