After the release of macOS Big Sur on Thursday, Mac users started having problems opening apps while connected to the internet. Apple's system status page attributes the issue to Developer ID issues, with developer Jeff Johnson pointing out that there were problems connecting to Apple's OCSP server.
Shortly afterwards, security researcher Jeffrey Paul published a post on a blog entitled "Your Computer Isn't Yours," in which he worries on privacy and safety related to Macs "phoning home" on Apple's OCSP server. In short, Paul said that the "OCSP traffic" generated by macOS is not encrypted and could possibly be seen by ISP or even their army USA.
Apple has since responded by updating the "Safely open apps on your Mac" support document with new information, as noted by iPhoneinCanada. The following is the complete "Privacy protections" section of the support document:
MacOS is designed to keep users and their data safe while respecting their privacy.
Gatekeeper performs online checks to verify that an application contains known malware and that the developer's signature certificate has been revoked. We have never combined data from these audits with information from Apple users or their devices. We do not use data from these controls to find out what users are running on their devices.
The notary checks if the application contains known malware using an encrypted connection that is resistant to server failures.
These security checks never included the user's Apple ID or device ID. To further protect your privacy, we have stopped recording IP addresses associated with Developer ID certificates and will ensure that any collected IP addresses are removed from the logs.
Apple clarifies that data for specific users is not collected during security check and that they intend to remove all IP information from the files recording. In addition, they intend to introduce many changes to system in the following year, such as:
- a new encrypted protocol for Developer ID certificate revocation checks
- strong protections against server failure
- a new option for users to opt out of these security protections
Some users have advocated blocking traffic to Apple's authentication servers, but it looks like Apple will provide this option to end users in the future.