Of course it would work. It works for 50 years already. And it’s like 5 lines of code.
Last edited:
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Privacy concerns with Silicon Macs
- Thread starter Macintosh101
- Start date
- Sort by reaction score
That’s kind of rude. I never have any Apple Stores geniuses I visited told me something like this. They always tried their best to help. Sounds like a scam to me (on what this Louis said, if he tried to sell his repair business).
BUT BUT... I heard some folks talking one time about encryption. And, based on what I heard in that one conversation, EVERYTHING should be encrypted and cleartext is scary! Besides, I told all my YouTube subscribers I'd NEVER use Keynote... I don't need that critical information getting out to the government! /s
You can be identified by your IP most of the times. And yes everything should be encrypted especially if it’s even remotely sensitive. Especially if your bragging about your users privacy left and right.
Please remember, they will only ever offer official repairs that THEY can do.
If the official training tells them that if X and Y is faulty then the machine is scrap, or rather a whole new motherboard is needed than that's all they can say or do.
I know some Apple staff recommend a customer going to an unauthorized repair place as they may/will be able to do component level repairs that Apple refuses to do.
It's well known that sometimes it's a tiny component or cable or joint that's broken, and Apple will not offer such a repair, but only to swap the whole item out.
If such a swap leads to the loss of all data on the soldered in storage then so be it.
They cannot officially do anything else.
I do not believe anyone here who says that if they ever found themselves in such a position, they would not seek help from a 3rd party if it meant the difference between saving or losing their data.
Or course, ideally everyone has everything backed up, but we know that's not the reality of some/many people.
All I am saying it that we should all be very happy that 3rd party repair shops are out there for times when Apple's policy on repairs is unable to offer an individual a type of repair/service that makes the customer happy.
No traffic should be able to bypass a user’s VPN. The End.
BUT BUT.. It's Apple, they are benevolent, and I'm not a criminal, I have nothing to hide. Apple never made mistakes. Their security is top notch!
Doesn't run every time yes but still often enough. I've just checked my dns logs and it's about 50 times per day on average.
So, for the sake of argument, let's say this is greatly overblown (I don't believe it is). So why not give a user the ability to turn it off? Why don't they openly disclose that the computer is doing this? Why does it bypass VPNs?
It'd be one thing if they said "We have this great new security feature enabled that verifies app security by phoning home before an app launches. For the sake of privacy, you have the ability to opt-out the same way that you can opt out of sending Apple your analytics."
Instead you have a situation where a lot of very informed users (if you're here you're probably in the top 1%) are surprised to find out that this is going on at all. If they ever communicated that this was happening, they did a piss poor job, and I'd venture a guess that it largely has to do with the optics of this contradicting their public stance on privacy.
Sort of off topic but I actually converted to back to linux as my desktop almost two years ago and was impressed with the progress made for gaming. I can actually play Microsoft's games they sell on Steam (Halo MCC, Halo Wars, Gears of War, and many others) and they run just as good if not better on linux using Proton/Wine. I use wine to play Star Craft, etc... I use wine to run iTunes so I can keep my played podcasts synced with Podcasts app on iPhone/iPad.
I can't believe how well it all works. I was actually doing GPU passthrough to windows with kvm/qemu but I don't even start up windows hardly anymore.
Last edited:
This is my own opinion, but I think its because of control/money. The bypassing VPN stuff just seems like some sort of corporate agreement to verify that the customer is actually where they should be to access certain content or something. It just seems like Apple created this locked down environment where they control everything and made a bunch of money from it with iOS. Any developer wants to create an App for those devices they have to pay apple to do so, and then if they want to distribute their software or services Apple wants their cut. Now they are looking and taking the Mac, which is (was?) a general purpose computing platform and trying to do the same thing. They want complete control. They removed the option in gate keeper to allow install from anywhere and you have to know how to get around it to install from someone who isn't paying apple to sign their software. Its just not the same Apple as it was almost 20 years ago when I switched to Mac OS from Linux/BSD.
I am no longer buying any new Macs, but not just because of this. I actually stopped when they stopped making an actual replacement for the 2010 Mac Pro. It just didn't make sense anymore. The new 2019 Mac Pro was overkill and if I wanted to run my preferred graphics cards I'd have to jump through hoops. On their new platform I can't use windows to game, or use their new machines for work (I need docker with x86 images).
I'm not leaving Apple, Apple left me. =) I'm still using my iPhone, iPads, etc... I don't hate Apple, I just hate what they did/are doing to their computer platform. I guess when they changed their name it should have been a very big clue.
It’s not practical to encrypt everything. If everything coming out of your computer was encrypted, I wouldn’t be able to read your reply!
For the specific case of "checking apps' OCSP", encrypting the traffic could make sense. Namely because an eavesdropper can eventually know every app that you run through OCSP request hashes on those. In combination with the IP address given by your ISP, this could be used to fingerprint you.
The OCSP for applications can be encrypted. Whereas a second-level unencrypted OCSP would only handle revocation of the SSL certificate of the first one. That way the only information that an eavesdropper can get is that you are using an Apple computer (which could range from an Apple Watch to the Mac Pro) — much less information than app-level OCSP requests.
Looks like they don’t actually sly on us. I brlieve them. And that they already took steps to disconnect user IPs from verification processes. ?
This was a good bug.
techcrunch.com
This was a good bug.
Apple responds to Gatekeeper issue with upcoming fixes | TechCrunch
Apple has updated a documentation page detailing the company’s next steps to prevent last week’s Gatekeeper bug from happening again, as Rene Ritchie
techcrunch.com
Looks like apple have just officially responded to the privacy concerns:
9to5mac.com
Potential Mac privacy concerns surface after server outages - 9to5Mac
Apple's servers had issues on macOS Big Sur launch day that impacted a variety of services revealing potential Mac privacy and security concerns.
9to5mac.com
Directlink to Apples KB-article released today:
support.apple.com
Safely open apps on your Mac - Apple Support
macOS includes a technology called Gatekeeper, that's designed to ensure that only trusted software runs on your Mac.
THEN IT WASN’T ENCRYPTED ENCRYPTILY ENOUGH!! MOAR NCRIPSHUN! ?And yet it was encrypted by HTTPS and you were able to read it
But, looks like Apple’s going to work to create a new better-than-OSCP standard. Which is not a bad way to handle this. While it’s better than a proprietary Apple Only one-off without scrutiny from the wider security world, it’s good to remember that the same wider security world that felt that OSCP was acceptable in the first place.
Clearly the entire discussion shows, that OSCP in its current form is not acceptable to users. And more, what is interesting: write good privacy laws and see how ad companies fall and users look amazed at all the info stored about them, aggregated, profiled, analyzed. Enforcing measures that inform users is only the first step to raise awareness. Users will adapt, the narrative will change and as we learn from GDPR or the privacy changes in iOS 14 (yet to come) those changes make a real difference.
So anybody claiming "this is fine" has not understood the problem. In this thread alone there are quite a few comments discrediting Jeffrey Paul and Louis Rossman as nutjobs without providing any argument to the case at hand. The only thing that does is discredit the post author.
The fact that Apple understands the implications and announces it will change how this is handled just proofs the point Jeffrey Paul and others made.
Changes Apple mentioned:
So anybody claiming "this is fine" has not understood the problem. In this thread alone there are quite a few comments discrediting Jeffrey Paul and Louis Rossman as nutjobs without providing any argument to the case at hand. The only thing that does is discredit the post author.
The fact that Apple understands the implications and announces it will change how this is handled just proofs the point Jeffrey Paul and others made.
Changes Apple mentioned:
- a new encrypted protocol for Developer ID certificate revocation checks
- strong protections against server failure
- a new preference for users to opt out of these security protections
Last edited:
It was encrypted enough. If they did it in a similar way no one would have complained. The world is a different place now. HTTP and FTP were also considered acceptable before. What was considered paranoia before is a common sense now.
Oh the concerns! No doubt you all realize that every Intel and AMD processor has a remote management system that can access everything on your system? You have no control over it. Apple M1 probably has similar capabilities.
There never was and never will be any such thing as "internet privacy" because the underlying technologies were built for collaboration not privacy.
There never was and never will be any such thing as "internet privacy" because the underlying technologies were built for collaboration not privacy.
There's an enclave in AMD and Intel's processors that's basically a black box, it's also known that the NSA has requested backdoors on a hardware level.