Security Researcher Highlights Potential Privacy Concerns on Macs with M1 Chip

by -460 views

Yesterday Apple launched the macOS Big Sur to the full general public. The latest macOS arrives with a host of new features. Many users faced issues while downloading and installing macOS Big Sur on their device. A server outage acquired the download/install failure, and information technology also affected the functioning of users running macOS Catalina.

Download/install failures are pretty common whenever a new macOS update becomes available. All the same, it seems similar there is more to it than simply a server outage. A security researcher has highlighted privacy and security concerns that will primarily affect Mac’south powered by Apple Silicon.

Initially, macOS users faced boring download times and frequent download failures. At the same time, some encountered an mistake while installing macOS Large Sur. Apple’south website was down, and other services like iMessage, Apple tree Maps, Apple Pay, and Apple tree Card faced outages. That’southward non all; apps and other features on macOS Catalina started condign sluggish after a failed update attempt.

Jeffrey Paul, a security researcher, has published his findings and highlights security and privacy problems in his weblog post.

On modern versions of macOS, yous simply tin’t ability on your computer, launch a text editor or eBook reader, and write or read, without a log of your activity existence transmitted and stored.

It turns out that in the current version of the macOS, the Bone sends to Apple a hash (unique identifier) of each and every program you run, when y’all run it. Lots of people didn’t realize this, because it’southward silent and invisible and it fails instantly and gracefully when you lot’re offline, merely today the server got actually slow and it didn’t striking the fail-fast code path, and anybody’southward apps failed to open up if they were connected to the net.”

Because it does this using the internet, the server sees your IP, of grade, and knows what fourth dimension the request came in. An IP address allows for coarse, city-level and Isp-level geolocation, and allows for a table that has the post-obit headings:

Engagement, Time, Computer, Isp, City, Country, Application Hash

Apple (or anyone else) can, of course, summate these hashes for common programs: everything in the App Store, the Creative Cloud, Tor Browser, neat or reverse applied science tools, whatever.

This means that Apple knows when you lot’re at home. When you’re at work. What apps you open up at that place, and how often. They know when you lot open Premiere over at a friend’s firm on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city.”

Almost of usa might be thinking, “Who cares?” Well, the security analyst answers this question in length.

Well, it’south not but Apple. This data doesn’t stay with them:

These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables.

These requests go to a 3rd-party CDN run past some other company, Akamai.

Since Oct of 2022, Apple is a partner in the US war machine intelligence customs’due south PRISM spying program, which grants the US federal police and armed forces unfettered admission to this data without a warrant, any time they inquire for information technology. In the outset half of 2022 they did this over eighteen,000 times, and some other 17,500+ times in the second half of 2022.

This information amounts to a tremendous trove of data about your life and habits, and allows someone possessing all of it to place your movement and activity patterns. For some people, this tin even pose a physical danger to them.”

He speedily points out that an app called Lilliputian Snitch allows you to disable all “computer-to-Apple communications.” You can choose to corroborate or deny each request without affecting Mac’south functionality. To make it challenging to block trackers, Apple has now included the asking in the new “ContentFilterExclusionList” on macOS 11. In other words, the requests can no longer be blocked by third-party software or VPN’south.

Security Concerns on new M1 Powered MacBooks.

Apple’due south M1 Powered MacBooks feature “cryptographic protections” that allows OS to kicking only when the computer can “phone home.” Hither is what Paul has to say well-nigh new Macs powered by Apple Silicon.

These machines are the beginning general purpose computers ever where you take to brand an exclusive selection: yous tin can accept a fast and efficient machine, or y’all can have a private one. (Apple mobile devices have already been this way for several years.) Short of using an external network filtering device like a travel/vpn router that you tin totally command, there will exist no way to boot any OS on the new Apple tree Silicon macs that won’t telephone home, and you can’t modify the Bone to forestall this (or they won’t kicking at all, due to hardware-based cryptographic protections).”

[via Jeffrey Paul]


Posted by: