Welcome to the Brave New World @AMAZON of Apple macOS Big Sur. Or is it “macOS Big Sure”, as in “we are sure we know all about when and where you use your Mac”?
The propaganda that Apple has been promulgating about respecting user privacy and security are now laid bare for the world to see. All goodwill that Apple has EVER generated with respect to privacy is obliterated by this new spyware in macOS Big Sur. Bound into the innards of macOS Big Sur so securely that programs like Little Snitch cannot block it.
Totalitarian states will just love this new spyware “feature”.
Has this spyware has been backported? Meaning, did recent security updates to macOS Mojave really bake-in spyware as part of the update? Dunno, but this may have been going on for two years.
12 November 2020
...in the current version of the macOS, the OS sends to Apple a hash (unique identifier) of each and every program you run, when you run it. Lots of people didn’t realize this, because it’s silent and invisible and it fails instantly and gracefully when you’re offline, but today the server got really slow and it didn’t hit the fail-fast code path, and everyone’s apps failed to open if they were connected to the internet.
Because it does this using the internet, the server sees your IP, of course, and knows what time the request came in. An IP address allows for coarse, city-level and ISP-level geolocation, and allows for a table that has the following headings:
Date, Time, Computer, ISP, City, State, Application Hash
Apple (or anyone else) can, of course, calculate these hashes for common programs: everything in the App Store, the Creative Cloud, Tor Browser, cracking or reverse engineering tools, whatever.
This means that Apple knows when you’re at home. When you’re at work. What apps you open there, and how often. They know when you open Premiere over at a friend’s house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city.
Well, it’s not just Apple. This information doesn’t stay with them:
- These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables.
- These requests go to a third-party CDN run by another company, Akamai.
- Since October of 2012, Apple is a partner in the US military intelligence community’s PRISM spying program, which grants the US federal police and military unfettered access to this data without a warrant, any time they ask for it. In the first half of 2019 they did this over 18,000 times, and another 17,500+ times in the second half of 2019
This data amounts to a tremendous trove of data about your life and habits, and allows someone possessing all of it to identify your movement and activity patterns. For some people, this can even pose a physical danger to them.
Let’s not think very much right now about the additional fact that Apple can, via these online certificate checks, prevent you from launching any app they (or their government) demands be censored.
Was Apple really this wantonly incompetent, or did they get caught and now realize they got caught Toobinating things?
The good news is that Apple has, just today, publicly committed, presumably in response to this page, to:
- deleting the IP logs
- encrypting the communication between macOS and Apple to prevent the privacy leak
- giving users an option of disabling these online checks that leak what apps you’re opening and when.
They use deliberately confusing language here to lead you into conflating Gatekeeper with Notarization, so that you will believe that the connections are currently encrypted, while not lying. The Gatekeeper OCSP checks described in this post (“Gatekeeper performs online checks”) are not encrypted. (The notarization ones, which aren’t relevant here, are.)
Apple’s spin doctors are among the best in the world, and my hat’s off to them.
...It sucks that they’ve let the NSA, CIA, your ISP, et al slurp up this unencrypted pattern-of-life data off the wire for the last 2+ years, and they’re still going to transmit the data (encrypted) to Apple in realtime, on by default every single mac, but at least the 0.01% of mac users who know about it now can turn it off, so Apple will only get a realtime log of what apps you open, when, and where for the other 99.99% of mac users. Cool.
This is, sadly, about as close as you can possibly get to a “we fucked up” from Apple PR: they’re deleting their IP logs, encrypting their shit, and letting you turn it off. This is great, but they have remained totally silent on the fact that their OS apps will still bypass your firewall and leak your IP and location past your VPN on Big Sur and how they’re still not fixing the key escrow backdoor in iMessage’s encryption so Apple sysadmins and the FBI can keep seeing your nudes and texts in iMessage.
In short, the knowledgeable user can have better privacy, but no one else will and Apple has not committed to real privacy. Shame on Apple, and this all falls on Tim Cook.
Related: your iCloud backups that not private , iMessage is not private
In other news, Apple has quietly backdoored the end-to-end cryptography of iMessage. Presently, modern iOS will prompt you for your Apple ID during setup, and will automatically enable iCloud and iCloud Backup.
iCloud Backup is not end to end encrypted: it encrypts your device backup to Apple keys. Every device with iCloud Backup enabled (it’s on by default) backs up the complete iMessage history to Apple, along with the device’s iMessage secret keys, each night when plugged in. Apple can decrypt and read this information without ever touching the device. Even if you have iCloud and/or iCloud Backup disabled: it’s likely that whoever you’re iMessaging with does not, and that your conversation is being uploaded to Apple (and, via PRISM, freely available to the US military intelligence community, FBI, et al—with no warrant or probable cause).
...the company did not want to risk being attacked by public officials for protecting criminals, sued for moving previously accessible data out of reach of government agencies or used as an excuse for new legislation against encryption.
“They decided they weren’t going to poke the bear anymore,” the person said, referring to Apple’s court battle with the FBI in 2016 over access to an iPhone used by one of the suspects in a mass shooting in San Bernardino, California.
...Apple’s iCloud, on the other hand, can be searched in secret. In the first half of last year, the period covered by Apple’s most recent semiannual transparency report on requests for data it receives from government agencies, U.S. authorities armed with regular court papers asked for and obtained full device backups or other iCloud content in 1,568 cases, covering about 6,000 accounts.
..Had it proceeded with its plan, Apple would not have been able to turn over any readable data belonging to users who opted for end-to-end encryption.
With FISA court abuses a national scandal, Apple is cooperating?