See this blog post. Was reported on 9to5 Mac. I wondered what people’s thoughts were on this. Seems concerning to me...
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Privacy concerns with Silicon Macs
- Thread starter Macintosh101
- Start date
- Sort by reaction score
In any kind of security scheme, there has to be a trusted party. If you care about software security, there has to be an agency that verifies signatures and synchronizes certificates. The question is, do you trust Apple to do this or not? If not, you shouldn’t use Apple products.
Apple is aggressively moving forwards with their security policies. Personally, I don‘t have any problem with that. If I wanted to tinker I’ll buy a Raspberry Pi.
By the way, I call BS on “every time you open an app macOS calls home”. More likely there is a local database that is checked first and only in some cases does the data gets synchronized.
Nice of Jeffrey to write a bunch of scare tactics to scare the ignorant.
Another thread was started on this: https://forums.macrumors.com/threads/apple-spying-on-you-with-apple-silicon.2267897/
It is worrisome. If I’ve downloaded an app from Apple's App Store, that should be security enough. Apple shouldn't be tracking me every time I open an app, when I use it, for how long, logging where I am, my ISP, etc.
Worse, as the article points out, the data transmission is *unencrypted* and available to the NSA'S PRISM program — meaning it's not just Apple that has access to it!
Finally, even the concerns are being hyped in some quarters or worries overdrawn by some, it hurts Apple reputation and branding as the guardian of people's privacy!
It is worrisome. If I’ve downloaded an app from Apple's App Store, that should be security enough. Apple shouldn't be tracking me every time I open an app, when I use it, for how long, logging where I am, my ISP, etc.
Worse, as the article points out, the data transmission is *unencrypted* and available to the NSA'S PRISM program — meaning it's not just Apple that has access to it!
Finally, even the concerns are being hyped in some quarters or worries overdrawn by some, it hurts Apple reputation and branding as the guardian of people's privacy!
This is pretty concerning, if true. I appreciate Apple will say it's about avoiding malware, but it's absolutely not OK to collect this level of data without informed consent.
Isn't that the whole point of the app store and making people jump through hoops to install apps from outside of it? If I've already got my apps from a supposedly secure source, why does Apple need to regularly reverify it before I can use the same app that was fine the last time they checked, and why do they need to log that information? This isn't me being snarky or facetious, I'm genuinely asking what the possible benefit to me as a user is?
If true this revelation is an outrageous breach of trust. Why would anybody actually trust Apple with this information? It is not that Apple is inherently more trustworthy than any other big tech firm like Goggle or Microsoft. But even if it is more trustworthy for some, those people have no reason to trust Akamai, who apparantly receives the information unencrypted per the report. I personally do not think there is any justification whatsoever for this kind of intrusive non-stop surveillance without a warrant.
This is a silly thing to worry about. In any signature scheme, there is a trusted entity that checks the signature.
Do you understand what a warrant is? Because if you do, you realize that what you just said is nonsense.
Well, Louis Rossman does not think it is "a silly thing to worry about." He seems to suggest that there is a lot more going on than simple signature confirmation.
Until a server crumbles somewhere and now your apps don't launch for seemingly no reason. I know it's rare, but surely they should have planned for that eventuality.
Of course he doesn’t, he makes a living bashing Apple.
Huh? At least some folks regularly use their computers when not connected to the Internet. I know it might baffle the imagination in today's age, but it still happens frequently.
What? The video splash page (or whatever the name is) surely indicates a calm rational discussion of the topic, right?
Sure, I work away from wifi every now and then, but that's not really the norm.Huh? At least some folks regularly use their computers when not connected to the Internet. I know it might baffle the imagination in today's age, but it still happens frequently.
See my reply from another thread about this:
Checked the article real quick and it's full of lies, you should not take everything you read at face value.
Had a good laugh reading this, can't believe the author calls himself a "hacker and security researcher".
1. All Macs do this. It's not Apple Silicon exclusive.
2. This article makes it sound so dramatical.
3. Basically if you open an Application from the App store, Apple checks if it's signed correctly to see if it's not tampered with.
4. They're not logging Applications, they're sending digital certificates and basically responding with "OK"/"NOT OK".
5. The results gets cached so a request is only made every 3 to 7 days per application, not "everytime you open an app" like this article claims.
5. OCSP is an industry standard.
That's it, next story please.
Checked the article real quick and it's full of lies, you should not take everything you read at face value.
Had a good laugh reading this, can't believe the author calls himself a "hacker and security researcher".
1. All Macs do this. It's not Apple Silicon exclusive.
2. This article makes it sound so dramatical.
3. Basically if you open an Application from the App store, Apple checks if it's signed correctly to see if it's not tampered with.
4. They're not logging Applications, they're sending digital certificates and basically responding with "OK"/"NOT OK".
5. The results gets cached so a request is only made every 3 to 7 days per application, not "everytime you open an app" like this article claims.
5. OCSP is an industry standard.
That's it, next story please.
For many, true. My point was more there's enough people who are regularly off-net for one reason or other (*) that applications being unable to open due to inability to phone-home would show up far sooner than the poster I quoted implied.
(*) When I was traveling more for work I'd rarely connect to airport wifi with my laptop, nor did I typically use aircraft wifi -- still got work done using local files.
... but its on the Internet, it must be true!
I mean https://sneak.berlin/ is clearly a major mainstream tech media outlet that fully vets articles before publication, right?
Louis Rossman is the worse piece of trash on YouTube. He hates Apple and tries to make money and clicks on YouTube trashing Apple. Yuk!
That’s different than worrying about the *privacy* implications