Whenever a user opens an application (even offline), that action is flagged and tracked by Apple's OCSP servers. This feature was introduced in Apple's Catalina update, but some tools (like Little Snitch) could be used to circumvent it.
Now, with Big Sur, there is no practical way for Mac owners to counter the feature. Apple (Apple shares with ticker: AAPL) has always said that privacy is at the heart of its mission, but these new revelations bring to light some flaws in data collection.
What's more, Apple's collection of data with Big Sur may not even be the main issue as these OCSP requests are transmitted in the clear, meaning the content can be read by any party that intercepts it.
"In modern versions of macOS, you simply can't turn on your computer, start a text editor, and write or read without a log of your activity being sent and stored," hacker and security researcher Jeffrey wrote in a post. Paul.
He explained that he does not think that "Apple has bad intentions", but that its goal is to monitor malware and other illicit software on its devices. The problem is that these OCSP requests are not encrypted and therefore "vulnerable to passive monitoring".
This leaves the data open for collection and analysis by “large-scale passive monitoring organizations”. This type of concern has led to views against centralized servers for contact tracing in the EU.
For all Mac users hoping to escape surveillance, solutions will be sought out of Apple's reach. “MacOS Big Sur (version 11.0) allows traffic to bypass normal routing and firewall rules.
Which simply means that Little Snitch won't be able to monitor and block it, and not even a VPN can help or hide you. MacOS has now simply banned it. " Sean O'Brien, the lead researcher at ExpressVPN's Digital Security Lab, said that ultimately a VPN won't "prevent Apple from being able to collect this data, but it will at least protect users from other network intermediaries."
There is a way to disable the feature, although Paul said only MacOS experts should try it. “In reality, though, the first thing consumers can do to protect their privacy when using Apple devices is * never * use iCloud and not use iMessage,” continued Paul. ICloud data isn't encrypted, he said.
Cryptocurrencies have revolutionized the world of economics and investment, offering a decentralized alternative to traditional…
Milkomedia-C1 announced the integration of the DJed stablecoin network on its platform. Milkomeda C1, a…
Cryptocurrencies have gained immense popularity over the last decade, attracting investors from all over the world. However,…
The former cryptocurrency exchange FTX was based in the Bahamas. The island nation has not been…
As Shiba Inu adoption skyrockets, the memecoin and the entire Shiba ecosystem…
The adoption of digital currencies such as Bitcoin has continued to grow unabated. Many…