Privacy concerns following Apple server outage
- nov
- 14
"Your Computer Isn't Yours"
What you need to know
- A big server outage rendered many Macs unusable earlier this week.
- A new report says that the problem has raised big privacy concerns regarding macOS.
- A new article from Jeffrey Paul has highlighted concern about unique identifiers used when running apps.
An Apple server outage earlier this week has raised big privacy questions about macOS, according to a new report.
Jeffrey Paul, writing Thursday notes:
On modern versions of macOS, you simply can't power on your computer, launch a text editor or eBook reader, and write or read, without a log of your activity being transmitted and stored.
It turns out that in the current version of the macOS, the OS sends to Apple a hash (unique identifier) of each and every program you run when you run it. Lots of people didn't realize this, because it's silent and invisible and it fails instantly and gracefully when you're offline, but today the server got really slow and it didn't hit the fail-fast code path, and everyone's apps failed to open if they were connected to the internet.
Paul claims that because these identifiers use the internet, the server can see your IP address, as well as the time the request came in:
An IP address allows for coarse, city-level and ISP-level geolocation, and allows for a table that has the following headings:
Date, Time, Computer, ISP, City, State, Application Hash
The upshot of this, Paul says, is that Apple knows quite a lot about you:
This means that Apple knows when you're at home. When you're at work. What apps you open there, and how often. They know when you open Premiere over at a friend's house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city.
Paul also claims that the requests are transmitted unencrypted, meaning "everyone who can see the network can see these", including ISPs.
Paul further notes that the issue is more problematic with the release of macOS Big Sur, which prevents workaround apps like Little Snitch from blocking these processes. Paul did suggest that it might be possible to modify Apple silicon Macs to prevent this but would need to test it out in person.
In an FAQ update to the piece, Paul stated the problem had nothing to do with Apple's analytics and was more to do with Apple's anti-malware/piracy efforts, and that there was "no user setting in the OS to disable this behaviour."
Paul also claims the problem has been "happening silently" for at least a year, since macOS Catalina in October 2019.