I haven’t scanned the queries myself but according to this, sounds like app launches (since signature has to be checked) and ips would be worst case?
it’s not being “collected” perse, tho could be saved. It’s use is to protect against malware.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Regarding the news yesterday that apps on macOS needs to phone home
- Thread starter tzm41
- Start date
- Sort by reaction score
I haven’t scanned the queries myself but according to this, sounds like app launches (since signature has to be checked) and ips would be worst case?
it’s not being “collected” perse, tho could be saved. It’s use is to protect against malware.
There have been quite a few examples of people who have downloaded a cracked or patched version of a commercial app or a freeware app that contained keystroke loggers that stole passwords and financial information from user’s computers. We also have the problem of company and government department systems being jacked for ransomware.
If an app can dial home to check the app’s checksum and developer signature haven’t been tampered with then you should be welcoming it.
This isn’t the 90s anymore. People do banking and purchasing on their computers more and more. Instead of trying to banish or cancel this new security feature, rationally suggest ways it could be better....if you can.
If an app can dial home to check the app’s checksum and developer signature haven’t been tampered with then you should be welcoming it.
This isn’t the 90s anymore. People do banking and purchasing on their computers more and more. Instead of trying to banish or cancel this new security feature, rationally suggest ways it could be better....if you can.
Last edited:
Amusing what thin slices of living online people focus on.
Do people not know how to use an antivirus anymore? Hell, do people not have any common sense that you shouldn't download from shady sites?
I'd welcome bricking from malware rather than having my data farmed from the computer I (apparently don't) own anyhow.
macOS has malware protection and the definitions are regularly updated.
Yes plenty of people download from shady sites. A quick glance at the Big Sur board today shows us torrent users complaining their torrents are slow. Whether they are lawful downloads or not is not for me to speculate.
Even an open source repo like GitHub can host an infected app if the developers collude. How many end users can check source code or compile an app themselves? A minority.
Your personal documents aren’t being farmed (mined is the right term) on your computer, that would leave companies open to huge lawsuits and they wouldn’t risk that. Data held in a cloud however can be mined and is part of the T+C of many services, so be mindful there.
Thank you. So basically like many (most?) clickbait-Apple-is-bad stories this is also ********. 🤷♂️
Far from it ... You need to know what gets transmitted, how it is transmitted, who can access it and how long this has been going on for to better understand the ramifications.
See arn post: it's a standard OCSP message https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol
Anyway, it's nothing new, this has been know for years…
Anyway, it's nothing new, this has been know for years…
Respond to people with conspiracy theories? That’s OK, but that often doesn’t change their minds anyway even after being given a thorough explanation.
Have you ever vetted the source code of every Linux app to check if the developers weren’t colluding to mine your data? Many of those developers are anonymous and living far from any legal jurisdiction available to you.
Why is this a concern? I mean let’s be serious.
Don’t tell me people are concerned about this and their privacy, but then go ahead and use Twitter or gmail. Seriously.
Don’t tell me people are concerned about this and their privacy, but then go ahead and use Twitter or gmail. Seriously.
Exactly. Apple guarantees and gives their legally binding word they are protecting your privacy on your computer, otherwise they would be sued.
Social media makes no such promise. They can and will read your private messages if they needed to. I know for a fact they use invisible moderator accounts to look into messages and things like video stories.
Read the 9to5mac, it sends them your location along with other data on what app was opened and when every single time so it knows what Apps you used in the morning, in the evening etc, its absolutely BIZZARE to say the least that apple would do this as i love Apple but this doesnt sound right, It does it regardless of Gatekeeper being enabled or disabled from what i understand so far. The only way to stop it from what i understand is by adding ocsp.apple.com to the hosts file. The only thing i'm uncertain about is whether Gatekeeper is still protecting the computer from Malware if Gatekeeper is left enabled or does gatekeeper become useless once ocsp.apple.com is added to the hosts file and might as well be turned off
No, it doesn't send your location, and no, it doesn't send the name of the app what was opened.
It send an OCSP message. That's it.
That blog post lists "location, your mother's maiden name, your cat fur color, etc…" only because it's an approximated info that can be extracted from the IP address.
It's not sending your exact location no more than reading a page on this website send your location to macrumors.com
It send an OCSP message. That's it.
That blog post lists "location, your mother's maiden name, your cat fur color, etc…" only because it's an approximated info that can be extracted from the IP address.
It's not sending your exact location no more than reading a page on this website send your location to macrumors.com
This isn't just about OCSP - in this case Apple's OCSP service.
Apple's OCSP/Cert validation service is one of many components that are being scrutinized now, including old/non-resolved Apple privacy/security issues and approaches ie. iCloud backup's partial to no encryption of specific sets of data, iMessage's non-standard and questionable cryptography and 1280bit RSA encryption, putting a temporary hold on their plans to further restrict ad monitoring / information access in iOS apps just because it made a few big players uneasy about their future prospects.
None of what is being reported now would have garnered much deserved attention if this service hadn't failed spectacularly on Big Sur launch day. It didn't just fail on its own, it caused numerous other services to crash as well.
Being unable to use a computer because 1 service failed, which was designed to soft-fail when the remote service fails, is a big deal. Transmitting unencrypted hashes and data is a big deal. Not having full control over one's computer is a big deal. Not having control over iCloud's backup encryption or end to end encryption as an option is a big deal. iMessage's lousy cryptography is a big deal. Privacy is a big deal. Security is a big deal.
Also, why is Apple so keen on silently restricting user/app access to monitoring and controlling OS traffic in macOS 11+? What are they hiding but more importantly what are they doing with the data, telemetry or otherwise, generated from this traffic, who has access to it and how are they securing it?
At the end of the day, it was Apple who positioned and sold itself as a privacy-centric company ... something's fishy.. no conspiracy theories here just asking legitimate questions and seeking answers so I, and others, can make informed decisions about whether or not to upgrade to Big Sur.
Apple still remains the lesser of two evils being Google/Android and Microsoft/Windows.
Apple's OCSP/Cert validation service is one of many components that are being scrutinized now, including old/non-resolved Apple privacy/security issues and approaches ie. iCloud backup's partial to no encryption of specific sets of data, iMessage's non-standard and questionable cryptography and 1280bit RSA encryption, putting a temporary hold on their plans to further restrict ad monitoring / information access in iOS apps just because it made a few big players uneasy about their future prospects.
None of what is being reported now would have garnered much deserved attention if this service hadn't failed spectacularly on Big Sur launch day. It didn't just fail on its own, it caused numerous other services to crash as well.
Being unable to use a computer because 1 service failed, which was designed to soft-fail when the remote service fails, is a big deal. Transmitting unencrypted hashes and data is a big deal. Not having full control over one's computer is a big deal. Not having control over iCloud's backup encryption or end to end encryption as an option is a big deal. iMessage's lousy cryptography is a big deal. Privacy is a big deal. Security is a big deal.
Also, why is Apple so keen on silently restricting user/app access to monitoring and controlling OS traffic in macOS 11+? What are they hiding but more importantly what are they doing with the data, telemetry or otherwise, generated from this traffic, who has access to it and how are they securing it?
At the end of the day, it was Apple who positioned and sold itself as a privacy-centric company ... something's fishy.. no conspiracy theories here just asking legitimate questions and seeking answers so I, and others, can make informed decisions about whether or not to upgrade to Big Sur.
Apple still remains the lesser of two evils being Google/Android and Microsoft/Windows.
So are you saying that the 9to5mac article is basically false? Why does it send that OCSP message REGARDLESS of whether Gatekeeper is enabled or disabled?
Because Gatekeeper has a different purpose. Gatekeeper setting controls the first launch of an app, it if can run or if you need to manually allow it. After the first launch Gatekeeper does not check the entire app signature and does not ask you again if you want to run it.
OCSP is an addition, it checks if the certificate of the app has been revoked.
OCSP is an addition, it checks if the certificate of the app has been revoked.
I see, in that case gatekeeper should be left fully enabled and will function as it should whether ocsp.apple.com is blocked in the hosts file or not and will fully continue to protect the Mac from Malware, Correct?, i just don't understand why the article from 9to5mac said this was a gatekeeper issue if it is indeed not..
Is there a reason NOT to block ocsp.apple.com in the hosts file to stop this unnecessary data transmission to Apple on user usage from happening or is there some benefit for us users to keep our Mac's as it was before Thursday's news about this ocsp.apple.com service being contacted at all times on what app is opened and when that was exposed in the 9to5mac article?
Yes, Gatekeeper will work even with ocsp.apple.com blocked.
The advantages of checking the certificate each time is that if an app is malware, and the certificate is revoked, your Mac will immediately know.
But the actual implementation seems quite bad, if a slow ocsp server or a slow internet connection can make it fail so bad.
The advantages of checking the certificate each time is that if an app is malware, and the certificate is revoked, your Mac will immediately know.
But the actual implementation seems quite bad, if a slow ocsp server or a slow internet connection can make it fail so bad.
Exact.
If Apple relaxes on security, Wired and a billion other smoke-and-mirrors scaremongerers just pounce on the first exploit with gotcha clickbait articles that stay up forever without correction. These articles add friction to selling Apple hardware.
Apple may be miscalculating whether the flimsiness of network-based app checking will generate more negative brand image than not using it, but they didn't put themselves into this particular catch-22.
---
As for the OP question of what it signifies that Apple knows what apps we use, that's... totally small fries. If they look, they know you use a pencil, not what you are writing with it. (I could throw in that anyone opening an app to create something is presumably going to put that straight onto social media, but more important is that those in the exception have nothing to worry about).
And is there any negative effect on MacOS such as ram management, high cpu usage or whatever it may be that could happen by blocking the ocsp.apple.com in the hosts file?