Wednesday, November 25, 09:19
Home security Apple macOS: Application privacy issues are detected

Apple macOS: Application privacy issues are detected

After the release of macOS Big Sur on Thursday, Mac users started having problems opening apps while connected to the internet. Apple's system status page attributes the issue to Developer ID issues, with developer Jeff Johnson pointing out that there were problems connecting to Apple's OCSP server.

Shortly afterwards, security researcher Jeffrey Paul published a post on a blog entitled "Your Computer Isn't Yours," in which he worries on privacy and safety related to Macs "phoning home" on Apple's OCSP server. In short, Paul said that the "OCSP traffic" generated by macOS is not encrypted and could possibly be seen by ISP or even their army USA.

Apple has since responded by updating the "Safely open apps on your Mac" support document with new information, as noted by iPhoneinCanada. The following is the complete "Privacy protections" section of the support document:

MacOS is designed to keep users and their data safe while respecting their privacy.

Gatekeeper performs online checks to verify that an application contains known malware and that the developer's signature certificate has been revoked. We have never combined data from these audits with information from Apple users or their devices. We do not use data from these controls to find out what users are running on their devices.

The notary checks if the application contains known malware using an encrypted connection that is resistant to server failures.

These security checks never included the user's Apple ID or device ID. To further protect your privacy, we have stopped recording IP addresses associated with Developer ID certificates and will ensure that any collected IP addresses are removed from the logs.

Apple clarifies that data for specific users is not collected during security check and that they intend to remove all IP information from the files recording. In addition, they intend to introduce many changes to system in the following year, such as:

  • a new encrypted protocol for Developer ID certificate revocation checks
  • strong protections against server failure
  • a new option for users to opt out of these security protections

Some users have advocated blocking traffic to Apple's authentication servers, but it looks like Apple will provide this option to end users in the future.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

Home Depot: $ 17,5 million settlement for data breach

Home Depot Inc., the largest home appliance company in the US, will pay $ 17,5 million to resolve a breach ...

Baidu Android applications collect user data

Two Android applications belonging to the Chinese technology company Baidu have been removed from the official Google Play ...

FBI: Attention! Fake versions of our sites are circulating

The Federal Bureau of Investigation (FBI) warns the public about the appearance of fake sites that look very much like ...

Amazon - PlayStation 5: Complaints about non-delivery of orders!

Amazon has announced that it is currently investigating what happened to the PlayStation 5's delivery failure after reports of theft ....

How to mute Fleets on Twitter

Twitter "stories", called Fleets, allow you to post content that disappears after 24 hours. But if you want ...

Apple's security chief accused of bribery

A prosecutor in Santa Clara, California, issued an indictment on Monday, accusing Apple security chief Thomas Moyer of offering bribes ...

A mysterious metal monolith was discovered in the Utah desert

A strange metal monolith was found in the Utah desert by a helicopter crew passing through the area!

US election: A small group of accounts spreads fake news

The researchers found that a small group of social media accounts are responsible for spreading fake news about ...

Intel spreads FUD on Ryzen 4000 performance

On Friday, Intel made a presentation to various journalists and analysts telling them that there is a serious discrepancy between the performance of ...

Black Friday: What are Amazon's best deals?

Black Friday is almost here, and we've put together the best deals on Amazon devices. Amazon has an ever-expanding list of devices, ...