This is exactly the response I would give too if I got caught.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Addresses Privacy Concerns Surrounding App Authentication in macOS
- Thread starter MacRumors
- Start date
- Sort by reaction score
Of course you could create a hash, but in this case, Apple doesn't — they transmit the hash of the developer's cert signature.
I'm telling you, there are plenty of IP addresses where the distance is a lot more than 2 miles.
That'll block any certificate revocation checks, which is unsafe for web browsing.
On the flip side, if a developer decides to not follow apples guides e.g. Fortnite, when a user clicks on the app, it won’t launch.
Good in a way that as time marches on, security is important and if an app doesn’t stay on top of security risks, it shouldn’t launch.
Bad in a way in that if a user pays for an app, the developer doesn’t follow gridlines, the user is left with an unusable app.
Good in a way that as time marches on, security is important and if an app doesn’t stay on top of security risks, it shouldn’t launch.
Bad in a way in that if a user pays for an app, the developer doesn’t follow gridlines, the user is left with an unusable app.
Well, they kind of addressed this in a lateral way: they said they will be stripping any identifying information from the requests, which I assume includes your IP.
Of course it remains to be seen wether they will do this or not, so far their track record (with “BatteryGate”) is good, but it’s always good to be skeptical.
If Apple were logging time/application/user's location (the latter involving using the IP address for geolocation) as suggested in the scary article (i.e. storing and processing data without meaningful consent or a well-defined essential purpose) then they'd be breaching the GDPR in the EU, UK and other jurisdictions with similar data protection laws and could be prosecuted/fined and (if totally intransigent) eventually blocked from doing business in those countries (admittedly unlikely). The EU Authorities already have Google, Apple etc. in their sights. Other countries are looking at the EU rules, and with data now being big business, parity of data-protection provisions is now a big issue in international trade agreements. Companies being shut down is unlikely, but they may well have to change their behaviour to avoid fines and tariffs.
Simply logging IP addresses is probably a breach since they're potentially personally identifiable information - but the revised Apple document (TL
NR "Oops!") suggests they've already fixed that - and since that is (or was) the default behaviour of popular software like Apache, anybody running a website might want to double check that they're not logging IPs as well...However, people really have to get this in perspective in relation to the huge amount of potentially personally identifiable information that you bleed every time you use a computer connected to the internet. If you're not already meticulous about operating a pinhole firewall, passing everything through a VPN, messing about with TOR, only using tinfoil-hat-approved open source browsers etc. then your Internet Service Provider will know the address of every website and internet service that you visit. Worrying about Gatekeeper is like putting a steel door on a tent.
If The Powers That Be want to tap your internet connection, then The Powers That Be will tap your internet connection and you'll have to get up really early in the morning to beat them.
You can still run unsigned apps on MacOS by jumping through a few one-off hoops, and even for signed apps the App Store still isn't compulsory. Still, anything sold on subscription, featuring third-party DRM, or where you missed the "check for updates" tick box will still phone home from time to time. If you're deeply worried about privacy then only use open-source applications that you've compiled from source. Still, the repository will quite likely have logged your IP address when you downloaded the source code.
It doesn’t phone home on every app opening. That was incorrect information. Everyone needs to read this before posting to make sure you have correct information about what’s going on. https://blog.jacopo.io/en/post/apple-ocsp/
Apple had to respond. It wasn't smart, it was defensive. I am neither distraught (hyperbole, no?) nor an Apple apologist. I'm concerned, which is a reasonable reaction.
So because there are IPs which are geolocated more than 2 miles, I'm not allowed privacy? The fact is, it's possible to geolocate ALOT of people fairly closely with IP addresses alone.
No it won't. Apple doesn't issue certs used on the web, those issues will have their own revocation lists. Absolute nonsense.
Whoa. Lots of conspiracy theorist today. Instead of being concerned about a company protecting your privacy be concerned about the people trying to hack your computer....
The term "conspiracy theorist" is used to demean and belittle someone's point of view. It seems to me there are reasonable concerns. And, being concerned with privacy and hacking are not mutually exclusive.
My biggest gripe in these sorts of affairs is that neither MS nor Apple, for all their PR bluster (especially Apple) about privacy, provides the tools to push the "trust" model farther down to the user. Granted, MOST users wouldn't know what to do, how to run their own services that respond to these requests. However, I could. And most competent I.T. departments have the talent. I'm all for the measures that Apple has implemented… but ONLY in the sense that they should have also open sourced the code and engineered it such that the "user" (or org, or I.T. dept) has the power to also supersede the signing. That way, once I had my system "locked down", I could say "OK, macOS, now I want you to use my private key to resign the binaries; stop talking to Apple's servers and now talk to mine." If the system was properly engineered, this wouldn't be a problem, because the entire PKI infrastructure was fundamentally built around the concept of "web of trust". It is Apple that has taken a decentralized system and centralized it; bad engineering, contrary to the fundamental basis of the design intent.
Just like with DNS, if I (or any org) don't want to "leak" personal data that can be used for fingerprinting, like app signatures, I could take control of that service. Same with being able to encrypt data stores rooted with my own external private key.
Then again, I'm pretty "radical" when it comes to this… I think Apple should be releasing their entire iCloud stack as an open source container, or at least be forced to license it economically. There is ZERO reason why Apple or Microsoft need to be sole collectors of all of this user data, merely because they wrote the operating systems. I simply cannot shake the "conspiracy theory" that this continues to be the "normal" case because this paradigm also very conveniently matches the capabilities of the various nation-states' intelligence systems. Which, at some level, raises the question: is Apple's "privacy" PR really nothing but a facade of misdirection? It all just naggingly reminds me a bit too much of the lessons of the original 'Tron' movie's 'MCP', and given Apple's PR history that should be a connection they fight against not march toward.
we can be concerned about both. shouldn't a company focused on privacy (as marketing tactic) try to protect your computer from hackers in the first place?
There may not be ONE, but it isn't like there are a lot. Between Five-Eyes, Russia, and China, you've gotten a whole lotta folks covered… India, Pakistan, Iran, and various other totalitarian states (NorK) sweep up a whole lot more. Sure, not "one" government, but…
This makes me think of Inrupt, which I learned of just last week.
More info here.
I wonder if Apple would ever allow customers’ iCloud content to sit on a Solid server.
Of course you are.
All I'm saying is that it's quite a stretch to go from Apple opens an HTTP connection to transmit the hash of a developer cert to Apple tracks which apps which people launch, and soon the NSA does, too.
Which is what the original post heavily suggests.
If you block trustd from updating cert lists, that'll affect both Developer ID certs and website certs.
And why, exactly, do we have to wait? These "features" should have been part of the initial design (obviously, Apple knows about them). Now it's going to take a bloody year to roll them out! How about we stop prioritizing freaking emoji and start taking care of the things that matter?
No, it won't. Browsers (Safari included) should be checking the CRL of the issuing provider. Apple is not the issuing provider. Ergo it should not affect website certs.
I agree with you completely; every single point.
Right. I'm saying if you block the process rather than the host, it will.
(And, still, that's not a good idea in the long run.)