SCARY and SERIOUS Question: Does macOS Big Sur Report Data Back To Apple?

[hwojtek]

I can assure you I'm not doing anything illegal... I just want to maintain my privacy and security since I do so much of my work and finances on my devices.

We all do for decades.
It takes much more than knowing which apps you use to do you any harm.

What you are implying is simply: I will not take my car to the dealers' for a scheduled maintenance because they will cut my brake lines and I will die. I know it from The Weekly World News.

However, you have no experience in maintaining a car, so you seek out bizarre solutions like: I know from The Weekly World News that the dealer will cut my brake lines while changing the oil, so anyone uses sunflower oil leftover from his French fries in his engine perhaps? Does pouring it over the roof suffice for an oil change?

It's paranoia. You have a comprehensive set of privacy settings in your MacOS, make use of them as you feel it, job done.

 

[GaryPDX]

Some of y'all need to ditch Apple and try out a Raspberry Pi. Then you be free. lol

 

[hwojtek]

Some of y'all need to ditch Apple and try out a Raspberry Pi. Then you be free. lol

Hey, tinfoil enthusiasts know better https://www.windowscentral.com/microsoft-repo-silently-added-raspberry-pi-os-folks-begin-freak-out

 

[theSeb]

Thank you TheSeb!

I can assure you I'm not doing anything illegal... I just want to maintain my privacy and security since I do so much of my work and finances on my devices.

What do you mean by "if you do not allow Apple to do the checks it is doing by blocking using a firewall, you are exposing yourself to far worse than Apple knowing which developer's apps you are opening." ???

Are you saying that by blocking the Apple checks using a firewall I'd be giving more of my user information to developers that create 3rd party Apps?

I trust Apple much more than even developers that create the most popular 3rd party Apps for MacOS like Dropbox, Evernote and Adobe Reader...

No, what I meant is that you are exposing yourself to far more serious security issues if do not allow those Apple checks. In simple terms, Apple is acting as the gatekeeper in this case. The gatekeeper must know who is trying to enter (the app developer in this case) and Apple will check that it really is the developer and that the developer's identify certificate has not been revoked. This is not a check that the user (you) can do.

 

[theSeb]

And here is what I am talking about in action

Nonetheless, Apple has since informed MacRumors that it has revoked the certificates of the developer accounts used to sign the packages, preventing additional Macs from being infected.

For software downloaded outside of the Mac App Store, Apple said it has "industry-leading" mechanisms in place to protect users by detecting malware and blocking it so it cannot run. Since February 2020, for example, Apple has required all Mac software distributed with a Developer ID outside of the Mac App Store to be submitted to Apple's notary service, an automated system that scans for malicious content and code-signing issues.

 

[richmond62]

Hey: I have a BBC Model B with 32 Kb RAM that saves programs on a cassette player. No-one will ever work
out what I am doing on there (often even I cannot work that out).

 

[PlayUltimate]

Hey: I have a BBC Model B with 32 Kb RAM that saves programs on a cassette player. No-one will ever work
out what I am doing on there (often even I cannot work that out).

I remember those day.

 

[BeautifulWoman_1984]

This is often called clickbait or sensationalism. It exists to take advantage of your emotions in order to either further an agenda, get you to click ads, or reinforce their own paranoias.

The points are that:

a) what gets sent back to Apple is a minimal amount of data used to improve the security of your computer, and potentially protect your privacy
b) this is not new to Big Sur
c) Big Sur has changed the way other apps can monitor Apple's own software, but not necesarilly because Apple is trying to hide something nefarious (it's more likely an attempt to again improve the security of your computer and prtect your privacy)

and no, blocking little snitch doesn't mean they'd get away with it)?

Thank you me22!

I definitely understand what you said about "click bait" but just reading that article title really gave me a strong sense of terror since I do so much of my personal work like my financial details and other personal information... 😢 😢 😢

However, I'm not sure what you mean about "blocking Little Snitch"? I have Little Snitch installed so I'm eager to know what you mean!

 

[theSeb]

Apple is not receiving your financial details. They will know that you are opening some app made by Microsoft when you open Excel. What exactly filled you with terror? That is a strong response to reading tech news that don't involve AI powered robots killing people.

You realise that you are not the only person that does "personal work on a computer like financial details", right? You are not a unique use case. We all do that. Apple does not care about your financial details. You are giving more private information on forums like these than you do to Apple.

 

[BeautifulWoman_1984]

And here is what I am talking about in action:

Nonetheless, Apple has since informed MacRumors that it has revoked the certificates of the developer accounts used to sign the packages, preventing additional Macs from being infected.

For software downloaded outside of the Mac App Store, Apple said it has "industry-leading" mechanisms in place to protect users by detecting malware and blocking it so it cannot run. Since February 2020, for example, Apple has required all Mac software distributed with a Developer ID outside of the Mac App Store to be submitted to Apple's notary service, an automated system that scans for malicious content and code-signing issues.

Thank you theSeb!

I trust the Mac Apps that are sold in the Mac App Store. I've never even considered installing an from outside the Mac App Store.

I'm still a bit unclear on what this means: "For software downloaded outside of the Mac App Store, Apple said it has "industry-leading" mechanisms in place to protect users by detecting malware and blocking it so it cannot run. Since February 2020, for example, Apple has required all Mac software distributed with a Developer ID outside of the Mac App Store to be submitted to Apple's notary service, an automated system that scans for malicious content and code-signing issues."
😧 😧 😧

 

[Honza1]

I'm still a bit unclear on what this means: "For software downloaded outside of the Mac App Store, Apple said it has "industry-leading" mechanisms in place to protect users by detecting malware and blocking it so it cannot run. Since February 2020, for example, Apple has required all Mac software distributed with a Developer ID outside of the Mac App Store to be submitted to Apple's notary service, an automated system that scans for malicious content and code-signing issues."
😧 😧 😧

What this means is that it is becoming really - and I mean REALLY - difficult to run software which was not notarized by Apple. And that Apple can - at any time - remove the validity of that notarization and stop the program from running. That is why Apple needs to check the signature (notarization) of each program you want to run once in a while - which is what got you excited in first place. Without this service Mac system would be as wide opened to malware as Windows are. And you would need antivirus software from other companies... And now those antivirus companies would know what you are running and also be scanning every one of your files, including Office documents, to make sure those do not contain any viruses. Talk about security - antivirus software is literally reading all your data and you pay for it. Can you trust them? Likely, but are you sure?
You can still defeat Apple security on your own computer, with enough knowledge and privileges. I do it since I have to run some unsigned software (like one I wrote myself). But usual Apple users (look in the mirror) are fine, in walled, relatively secure garden. Unless you become high price target of some dedicated hackers, you are likely safe. Which is practically all of us.

 

[BeautifulWoman_1984]

What this means is that it is becoming really - and I mean REALLY - difficult to run software which was not notarized by Apple. And that Apple can - at any time - remove the validity of that notarization and stop the program from running. That is why Apple needs to check the signature (notarization) of each program you want to run once in a while - which is what got you excited in first place. Without this service Mac system would be as wide opened to malware as Windows are. And you would need antivirus software from other companies... And now those antivirus companies would know what you are running and also be scanning every one of your files, including Office documents, to make sure those do not contain any viruses. Talk about security - antivirus software is literally reading all your data and you pay for it. Can you trust them? Likely, but are you sure?
You can still defeat Apple security on your own computer, with enough knowledge and privileges. I do it since I have to run some unsigned software (like one I wrote myself). But usual Apple users (look in the mirror) are fine, in walled, relatively secure garden. Unless you become high price target of some dedicated hackers, you are likely safe. Which is practically all of us.

Thank you Honza!

Your in-depth reply including anti-virus Apps is great.

I ONLY install Mac Apps to my Mac from the Mac App Store and this is something I want to keep doing. Is this the best way to ensure my security and privacy so that the App installed on my Mac is unable to contact the App Developer on the Internet?

This is truly my big worry: I'm using a Mac App I installed from the official Apple Mac App Store and that it transfers data about me back to the to the Internet to the person who wrote the Mac App.

I'm still trying to get my head around how much access Apple has to my files... 😢 😢 😢

 

[fisherking]

how is this thread still going? the OP seems bent on keeping it running as long as possible, since the concern has been addressed, and in detail, in dozens of posts. stop chasing your tail!

 

[Mr_Brightside_@]

I'm still trying to get my head around how much access Apple has to my files... 😢 😢 😢

None, except the methods that you make up in your head

 

[BeautifulWoman_1984]

None, except the methods that you make up in your head

Thank you Mr_Brightside!

This is a really serious issue for me so I just want to make sure I have some clarity!

 

[xraydoc]

how is this thread still going? the OP seems bent on keeping it running as long as possible, since the concern has been addressed, and in detail, in dozens of posts. stop chasing your tail!

With all due respect to the OP, I don't think she's able to let it go. She's going to read what's been posted but either she'll ignore it because she's convinced that it really works some other way, or she'll read some garbage click-bait posted elsewhere that will send her right back into a tail spin. Of course, Microsoft and Google are 10 times worse when it comes to tracking what's installed on one's machine, but she's convinced Apple is spying on her home finances. Linux sounds like a better alternative for the OP, though finding the commercial software she's used to is likely to be a non-starter.

I don't mean to be a jerk, but OP needs some help that's outside the realm of IT support.

 

[gnasher729]

It reminds me a little about the GPS functionality when the first iPhone launched. All of a sudden, people worried about being able to be located. In then end, telecommunication companies were able to locate your mobile phone ever since they launched in the late 70s / early 80s, just not by GPS. Nothing new here.

Actually, if I dial your phone number, your phone company _must_ be able to find out which cell tower your phone is connected to, otherwise they can't put my call through to you. If they can't find out where you are, the whole system cannot possibly work.

Knowing the cell tower gives your location away within a few hundred meters. Your phone won't be connecting just to one cell tower, it will check all towers that are close so it can pick the nearest one (the one with the best signal). The phone company can also figure out which nearby towers you connected and the signal strength, and with that they can improve the precision.

 

[fisherking]

With all due respect to the OP, I don't think she's able to let it go. She's going to read what's been posted but either she'll ignore it because she's convinced that it really works some other way, or she'll read some garbage click-bait posted elsewhere that will send her right back into a tail spin. Of course, Microsoft and Google are 10 times worse when it comes to tracking what's installed on one's machine, but she's convinced Apple is spying on her home finances. Linux sounds like a better alternative for the OP, though finding the commercial software she's used to is likely to be a non-starter.

I don't mean to be a jerk, but OP needs some help that's outside the realm of IT support.

i hear you. also, you're assuming it's a 'she'; who names themself "beautifulwoman"? anyway, it's the internet, and anything can (and does) happen here.

 

[avz]

i hear you. also, you're assuming it's a 'she'; who names themself "beautifulwoman"? anyway, it's the internet, and anything can (and does) happen here.

Ironically, who is paranoid now?

 

[richmond62]

I wonder where people get the energy to speculate anent all this.

 

[fisherking]

Ironically, who is paranoid now?

just suggesting that all may not be what it seems on an internet forum; i don't think paranoia has anything to do with it (or does it? hmmm) 🤔

 

[nickdalzell1]

Since I disabled Gatekeeper and changed the HOSTS file to block this type of 'protecting me from myself' nonsense, I don't even need apps such as Little Snitch much less worry about anything.

I mainly did it because it kept forcing my Amazon Music app to go to the trash or endlessly suggesting it's malware and should be in the trash. I literally couldn't run it. Disabling that garbage and having common sense won in the end.

Don't care if it's Google, Apple, Microsoft, et al. I don't need anyone protecting me from myself!!

Also, FYI the iPhone 2G didn't have GPS capability at launch. I do however remember being concerned about e911 watching me enough that I'd find a means of keeping a non-e911 compliant phone active through an MVNO back in 2008 before I realized the police aren't listening to my calls.

OP needs to realize the movie, Enemy of the State, while kinda close to home in this day and age, is fiction.

 

[timidpimpin]

This is a really serious issue for me so I just want to make sure I have some clarity!

You really need to stop claiming it's a serious issue to you, because your actions say otherwise. You keep saying it's serious to you, yet never bother actually learning anything. Honestly... are you going to spend the rest of your life being spoon-fed things you claim are important?

It's not important to you... so stop claiming it is.

 

[qoop]

Of course everything is reported back. Apple cares about you… intensely. An enormous monolithic database of personal details is merely a sign of affection.

 

[fisherking]

Of course everything is reported back. Apple cares about you… intensely. An enormous monolithic database of personal details is merely a sign of affection.

haha; now there's a useful post (altho, to be fair, my response isn't any more useful). why do people say things when they have nothing to say...? 🤔