Desktops (Apple)

Linus Torvalds Would Like To Use An M1 Mac For Linux, But... (zdnet.com) 246

Yes, Torvalds said he'd love to have one of the new M1-powered Apple laptops, but it won't run Linux and, in an exclusive interview he explains why getting Linux to run well on it isn't worth the trouble. Steven J. Vaughan-Nichols writes via ZDNet: Recently, on the Real World Technologies forum, Linux's creator Linus Torvalds was asked what he thought of the new M1-powered Apple laptops. Torvalds replied, "I'd absolutely love to have one if it just ran Linux." You may think, "what's the problem? Doesn't Linux run on practically every processor on the planet from 80386s to IBM s390x to the ARM family of which Apple's M1 chip is a child?" Well, yes, yes it does. But it takes more than a processor to run a computer.

Torvalds would like to run Linux on these next-generation Macs. As he said, "I've been waiting for an ARM laptop that can run Linux for a long time. The new Air would be almost perfect, except for the OS. And I don't have the time to tinker with it, or the inclination to fight companies that don't want to help." Aye, there's the rub. In an exclusive interview, Torvalds expanded on why he can't see porting Linux to the M1-based Macs. "The main problem with the M1 for me is the GPU and other devices around it, because that's likely what would hold me off using it because it wouldn't have any Linux support unless Apple opens up."

Still, while Torvalds knows Apple opening up their chipsets "seems unlikely, but hey, you can always hope." Even if that "wasn't an issue," Torvalds continued, "My personal hope would be more cores. Even in a laptop, I don't care about 20-hour battery life (and I wouldn't get it building kernels anyway). I'd rather plug it in a bit more often, and have 8 big cores." As for the Mac's limited RAM -- no more than 16GBs on current models -- he can live with that. "16GBs is actually ok by me because I don't tend to do things that require a lot more RAM. All I do is read email, do git and kernel compiles. And yes, I have 64GB in my desktop, but that's because I have 32 cores and 64 threads, and I do hugely parallel builds. Honestly, even then 32GB would be sufficient for my loads." That said, other developers and power users may want more from the new Macs, Torvalds thinks. "The people who really want tons of memory are the ones doing multiple VMs or huge RAW file photography and video."

The Courts

Apple Security Chief Maintains Innocence After Bribery Charges (arstechnica.com) 71

An anonymous reader quotes a report from Ars Technica: A grand jury in California's Santa Clara County has indicted Thomas Moyer, Apple's head of global security, for bribery. Moyer is accused of offering 200 iPads to the Santa County Sheriff's office in exchange for concealed carry permits for four Apple employees. Moyer's attorney says that he did nothing wrong, and notably Apple is standing behind its executive. "We expect all of our employees to conduct themselves with integrity," an Apple spokesperson said in a statement. "After learning of the allegations, we conducted a thorough internal investigation and found no wrongdoing."

Also indicted were two officials in the office of Santa Clara County Sheriff Laurie Smith. These officials are accused of soliciting the alleged bribe. California law gives sheriffs broad discretion to decide who gets permits to carry concealed weapons in the state. Smith has previously faced accusations that her office deliberately withheld permits to carry concealed weapons until applicants did favors for Smith. A June investigation by NBC Bay Area found that donors to Smith's re-election campaign were 14 times more likely to get concealed carry permits than those who didn't donate. A press release from Smith's office described the indictments as "a difficult time for our organization."

Jeff Rosen, the Santa Clara district attorney responsible for the indictments, said that the donation of 200 iPads was scuttled at the last minute after Rosen obtained a search warrant in the case. According to LinkedIn, Moyer is responsible for "strategic management of Apple's corporate and retail security, crisis management, executive protection, investigations and new product secrecy." While two individuals in Sheriff Smith's office were indicted, no charges have been filed against Smith herself. Rosen says the investigation is ongoing. A common prosecutorial strategy is to focus on lower-ranking employees first in order to pressure them to provide evidence against their boss.

The Almighty Buck

Apple Makes Another Concession On App Store Fees (cnbc.com) 19

Apple said on Monday that companies that offer digital classes or virtual events through iPhone apps won't have to use Apple's App Store in-app purchases through June 2021, enabling them to charge their customers directly without Apple's 30% commission fee. CNBC reports: Apple said the extension was to help businesses by giving them more time to transition in-person events to digital events during the Covid-19 pandemic. "Although apps are required to offer any paid online group event experiences (one-to-few and one-to-many realtime experiences) through in-app purchase in accordance with App Store Review guideline 3.1.1, we temporarily deferred this requirement with an original deadline of December 2020," Apple wrote on its developer blog. "To allow additional time for developing in-app purchase solutions, this deadline has been extended to June 30, 2021." Last week, Apple announced that it planned to reduce its commission to 15% for app developers making under $1 million on Apple's platforms in 2021.
United States

Apple's Security Chief Indicted in Santa Clara County Sheriff Concealed-gun Permit Scandal (mercurynews.com) 217

The top security chief for Apple headlines a batch of new criminal indictments for allegedly brokering bribes with Santa Clara County sheriff's office commanders -- including the newly indicted undersheriff -- in exchange for coveted concealed-gun permits, in a striking offshoot of an ongoing corruption probe ensnaring the agency. From a report: Thomas Moyer, 50, Apple's chief security officer, was indicted last week by a criminal grand jury on allegations that he, Undersheriff Rick Sung and Capt. James Jensen arranged for 200 iPads to be donated to the sheriff's office to loosen up the release of concealed-carry weapons permits for Apple security officers. The sheriff's office is the police force for Cupertino, where Apple's global headquarters are located. The iPad donation was shelved once a separate DA investigation into pay-to-play suspicions involving the concealed-gun permits -- in which Jensen was one of four people indicted earlier this year -- got underway in August 2019, District Attorney Jeff Rosen said at a Monday news conference.
Bug

Apple Lets Some Network Traffic Bypass Firewalls on MacOS Big Sur (arstechnica.com) 113

"Security researchers are blasting Apple for a feature in the latest Big Sur release of macOS that allows some Apple apps to bypass content filters and VPNs..." reports Threatpost. "While users assumed Apple would fix the flaw before the OS emerged from beta into full release, this doesn't appear to have happened."

"Beginning with macOS Catalina released last year, Apple added a list of 50 Apple-specific apps and processes that were to be exempted from firewalls like Little Snitch and Lulu," explains Ars Technica: The undocumented exemption, which didn't take effect until firewalls were rewritten to implement changes in Big Sur, first came to light in October. Patrick Wardle, a security researcher at Mac and iOS enterprise developer Jamf, further documented the new behavior over the weekend. To demonstrate the risks that come with this move, Wardle — a former hacker for the NSA — demonstrated how malware developers could exploit the change to make an end-run around a tried-and-true security measure...

Wardle tweeted a portion of a bug report he submitted to Apple during the Big Sur beta phase. It specifically warns that "essential security tools such as firewalls are ineffective" under the change.

Apple has yet to explain the reason behind the change.

XBox (Games)

Xbox Series X Controller Support Coming To Apple Devices (macrumors.com) 5

Apple and Microsoft are working on adding support for the Xbox Series X controller to Apple devices, according to an Apple Support page spotted by a Reddit user. MacRumors reports: The support page states that Apple devices only support the Xbox Wireless Controller with Bluetooth, Xbox Elite Wireless Controller Series 2, Xbox Adaptive Controller, PlayStation DualShock 4 Wireless Controller, and various other MFi Bluetooth controllers. However, small print on the page states: "Microsoft and Apple are working together to bring compatibility for the Xbox Series X controller to customers in a future update." There is no mention of the Sony PlayStation 5 DualSense Controller or the Amazon Luna Controller on the Apple Support page, but MacRumors has spotted code mentioning the controllers in the iOS and iPadOS 14.3 betas.
United States

Apple is Lobbying Against a Bill Aimed at Stopping Forced Labor in China (washingtonpost.com) 87

Apple lobbyists are trying to weaken a new law aimed at preventing forced labor in China, the Washington Post reported Friday, citing two congressional staffers familiar with the matter, highlighting the clash between its business imperatives and its official stance on human rights. From the report: The Uyghur Forced Labor Prevention Act would require U.S. companies to guarantee they do not use imprisoned or coerced workers from the predominantly Muslim region of Xinjiang, where academic researchers estimate the Chinese government has placed more than 1 million people into internment camps. Apple is heavily dependent on Chinese manufacturing, and human rights reports have identified instances in which alleged forced Uighur labor has been used in Apple's supply chain.

The staffers, who spoke on the condition of anonymity because the talks with the company took place in private meetings, said Apple was one of many U.S. companies that oppose the bill as it's written. They declined to disclose details on the specific provisions Apple was trying to knock down or change because they feared providing that knowledge would identify them to Apple. But they both characterized Apple's effort as an attempt to water down the bill. "What Apple would like is we all just sit and talk and not have any real consequences," said Cathy Feingold, director of the international department for the AFL-CIO, which has supported the bill. "They're shocked because it's the first time where there could be some actual effective enforceability."

Facebook

Apple Defends Delay of Privacy Feature, Slams Facebook (bloomberg.com) 22

Apple has slammed Facebook and other internet giants for their ad-targeting practices in response to a letter questioning a decision by the iPhone maker to delay a new privacy feature. From a report: The Cupertino, California-based technology company criticized Facebook's approach to advertising and user tracking, according to a written reply sent to several human rights and privacy organizations, including the Electronic Frontier Foundation and Human Rights Watch: "By contrast, Facebook and others have a very different approach to targeting. Not only do they allow the grouping of users into smaller segments, they use detailed data about online browsing activity to target ads. Facebook executives have made clear their intent is to collect as much data as possible across both first and third party products to develop and monetize detailed profiles of their users, and this disregard for user privacy continues to expand to include more of their products."

Apple's letter, reviewed by Bloomberg News, defended the company's decision to delay an iPhone feature that requires users to give explicit permission before letting apps track them for advertising purposes. The enhancement was added as part of the company's iOS 14 operating system in September, but a requirement that all apps use it was delayed until early 2021 after several developers, including Facebook, said the change would hurt their businesses. The human rights and privacy organizations criticized the delay in a letter earlier this year to Apple.

Television

Charlie Brown Holiday Specials To Air On TV, After All, In PBS Deal (kare11.com) 56

Last month, "It's the Great Pumpkin, Charlie Brown" wasn't aired on TV, marking the first time since 1965 that the Peanuts special wasn't broadcasted. Instead, it was streamed on Apple+. Now, according to The Associated Press, the Charlie Brown Thanksgiving and Christmas specials will return to the air. From the report: On Wednesday, Apple bowed to the backlash, announcing it had teamed up with PBS for ad-free broadcasts of "A Charlie Brown Thanksgiving" (on Nov. 22) and "A Charlie Brown Christmas" (on Dec. 13). Both specials will also be available for free during three-day windows on Apple TV+ (Nov. 25-27 for "Thanksgiving" and Dec. 11-13 for "Christmas.") For subscribers, the specials will be available beginning Nov. 18 and Dec. 4, respectively.
Chrome

Google's Native Version of Chrome For Apple's ARM Macs Is Out Now (theverge.com) 47

According to Chrome product manager Mark Chang, Google's version of Chrome that support ARM Macs is now available to download. The Verge reports: In theory, a native version of the notoriously resource-hungry browser might run more efficiently on Apple's Arm-based computers. In our reviews of the MacBook Air, MacBook Pro, and Mac mini equipped with the new M1 chip, though, we found that the version of Chrome built for Intel chips already runs well on Apple's new Macs, so hopefully this native version runs even better. You'll be able to pick which version of Chrome to download from the browser's website.

Google began rolling out a new version of Chrome on Tuesday, touting the "the largest gain in Chrome performance in years" thanks to some under-the-hood changes. The company's blog about the new release didn't mention anything about a version optimized for Apple's Arm-based Macs.

Businesses

Apple To Pay $113 Million Settlement Over Its iPhone 'Batterygate' Slowdowns (cnet.com) 60

Apple is paying $113 million to settle an investigation by 34 states and the District of Columbia over the company's practice of slowing down the performance of older iPhones when their batteries degrade. From a report: Apple's moves weren't announced by the company, but rather proven by internet sleuths. That led regulators and customers alike to criticize the company for not being forthcoming, particularly when asked about it in the past. "Big Tech must stop manipulating consumers and tell them the whole truth about their practices and products," Arizona Attorney General Mark Brnovich, who helped lead the investigation, said in a statement. "I'm committed to holding these goliath technology companies to account if they conceal the truth from their users." Apple will pay Arizona in particular $5 million, with the rest split among other states.
Businesses

Apple To Reduce App Store Fees For Small Businesses With Under $1 Million in Revenues (techcrunch.com) 49

Amid increased regulatory scrutiny over how it runs its App Store, Apple today announced it will reduce the App Store commissions for smaller businesses. Under the new guidelines of the "App Store Small Business Program," as it's called, developers earning up to $1 million per year will only have to pay a 15% commission on in-app purchases, rather than the standard 30% commission. From a report: The new program will launch on Jan. 1, 2021, and will be based on the business's revenues in the previous calendar year -- meaning 2020. This $1 million threshold will be based on how much existing developers made across all their applications on a post-commission basis, Apple notes. That means the businesses could actually earn up to $1.3 million in gross revenues. The reduced fee will also apply to new developers launching their apps for the first time. If, during the course of the year, the developer's apps surpass the $1 million threshold, they'll be moved to the standard commission rate, generally 30%, for the remainder of the year. They'll also then enter the following year at that standard rate, as well. Depending on the developers' business, however, the "standard" rate may not always be 30%. For developers running an auto-renewing subscription business, for example, the standard commission drops to 15% in year two on a per-user basis, based on Apple's existing guidelines. This will not change.
Desktops (Apple)

Apple's M1 Is Exceeding Expectations (extremetech.com) 274

Reviews are starting to pour in of Apple's MacBook Pro, MacBook Air and Mac Mini featuring the new M1 ARM-based processor -- and they're overwhelmingly positive. "As with the Air, the Pro's performance exceeds expectations," writes Nilay Patel via The Verge.

"Apple's next chapter offers strong performance gains, great battery and starts at $999," says Brian Heater via TechCrunch.

"When Apple said it would start producing Macs with its own system-on-chip processors, custom CPU and GPU silicon (and a bunch of other stuff) to replace parts from Intel and AMD, we figured it would be good. I never expected it would be this good," says Jason Cross in his review of the MacBook Air M1.

"The M1 is a serious, serious contender for one of the all-time most efficient and highest-performing architectures we've ever seen deploy," says ExtremeTech's Joel Hruska.

"Spending a few days with the 2020 Mac mini has shown me that it's a barnburner of a miniature desktop PC," writes Chris Welch via The Verge. "It outperforms most Intel Macs in several benchmarks, runs apps reliably, and offers a fantastic day-to-day experience whether you're using it for web browsing and email or for creative editing and professional work. That potential will only grow when Apple inevitably raises the RAM ceiling and (hopefully) brings back those missing USB ports..."

"Quibbling about massively parallel workloads -- which the M1 wasn't designed for -- aside, Apple has clearly broken the ice on high-performance ARM desktop and laptop designs," writes Jim Salter via Ars Technica. "Yes, you can build an ARM system that competes strongly with x86, even at very high performance levels."

"The M1-equipped MacBook Air now packs far better performance than its predecessors, rivaling at times the M1-based MacBook Pro. At $999, it's the best value among macOS laptops," concludes PCMag.

"For developers, the Apple Silicon Macs also represent the very first full-fledged Arm machines on the market that have few-to-no compromises. This is a massive boost not just for Apple, but for the larger Arm ecosystem and the growing Arm cloud-computing business," writes Andrei Frumusanu via AnandTech. "Overall, Apple hit it out of the park with the M1."

Privacy

Apple Hits Back at European Activist Complaints Against Tracking Tool (reuters.com) 29

An Austrian privacy advocacy group drew a strongly critical response from Apple on Monday after it said an online tracking tool used in its devices breached European law. From a report: The group, led by campaigner Max Schrems, filed complaints with data protection watchdogs in Germany and Spain alleging that the tracking tool illegally enabled the $2 trillion U.S. tech giant to store users' data without their consent. Apple directly rebutted the claims filed by Noyb, the digital rights group founded by Schrems, saying they were "factually inaccurate and we look forward to making that clear to privacy regulators should they examine the complaint." Schrems is a prominent figure in Europe's digital rights movement that has resisted intrusive data-gathering by Silicon Valley's tech platforms. He has fought two cases against Facebook, winning landmark judgments that forced the social network to change how it handles user data. Noyb's complaints were brought against Apple's use of a tracking code, known as the Identifier for Advertisers (IDFA), that is automatically generated on every iPhone when it is set up.
Desktops (Apple)

Mac Certificate Check Stokes Fear That Apple Logs Every App You Run (arstechnica.com) 74

Last week, Apple released macOS Big Sur and the rollout was anything but smooth. The mass upgrade caused the Apple servers responsible for checking if a user opens an app not downloaded from the App Store to slow to a crawl. Apple eventually fixed the problem, "but concerns about paralyzed Macs were soon replaced by an even bigger worry -- the vast amount of personal data Apple, and possibly others, can glean from Macs performing certificate checks each time a user opens an app that didn't come from the App Store," writes Dan Goodin via Ars Technica. From the report: Before Apple allows an app into the App Store, it must first pass a review that vets its security. Users can configure the macOS feature known as Gatekeeper to allow only these approved apps, or they can choose a setting that also allows the installation of third-party apps, as long as these apps are signed with a developer certificate issued by Apple. To make sure the certificate hasn't been revoked, macOS uses OCSP -- short for the industry standard Online Certificate Status Protocol -- to check its validity. [...] Somehow, the mass number of people upgrading to Big Sur on Thursday seems to have caused the servers at ocsp.apple.com to become overloaded but not fall over completely. The server couldn't provide the all clear, but it also didn't return an error that would trigger the soft fail. The result was huge numbers of Mac users left in limbo.

The post Your Computer Isn't Yours was one of the catalysts for the mass concern. It noted that the simple HTML get-requests performed by OCSP were unencrypted. That meant that not only was Apple able to build profiles based on our minute-by-minute Mac usage, but so could ISPs or anyone else who could view traffic passing over the network. (To prevent falling into an infinite authentication loop, virtually all OCSP traffic is unencrypted, although responses are digitally signed.) Fortunately, less alarmist posts like this one provided more helpful background. The hashes being transmitted weren't unique to the app itself but rather the Apple-issued developer certificate. That still allowed people to infer when an app such as Tor, Signal, Firefox, or Thunderbird was being used, but it was still less granular than many people first assumed. The larger point was that, in most respects, the data collection by ocsp.apple.com wasn't much different from the information that already gets transmitted in real time through OCSP every time we visit a website. [...] In short, though, the takeaway was the same: the potential loss of privacy from OCSP is a trade-off we make in an effort to check the validity of the certificate authenticating a website we want to visit or a piece of software we want to install.

In an attempt to further assure Mac users, Apple on Monday published this post. It explains what the company does and doesn't do with the information collected through Gatekeeper and a separate feature known as notarization, which checks the security even of non-App Store apps. The post went on to say that in the next year, Apple will provide a new protocol to check if developer certificates have been revoked, provide "strong protections against server failure," and present a new OS setting for users who want to opt out of all of this. [...] People who don't trust OCSP checks for Mac apps can turn them off by editing the Mac hosts file. Everyone else can move along.

Privacy

Apple Responds To Gatekeeper Issue With Upcoming Fixes (techcrunch.com) 54

Apple has updated a documentation page detailing the company's next steps to prevent last week's Gatekeeper bug from happening again. The company plans to implement the fixes over the next year. From a report: Apple had a difficult launch day last week. The company released macOS Big Sur, a major update for macOS. Apple then suffered from server-side issues. Third-party apps failed to launch as your Mac couldn't check the developer certificate of the app. That feature, called Gatekeeper, makes sure that you didn't download a malware app that disguises itself as a legit app. If the certificate doesn't match, macOS prevents the app launch. Many have been concerned about the privacy implications of the security feature. Does Apple log every app you launch on your Mac to gain competitive insights on app usage? It turns out it's easy to answer that question as the server doesn't mandate encryption. Jacopo Jannone intercepted an unencrypted network request and found out that Apple is not secretly spying on you. Gatekeeper really does what it says it does. "We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices," the company wrote.
Desktops (Apple)

macOS Big Sur Update Reportedly Bricks Some Older MacBook Pros (engadget.com) 117

Engadget writes: According to MacRumors, users on Apple's forums and Reddit are stuck with a black screen when trying to update their late 2013 or mid 2014 13-inch MacBook Pro models to Big Sur... An engineer investigating one customer's problems appeared to have resolved the issue after removing an IC chip for the HDMI port, but it's not certain that's the cause.
Citing user reports, MacRumors writes ominously that "Key reset combinations, including NVRAM, SMC, safe mode, and internet recovery, are all reportedly inaccessible after attempting to install the update, leaving no way to bypass the static black screen."
Programming

Why Apple Silicon Needs an Open Source Fortran Compiler (walkingrandomly.com) 113

"Earlier this week Apple announced their new, ARM-based 'Apple Silicon' machines to the world in a slick marketing event that had many of us reaching for our credit cards," writes Mike Croucher, technical evangelist at The Numerical Algorithms Group.

"Simultaneously, The Numerical Algorithms Group announced that they had ported their Fortran Compiler to the new platform. At the time of writing this is the only Fortran compiler publicly available for Apple Silicon although that will likely change soon as open source Fortran compilers get updated."

An anonymous Slashdot reader offers this analysis: Apple Silicon currently has no open source Fortran compiler and Apple themselves are one of the few silicon manufacturers who don't have their own Fortran compiler. You could be forgiven for thinking that this doesn't matter to most users... if it wasn't for the fact that sizeable percentages of foundational data science platforms such as R and SciPy are written in Fortran.
Croucher argues that "More modern systems, such as R, make direct use of a lot of this code because it is highly performant and, perhaps more importantly, has been battle tested in production for decades. Numerical computing is hard (even when all of your instincts suggest otherwise) and when someone demonstrably does it right, it makes good sense to reuse rather than reinvent..."

"The community needs and will demand open source (or at least free) Fortran compilers if data scientists are ever going to realise the full potential of Apple's new hardware and I have no doubt that these are on the way. Other major silicon providers (e.g. Intel, AMD, NEC and NVIDIA/PGI) have their own Fortran compiler that co-exist with the open ones. Perhaps Apple should join the club..."
OS X

Ask Slashdot: Did You Upgrade To macOS Big Sur? (wccftech.com) 101

Yesterday, Apple released the latest version of macOS: macOS Big Sur (also known as macOS 11.0) and the rollout was anything but smooth. Many users have complained about Apple services such as iMessage, or even Apple Pay, not working for them. Personally, my 5K iMac (2013), which isn't even compatible with Big Sur, ground to a halt yesterday, as I was unable to open up Google Chrome or any of my Adobe Creative Cloud apps. Even navigating my system preferences was painfully slow.

According to developer Jeff Johnson, the reason apps were failing to launch was because a process called "trustd" failed to attempt to connect to Apple's Online Certificate Status Protocol website (oscp.apple.com). "[D]enying the connection between "trustd" and oscp.apple.com fixes the issue, as does disabling a Mac's connection to the internet," notes Apple Insider. Slashdot reader shanen shares their experience: The story is about different problems, so I'll just start with my own anecdote. The 12GB download was amazingly slow. I'm being charitable and willing to attribute that to high demand. Eventually it did finish. The installation process didn't seem to be too bad. Then I did something with the Mac and it immediately wanted another upgrade. Turned out to be a double upgrade of two slightly different versions of some tools, but another (slow) GB bites the dust. Meanwhile, it decided to do that double-upgrade again? One of those two must have succeeded, because the third attempt failed with the appropriate notice that it had succeeded.

Bottom line? Not reassuring, but it seems to be okay now. I should have made a note about what triggered the extra GB, but I don't think I did anything unusual that should have required an OS-level extension of the system. Ergo, whatever was going on, I think it belonged in the original 12 GB download... Disclaimer needed: I just had an extremely negative interaction with Apple about the battery swelling problem in the course of attempting to consider whether or not I should upgrade my old MacBook Pro. It started on the Apple website, which was amazingly unhelpful even after it dangled a trade-in offer of some kind. Then it continued with a long phone call to a very kind and friendly person who seemed to know not so much, though he eventually led me to the search that revealed "Optimized Battery Charging" as an option that my old Mac cannot use. By the way, new iPhones apparently have it, too. So right now I think Apple finally figured out how to stop the battery swelling, but I am still screwed. I regard the Mac as a sunk cost, and the second rule of sunk cost is to NOT throw good money after bad. The first rule is that no one wants to talk about their mistakes, eh?

So did your upgrade to Big Sur go better than mine? I really hope so. Why share the misery? We have plenty of that with "He whose name need not be mentioned" anymore.

Privacy

Your Computer Isn't Yours (sneak.berlin) 345

Security researcher Jeffrey Paul, writes in a blog post: On modern versions of macOS, you simply can't power on your computer, launch a text editor or eBook reader, and write or read, without a log of your activity being transmitted and stored. It turns out that in the current version of the macOS, the OS sends to Apple a hash (unique identifier) of each and every program you run, when you run it. Lots of people didn't realize this, because it's silent and invisible and it fails instantly and gracefully when you're offline, but today the server got really slow and it didn't hit the fail-fast code path, and everyone's apps failed to open if they were connected to the internet. Because it does this using the internet, the server sees your IP, of course, and knows what time the request came in. An IP address allows for coarse, city-level and ISP-level geolocation, and allows for a table that has the following headings: Date, Time, Computer, ISP, City, State, Application Hash; Apple (or anyone else) can, of course, calculate these hashes for common programs: everything in the App Store, the Creative Cloud, Tor Browser, cracking or reverse engineering tools, whatever.

This means that Apple knows when you're at home. When you're at work. What apps you open there, and how often. They know when you open Premiere over at a friend's house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city. "Who cares?" I hear you asking. Well, it's not just Apple. This information doesn't stay with them: These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables. These requests go to a third-party CDN run by another company, Akamai. Since October of 2012, Apple is a partner in the US military intelligence community's PRISM spying program, which grants the US federal police and military unfettered access to this data without a warrant, any time they ask for it. In the first half of 2019 they did this over 18,000 times, and another 17,500+ times in the second half of 2019.

This data amounts to a tremendous trove of data about your life and habits, and allows someone possessing all of it to identify your movement and activity patterns. For some people, this can even pose a physical danger to them. Now, it's been possible up until today to block this sort of stuff on your Mac using a program called Little Snitch (really, the only thing keeping me using macOS at this point). In the default configuration, it blanket allows all of this computer-to-Apple communication, but you can disable those default rules and go on to approve or deny each of these connections, and your computer will continue to work fine without snitching on you to Apple. The version of macOS that was released today, 11.0, also known as Big Sur, has new APIs that prevent Little Snitch from working the same way. The new APIs don't permit Little Snitch to inspect or block any OS level processes. Additionally, the new rules in macOS 11 even hobble VPNs so that Apple apps will simply bypass them.

Slashdot Top Deals