{"id":8426,"date":"2021-05-20T19:54:00","date_gmt":"2021-05-20T17:54:00","guid":{"rendered":"https:\/\/monodes.com\/predaelli\/?p=8426"},"modified":"2021-05-20T09:33:22","modified_gmt":"2021-05-20T07:33:22","slug":"il-tuo-computer-non-e-tuo-aggiornamento","status":"publish","type":"post","link":"https:\/\/monodes.com\/predaelli\/2021\/05\/20\/il-tuo-computer-non-e-tuo-aggiornamento\/","title":{"rendered":"Il tuo computer non \u00e8 tuo (aggiornamento)"},"content":{"rendered":"\n<p><a href=\"https:\/\/sneak.berlin\/\">Jeffrey\u00a0Paul<\/a> ha aggiornato l&#8217;articolo che avevo citato a novembre ne \u00ab<a href=\"https:\/\/monodes.com\/predaelli\/2020\/11\/14\/il-tuo-computer-non-e-tuo\/\">Il tuo computer non \u00e8 tuo<\/a>\u00bb. Mi piacerebbe tradurlo, ma non sono un bravo traduttore e tempo ne ho pochissimo. Quasi quasi provo ad usare <a href=\"https:\/\/www.deepl.com\/translator\">DeepL<\/a>.<\/p>\n\n\n\n<!--nextpage-->\n\n\n<blockquote>\n<h1>Your Computer Isn&#8217;t Yours <br \/><small>12 November 2020<\/small> <br \/><small> ( 3897 words, approximately 21 minutes reading time. ) <\/small><\/h1>\n<div id=\"blogpagearticlecontent\" class=\"col-md-8\">\n<p><em>There have been several updates appended to this page as of 2020-11-16, please <a href=\"https:\/\/sneak.berlin\/20201112\/your-computer-isnt-yours\/#updates\">see below<\/a>.<\/em><\/p>\n<p><small>Also available in:<\/small><\/p>\n<ul>\n<li><small><a href=\"https:\/\/sneak.berlin\/i18n\/2020-11-12-your-computer-isnt-yours.tr\/\">T\u00fcrk\u00e7e<\/a><\/small><\/li>\n<li><small><a href=\"https:\/\/sneak.berlin\/i18n\/2020-11-12-your-computer-isnt-yours.fr\/\">Fran\u00e7ais<\/a><\/small><\/li>\n<li><small><a href=\"https:\/\/sneak.berlin\/i18n\/2020-11-12-your-computer-isnt-yours.es\/\">Espa\u00f1ol<\/a><\/small><\/li>\n<li><small><a href=\"https:\/\/sneak.berlin\/i18n\/2020-11-12-your-computer-isnt-yours.pt\/\">Portugu\u00eas<\/a><\/small><\/li>\n<li><small><a href=\"https:\/\/sneak.berlin\/i18n\/2020-11-12-your-computer-isnt-yours.pt-br\/\">Portugu\u00eas brasileiro<\/a><\/small><\/li>\n<li><small><a href=\"https:\/\/sneak.berlin\/i18n\/2020-11-12-your-computer-isnt-yours.ru\/\">\u0440\u0443\u0441\u0441\u043a\u0438\u0439<\/a><\/small><\/li>\n<li><small><a href=\"https:\/\/sneak.berlin\/i18n\/2020-11-12-your-computer-isnt-yours.zh\/\">\u7b80\u4f53\u4e2d\u6587<\/a><\/small><\/li>\n<li><small><a href=\"https:\/\/sneak.berlin\/i18n\/2020-11-12-your-computer-isnt-yours.ja\/\">\u65e5\u672c\u8a9e<\/a><\/small><\/li>\n<li><small>others: email translations in markdown format to <a href=\"mailto:sneak@sneak.berlin\">sneak@sneak.berlin<\/a><\/small><\/li>\n<\/ul>\n<p>It\u2019s here. It happened. Did you notice?<\/p>\n<p>I\u2019m speaking, of course, of <a href=\"https:\/\/www.gnu.org\/philosophy\/right-to-read.en.html\">the world that Richard Stallman predicted in 1997<\/a>. The one <a href=\"https:\/\/craphound.com\/pc\/download\/\">Cory Doctorow also warned us about<\/a>.<\/p>\n<p>On modern versions of macOS, you simply can\u2019t power on your computer, launch a text editor or eBook reader, and write or read, without a log of your activity being transmitted and stored.<\/p>\n<p>It turns out that in the current version of the macOS, the OS sends to Apple a hash (unique identifier) of each and every program you run, when you run it. Lots of people didn\u2019t realize this, because it\u2019s silent and invisible and it fails instantly and gracefully when you\u2019re offline, but today the <a href=\"https:\/\/news.ycombinator.com\/item?id=25074959\">server got really slow<\/a> and it didn\u2019t hit the fail-fast code path, and everyone\u2019s apps failed to open if they were connected to the internet.<\/p>\n<p>Because it does this using the internet, the server sees your IP, of course, and knows what time the request came in. An IP address allows for coarse, city-level and ISP-level geolocation, and allows for a table that has the following headings:<\/p>\n<p><code class=\"\" data-line=\"\">Date, Time, Computer, ISP, City, State, Application Hash<\/code><\/p>\n<p>Apple (or anyone else) can, of course, calculate these hashes for common programs: everything in the App Store, the Creative Cloud, Tor Browser, cracking or reverse engineering tools, whatever.<\/p>\n<p>This means that Apple knows when you\u2019re at home. When you\u2019re at work. What apps you open there, and how often. They know when you open Premiere over at a friend\u2019s house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city.<\/p>\n<p>\u201cWho cares?\u201d I hear you asking.<\/p>\n<p>Well, it\u2019s not just Apple. This information doesn\u2019t stay with them:<\/p>\n<ol>\n<li>\n<p>These OCSP requests are transmitted <em>unencrypted<\/em>. Everyone who can see the network can see these, including your ISP and <a href=\"https:\/\/en.wikipedia.org\/wiki\/Room_641A\">anyone who has tapped their cables<\/a>.<\/p>\n<\/li>\n<li>\n<p>These requests go to a third-party CDN run by another company, Akamai.<\/p>\n<\/li>\n<li>\n<p>Since October of 2012, Apple is a partner in <a href=\"https:\/\/en.wikipedia.org\/wiki\/PRISM_(surveillance_program)\">the US military intelligence community\u2019s PRISM spying program<\/a>, which grants the US federal police and military unfettered access to this data without a warrant, any time they ask for it. <a href=\"https:\/\/www.apple.com\/legal\/transparency\/\">In the first half of 2019 they did this over 18,000 times, and another 17,500+ times in the second half of 2019.<\/a><\/p>\n<\/li>\n<\/ol>\n<p>This data amounts to a tremendous trove of data about your life and habits, and allows someone possessing all of it to identify your movement and activity patterns. For some people, this can even pose a physical danger to them.<\/p>\n<p>Now, it\u2019s been possible up until today to block this sort of stuff on your Mac using a program called <a href=\"https:\/\/www.obdev.at\/products\/littlesnitch\/index.html\">Little Snitch<\/a> (really, the only thing keeping me using macOS at this point). In the default configuration, it blanket allows all of this computer-to-Apple communication, but you can disable those default rules and go on to approve or deny each of these connections, and your computer will continue to work fine without snitching on you to Apple.<\/p>\n<p>The version of macOS that was released today, 11.0, also known as Big Sur, has new APIs that prevent Little Snitch from working the same way. The new APIs don\u2019t permit Little Snitch to inspect or block any OS level processes. Additionally, the <a href=\"https:\/\/appleterm.com\/2020\/10\/20\/macos-big-sur-firewalls-and-vpns\/\">new rules in macOS 11 even hobble VPNs so that Apple apps will simply bypass them<\/a>.<\/p>\n<p><a href=\"https:\/\/twitter.com\/patrickwardle\/status\/1327034191523975168\">@patrickwardle lets us know<\/a> that <code class=\"\" data-line=\"\">trustd<\/code>, the daemon responsible for these requests, is in the new <code class=\"\" data-line=\"\">ContentFilterExclusionList<\/code> in macOS 11, which means it can\u2019t be blocked by any user-controlled firewall or VPN. In his screenshot, it also shows that CommCenter (used for making phone calls from your Mac) and Maps will also leak past your firewall\/VPN, potentially compromising your voice traffic and future\/planned location information.<\/p>\n<p>Those shiny new Apple Silicon macs that Apple just announced, three times faster and 50% more battery life? They won\u2019t run any OS before Big Sur.<\/p>\n<p>These machines are the first general purpose computers ever where you have to make an exclusive choice: you can have a fast and efficient machine, or you can have a private one. (Apple mobile devices have already been this way for several years.) Short of using an external network filtering device like a travel\/vpn router that <em>you<\/em> can totally control, there will be no way to boot any OS on the new Apple Silicon macs that <em>won\u2019t<\/em> phone home, and you can\u2019t modify the OS to prevent this (or they won\u2019t boot at all, due to hardware-based cryptographic protections).<\/p>\n<p><small><strong>Update, 2020-11-13 07:20 UTC:<\/strong> It comes to my attention that it may be possible to disable the boot time protections and modify the Signed System Volume (SSV) on Apple Silicon macs, via the <a href=\"https:\/\/keith.github.io\/xcode-man-pages\/bputil.1.html\">bputil<\/a> tool. I\u2019ve one on order, and I will investigate and report on this blog. As I understand it, this would still only permit booting of Apple-signed macOS, albeit perhaps with certain objectionable system processes removed or disabled. More data forthcoming when I have the system in hand.<\/small><\/p>\n<p>Your computer now serves a remote master, who has decided that they are entitled to spy on you. If you\u2019ve <a href=\"https:\/\/www.apple.com\/macbook-air\/\">the most efficient high-res laptop in the world<\/a>, you <em>can\u2019t turn this off<\/em>.<a href=\"https:\/\/sneak.berlin\/20201112\/your-computer-isnt-yours\/#turnitoff\">*<\/a><\/p>\n<p>Let\u2019s not think very much right now about <a href=\"https:\/\/lapcatsoftware.com\/articles\/revocation.html\">the additional fact that Apple can, via these online certificate checks, prevent you from launching any app they (or their government) demands be censored<\/a>.<\/p>\n<h1 id=\"dear-frog-this-water-is-now-boiling\">Dear Frog, This Water Is Now Boiling<\/h1>\n<p>The day that Stallman and Doctorow have been warning us about has arrived this week. It\u2019s been a slow and gradual process, but we are finally here. You will receive no further alerts.<\/p>\n<h1 id=\"see-also\">See Also<\/h1>\n<ul>\n<li>21 Jan 2020: <a href=\"https:\/\/www.reuters.com\/article\/us-apple-fbi-icloud-exclusive\/exclusive-apple-dropped-plan-for-encrypting-backups-after-fbi-complained-sources-idUSKBN1ZK1CT\">Apple dropped plan for encrypting backups after FBI complained<\/a><\/li>\n<\/ul>\n<h1 id=\"probably-unrelated\">Probably Unrelated<\/h1>\n<p>In other news, Apple has quietly backdoored the end-to-end cryptography of iMessage. Presently, modern iOS will prompt you for your Apple ID during setup, and will automatically enable iCloud and iCloud Backup.<\/p>\n<p>iCloud Backup is not end to end encrypted: it encrypts your device backup to <em>Apple<\/em> keys. Every device with iCloud Backup enabled (it\u2019s on by default) backs up the complete iMessage history to Apple, along with the device\u2019s iMessage secret keys, each night when plugged in. Apple can decrypt and read this information without ever touching the device. Even if <em>you<\/em> have iCloud and\/or iCloud Backup disabled: it\u2019s likely that whoever you\u2019re iMessaging with does not, and that your conversation is being uploaded to Apple (and, via PRISM, freely available to the US military intelligence community, FBI, et al\u2014with no warrant or probable cause).<\/p>\n<p><small><a href=\"https:\/\/signal.org\/\">Use Signal.<\/a><\/small><\/p>\n<h1 id=\"updates\">Updates<\/h1>\n<p><a name=\"updates\"><\/a><\/p>\n<p><strong>Update, 2020-11-16 16:06 UTC:<\/strong><\/p>\n<blockquote>\n<p>\u201cWhat are the facts? Again and again and again \u2013 what are the facts? Shun wishful thinking, ignore divine revelation, forget what \u201cthe stars foretell,\u201d avoid opinion, care not what the neighbors think, never mind the unguessable \u201cverdict of history\u201d \u2013 what are the facts, and to how many decimal places? You pilot always into an unknown future; facts are your single clue. Get the facts!\u201d<\/p>\n<\/blockquote>\n<p>\u2014 Robert Heinlein<\/p>\n<p>That guy jacopo who supposedly debunked my primary claim is lying. It\u2019s <em>evidenced on his own page<\/em>, which you can <a href=\"https:\/\/blog.jacopo.io\/en\/post\/apple-ocsp\/\">go see for yourself<\/a>:<\/p>\n<p><img data-recalc-dims=\"1\" decoding=\"async\" class=\"img-fluid\" src=\"https:\/\/i0.wp.com\/sneak.berlin\/s\/2020\/20201112.yourcomputer\/wrong.jpg?w=910&#038;ssl=1\" \/><\/p>\n<p>Oops.<\/p>\n<p>He also claims that \u201cmacOS does actually send out some opaque information about the developer certificate of those apps\u201d. It\u2019s actually not opaque at all: it\u2019s a <em>publicly known<\/em> unique identifier for the developer of an app (which for almost all apps is a public unique identifier for that app, as most developers only publish a single app).<\/p>\n<p><small>This nicely illustrates the danger of trusting any expert that jams some technical gibberish in your face under a clickbait <a href=\"https:\/\/en.wikipedia.org\/wiki\/Betteridge%27s_law_of_headlines\">Betteridge headline<\/a>. Make sure you do your homework, and, always, always, our guiding light: <em>What are the facts?<\/em><\/small><\/p>\n<p>The thing that\u2019s sent is <em>indeed a hash<\/em>, is <em>indeed a unique identifier for almost all apps<\/em>, and is <em>indeed sent to Apple unencrypted in realtime with your IP<\/em>. I simplified the explanation above to avoid having to explain OCSP and x509 and the PKI, and was deliberately careful not to claim that it was a hash of the file content of the application binary.<\/p>\n<p>TL;DR: This post is, was, and remains accurate. Clickbait gonna clickbait.<\/p>\n<p><a name=\"turnitoff\"><\/a> The <strong>good news<\/strong> is that <a href=\"https:\/\/support.apple.com\/en-us\/HT202491\">Apple has, just today, publicly committed<\/a>, presumably in response to this page, to:<\/p>\n<ol>\n<li>\n<p>deleting the IP logs<\/p>\n<\/li>\n<li>\n<p>encrypting the communication between macOS and Apple to prevent the privacy leak<\/p>\n<\/li>\n<li>\n<p>giving users an option of disabling these online checks that leak what apps you\u2019re opening and when.<\/p>\n<\/li>\n<\/ol>\n<p>(Their update is at the very bottom of that page, under the oddly-capitalized headline \u201cPrivacy protections\u201d.)<\/p>\n<p>A quote from Apple\u2019s 16 November update:<\/p>\n<blockquote>\n<p>Gatekeeper performs online checks to verify if an app contains known malware and whether the developer\u2019s signing certificate is revoked. We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices.<\/p>\n<\/blockquote>\n<blockquote>\n<p>Notarization checks if the app contains known malware using an encrypted connection that is resilient to server failures.<\/p>\n<\/blockquote>\n<p>They use deliberately confusing language here to lead you into conflating Gatekeeper with Notarization, so that you will believe that the connections are currently encrypted, while not lying. The Gatekeeper OCSP checks described in this post (\u201cGatekeeper performs online checks\u201d) <strong>are not encrypted<\/strong>. (The notarization ones, which aren\u2019t relevant here, are.)<\/p>\n<p>Apple\u2019s spin doctors are among the best in the world, and my hat\u2019s off to them.<\/p>\n<p><small>This even totally fooled <a href=\"https:\/\/www.theverge.com\/2020\/11\/16\/21569316\/apple-mac-ocsp-server-developer-id-authentication-privacy-concerns-encryption-promises-fix\">Jon Porter at The Verge<\/a> into misreporting their insinuation as a statement of fact, inside of a hyperlink to the Apple post itself which says no such thing! Honestly, I\u2019m amazed and impressed, this sort of say-one-thing-but-readers-read-another is to me like magic tricks to a 6 year old. The Verge, to their credit, amended their reporting after I emailed them to point this out, but still: wow. That\u2019s world-class work.<\/small><\/p>\n<p>Further:<\/p>\n<blockquote>\n<p>In addition, over the the next year we will introduce several changes to our security checks:<\/p>\n<\/blockquote>\n<blockquote>\n<p>A new encrypted protocol for Developer ID certificate revocation checks<\/p>\n<\/blockquote>\n<p><small> (All of you that are <a href=\"https:\/\/www.epsilontheory.com\/too-clever-by-half\/\">too-clever-by-half<\/a> incorrectly commenting about TLS trust circular dependencies and how OCSP <em>has<\/em> to be unencrypted to work <a href=\"https:\/\/news.ycombinator.com\/item?id=25096990\">can stop now<\/a>.) <\/small><\/p>\n<p>It sucks that they\u2019ve let the NSA, CIA, your ISP, et al slurp up this unencrypted pattern-of-life data off the wire for the last 2+ years, and they\u2019re still going to transmit the data (encrypted) to <em>Apple<\/em> in realtime, on by default every single mac, but at least the 0.01% of mac users who know about it now can turn it off, so Apple will only get a realtime log of what apps you open, when, and where for the other 99.99% of mac users. Cool.<\/p>\n<p><small>It\u2019s possible they\u2019ll use a bloom filter or some other privacy-preserving way of distributing the certificate revocation data that doesn\u2019t actually transmit app launch activity, but given that <em>every single version<\/em> of iOS now begs me to re-enable analytics no matter how many times I repeatedly opt out, I\u2019m not holding my breath here. We won\u2019t know until they update this process, which they\u2019ve only committed to doing sometime in the next <em>year<\/em>, which shows you how much of a priority your privacy is to them.<\/small><\/p>\n<p>This is, sadly, about as close as you can possibly get to a \u201cwe fucked up\u201d from Apple PR: they\u2019re deleting their IP logs, encrypting their shit, and letting you turn it off. This is great, but they have <a href=\"https:\/\/thenextweb.com\/plugged\/2020\/11\/16\/apple-apps-on-big-sur-bypass-firewalls-vpns-analysis-macos\/\">remained totally silent on the fact that their OS apps will still bypass your firewall and leak your IP and location past your VPN on Big Sur<\/a> and how they\u2019re still <a href=\"https:\/\/www.reuters.com\/article\/us-apple-fbi-icloud-exclusive\/exclusive-apple-dropped-plan-for-encrypting-backups-after-fbi-complained-sources-idUSKBN1ZK1CT\">not fixing the key escrow backdoor in iMessage\u2019s encryption so Apple sysadmins and the FBI can keep seeing your nudes and texts in iMessage<\/a>.<\/p>\n<p>We need to be happy with little victories, I guess.<\/p>\n<p><a href=\"https:\/\/twitter.com\/dhh\/status\/1328337941769367552\">dhh puts it best<\/a>:<\/p>\n<blockquote>\n<p>The whole process of having Apple mix these \u201cprotections against malware\u201d into a system that\u2019s also a \u201cprotection of our business model\u201d remains deeply problematic.<\/p>\n<\/blockquote>\n<blockquote>\n<p>We need to remain vigilant, and resist these power grabs masquerading purely as benevolent security measures. Yes, there are security benefits. No, we don\u2019t trust Apple to dictate whether our computers should be allowed to run a piece of software. We already lost that on iOS.<\/p>\n<\/blockquote>\n<blockquote>\n<p>Anyway, this is promise of progress. Right now, Apple is still linking your IP address to app openings in an unencrypted way over the open internet. And in Big Sur, have prevented tools like Little Snitch from blocking that. So until the fixes roll out, maybe don\u2019t upgrade?<\/p>\n<\/blockquote>\n<blockquote>\n<p>What this change to logging and promise of future improvements also does, though, is hanging all the Apple apologists that were oh-so-quick to dismiss these revelations as nothing out to dry. Yikes jumping on that boat the day before Apple sinks it themselves with this admission.<\/p>\n<\/blockquote>\n<p>Three cheers for intelligent voices of reason. Thanks, dhh!<\/p>\n<p><strong>Update, 2020-11-14 05:10 UTC:<\/strong> There is now a FAQ.<\/p>\n<h2 id=\"faq\">FAQ<\/h2>\n<p>Q: <em>Is this part of macOS analytics? Does this still happen if I have analytics off?<\/em><\/p>\n<p>A: This has nothing to do with analytics. It seems this is part of Apple\u2019s anti-malware (and perhaps anti-piracy) efforts, and happens on all macs running the affected versions of the OS, independent of any analytics settings. There is no user setting in the OS to disable this behavior.<\/p>\n<p>Q: <em>When did this start?<\/em><\/p>\n<p>A: This has been happening since at least macOS Catalina (10.15.x, released 7 October 2019). This did not just start with yesterday\u2019s release of Big Sur, it has been happening silently for <em>at least<\/em> a year. <a href=\"https:\/\/lapcatsoftware.com\/articles\/notarization-privacy.html\">According to Jeff Johnson of Lap Cat Software<\/a>, this started with macOS Mojave, which was released on 24 September 2018.<\/p>\n<p>Each new version of macOS that comes out, I install on a blank fresh machine, turn analytics off and log into nothing (no iCloud, no App Store, no FaceTime, no iMessage) and use an external device to monitor all of the network traffic that comes out of the machine. The last few versions of macOS have been quite noisy, even when you don\u2019t use any Apple services. There have been some privacy\/tracking concerns in Mojave (10.14.x), but I don\u2019t recall if this specific OCSP issue existed then or not. I have not yet tested Big Sur (<a href=\"https:\/\/sneak.berlin\/list\">keep in touch for updates<\/a>), and the concerns about user firewalls like Little Snitch and the Apple apps bypassing those and VPNs have come from reports from those who have. I imagine I\u2019ll have a big list of issues I find with Big Sur when I install it on a test machine this week, as it just came out yesterday and I don\u2019t use my limited time testing betas that are in flux, only released software.<\/p>\n<p>Q: <em>How do I protect my privacy?<\/em><\/p>\n<p>A: It varies. There\u2019s a ton of traffic coming out of your mac talking to Apple, and if you\u2019re concerned about your privacy you can start with turning off the things for which there <em>are<\/em> knobs: disable and log out of iCloud, disable and log out of iMessage, disable and log out of FaceTime. Ensure Location Services is off on your computer, iPhone, and iPad. These are the big tracking leaks that you\u2019ve already opted in to, and there is a way out that could not be simpler: turn it off.<\/p>\n<p>As for the OCSP issue, I believe (but have not tested!) that<\/p>\n<p><code class=\"\" data-line=\"\">echo 127.0.0.1 ocsp.apple.com | sudo tee -a \/etc\/hosts<\/code><\/p>\n<p>will work for now for this specific issue. I block such traffic using Little Snitch, which still works correctly on 10.15.x (Catalina) and earlier. (You have to disable all of the Little Snitch default allow rules for \u201cmacOS Services\u201d and \u201ciCloud Services\u201d to get alerts when macOS tries to talk to Apple, because Little Snitch permits them by default.)<\/p>\n<p>If you have an Intel mac (which is pretty much all of you right now), don\u2019t worry too much about OS changes. If you\u2019re willing to get your hands dirty and change some settings, you\u2019ll likely always be able to modify every OS that Apple ever ships for your machine. (This is especially true for slightly older intel macs that do not have the T2 security chip in them, and it\u2019s likely that even T2 Intel macs will always be permitted to disable all boot security (and thus modify the OS) if the user desires, which is the case today.)<\/p>\n<p>The new ARM64 (\u201cApple Silicon\u201d) macs that were released this week are the reason for my sounding the alarm: it remains to be seen whether it will be possible for users to modify the OS on these systems at all. On other Apple ARM systems (iPad, iPhone, Apple TV, Watch) it is cryptographically prohibited to disable parts of the OS. In the default configuration for these new ARM macs, it will likely be prohibited as well, although hopefully users that want the ability will be able to disable some of the security protections and modify the system. I\u2019m hoping that the <a href=\"https:\/\/keith.github.io\/xcode-man-pages\/bputil.1.html\"><code class=\"\" data-line=\"\">bputil(1) utility<\/code><\/a> will permit disabling of the system volume integrity checks on the new macs, allowing us to disable certain system services at boot, without disabling all of the platform security features. More information will be forthcoming when I have the new M1 hardware in hand this month and have the facts.<\/p>\n<p>Q: <em>If you don\u2019t like Apple or don\u2019t trust their OS, why are you running it? Why did you say you\u2019re buying one of the new ARM macs?<\/em><\/p>\n<p>A: The simple answer is that without the hardware and software in hand, I can\u2019t speak authoritatively about what it does or does not do, or steps one might take to mitigate any privacy issues. The long answer is that I have 20+ computers that comprise ~6 different processor architectures and I variously run all of the OSes you\u2019ve heard of and some of the ones you probably haven\u2019t. For example, here in my lab, I have 68k macs (16 bit, almost-32 bit (shoutout to my IIcx), and 32 bit clean), PowerPC macs, Intel 32 bit macs, Intel 64 bit macs (with and without the T2 security chip), and I\u2019d be a total slacker if I didn\u2019t hack at least a little bit on an ARM64 mac.<\/p>\n<p>Q: <em>Why is Apple spying on us?<\/em><\/p>\n<p>A: I don\u2019t believe that this was explicitly designed as telemetry, but it happens to serve insanely well for that purpose. The simple (assume no malice) explanation is that this is part of Apple\u2019s efforts to prevent malware and ensure platform security on macOS. Additionally, the OCSP traffic that macOS generates is not encrypted, which makes it <em>perfect<\/em> for military surveillance operations (which passively monitor all major ISPs and network backbones) to use it for the <em>purpose<\/em> of telemetry, whether Apple <em>intended<\/em> that when designing the feature or not.<\/p>\n<p>However: Apple recently backdoored iMessage\u2019s cryptography with an iOS update that introduced iCloud Backup, and then <a href=\"https:\/\/www.reuters.com\/article\/us-apple-fbi-icloud-exclusive\/exclusive-apple-dropped-plan-for-encrypting-backups-after-fbi-complained-sources-idUSKBN1ZK1CT\">didn\u2019t fix it so the FBI could continue to read all the data on your phone<\/a>.<\/p>\n<p>As Goldfinger\u2019s famous saying goes: <em>\u201cOnce is happenstance. Twice is coincidence. The third time it\u2019s enemy action.\u201d<\/em> There is a finite and small number of times Apple (who employs many absolute stone-cold cryptography <em>wizards<\/em>) can say \u201coops sorry it was an accident\u201d that their software transmitted plaintext or encryption keys <em>off of the device and to the network\/Apple<\/em> and remain credible in their explanations.<\/p>\n<p>The last time I reported an issue to Apple involving the transmission of plaintext across the network back in 2005, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-3774\">they fixed it promptly<\/a>, and that was only for dictionary word lookups. Shortly thereafter they introduced <a href=\"https:\/\/developer.apple.com\/documentation\/bundleresources\/information_property_list\/nsapptransportsecurity\">App Transport Security<\/a> to help third-party app developers stop fucking up their use of network crypto, and made it way more difficult for those same app developers to make unencrypted requests in App Store apps. It\u2019s quite strange to me to see Apple making OCSP requests unencrypted, even if that is the industry default.<\/p>\n<p>If Apple truly cares about user privacy, they should be looking long and hard at every single packet that comes out of a mac on a fresh install before they release a new OS. We are. The longer that they don\u2019t, the less credible their claims about respecting user privacy will become.<\/p>\n<p>Q: <em>Why are you crying wolf? Don\u2019t you know that OCSP is just to prevent malware and keep the OS secure and isn\u2019t meant as telemetry?<\/em><\/p>\n<p>A: The side effect is that it <em>functions as telemetry<\/em>, regardless of what the original intent of OCSP is or was. Additionally, even though the OCSP responses are signed, it\u2019s borderline negligent that the OCSP requests themselves aren\u2019t encrypted, allowing anyone on the network (which includes the US military intelligence community) to see what apps you\u2019re launching and when.<\/p>\n<p>Many things function as telemetry, even when not originally intended as so. The intelligence services that spy on everyone they can take advantage of this when and where it occurs, regardless of designer intent.<\/p>\n<p>It\u2019s not worth putting everyone in a society under constant surveillance to defeat, for example, violent terrorism, and it\u2019s not worth putting everyone on a platform under the same surveillance to defeat malware. You throw out the baby with the bathwater when, in your effort to produce a secure platform, you produce a platform that is <em>inherently insecure<\/em> due to a lack of privacy.<\/p>\n<p>Q: <em>They backdoored iMessage\u2019s end-to-end encryption?! WTF?!<\/em><\/p>\n<p>A: Yup. More technical details in my HN comments <a href=\"https:\/\/news.ycombinator.com\/item?id=25078317\">here<\/a> and <a href=\"https:\/\/news.ycombinator.com\/item?id=25078388\">here<\/a>.<\/p>\n<p>TL;DR: They even say as much on their website; from <a href=\"https:\/\/support.apple.com\/en-us\/HT202303\">https:\/\/support.apple.com\/en-us\/HT202303<\/a>:<\/p>\n<blockquote>\n<p>Messages in iCloud also uses end-to-end encryption. <strong>If you have iCloud Backup turned on, your backup includes a copy of the key protecting your Messages.<\/strong> This ensures you can recover your Messages if you lose access to iCloud Keychain and your trusted devices. When you turn off iCloud Backup, a new key is generated on your device to protect future messages and isn\u2019t stored by Apple.<\/p>\n<\/blockquote>\n<p>(emphasis mine)<\/p>\n<p>Note that iCloud Backup itself is <em>not<\/em> end-to-end encrypted, which is what results in the iMessage key escrow issue that backdoors the end-to-end encryption of iMessage. There\u2019s a section on that webpage that lists the stuff that <em>is<\/em> end-to-end encrypted, and iCloud Backup ain\u2019t in there.<\/p>\n<p><a href=\"https:\/\/sneak.berlin\/20200604\/if-zoom-is-wrong-so-is-apple\/\">Neither are your iCloud photos.<\/a> Apple sysadmins (and the US military and feds) can <a href=\"https:\/\/youtu.be\/XEVlyP4_11M?t=1493\">totally see all your nudes<\/a> in iCloud or iMessage.<\/p>\n<h2 id=\"further-reading\">Further Reading<\/h2>\n<ul>\n<li><a href=\"https:\/\/developer.apple.com\/videos\/play\/wwdc2020\/10686\/\">https:\/\/developer.apple.com\/videos\/play\/wwdc2020\/10686\/<\/a><\/li>\n<li><a href=\"https:\/\/lapcatsoftware.com\/articles\/ocsp.html\">https:\/\/lapcatsoftware.com\/articles\/ocsp.html<\/a><\/li>\n<\/ul>\n<\/div>\n<\/blockquote>","protected":false},"excerpt":{"rendered":"<p class=\"excerpt\">Jeffrey\u00a0Paul ha aggiornato l&#8217;articolo che avevo citato a novembre ne \u00abIl tuo computer non \u00e8 tuo\u00bb. Mi piacerebbe tradurlo, ma non sono un bravo traduttore e tempo ne ho pochissimo. Quasi quasi provo ad usare DeepL.<\/p>\n<p class=\"more-link-p\"><a class=\"more-link\" href=\"https:\/\/monodes.com\/predaelli\/2021\/05\/20\/il-tuo-computer-non-e-tuo-aggiornamento\/\">Read more &rarr;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":4,"activitypub_interaction_policy_quote":"anyone","activitypub_status":"","footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[293,80,209,53],"tags":[],"class_list":["post-8426","post","type-post","status-publish","format-standard","hentry","category-apple","category-hardware","category-proprietary-hardware","category-proprietary-software"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p6daft-2bU","jetpack-related-posts":[{"id":14507,"url":"https:\/\/monodes.com\/predaelli\/2025\/12\/24\/forgejo-lalternativa-libera-a-github-e-gitlab\/","url_meta":{"origin":8426,"position":0},"title":"Forgejo, l\u2019alternativa libera a GitHub e GitLab.","author":"Paolo Redaelli","date":"2025-12-24","format":false,"excerpt":"Forgejo \u00e8 l\u2019alternativa self-hosted e libera a GitHub e GitLab. Una piattaforma di hosting di codice e collaborazione che puoi installare sui tuoi server o usare su istanze come forgejo.it, senza dipendere da Big Tech. Perch\u00e9 scegliere Forgejo: Controllo totale: Git, issue, pull request, wiki, Kanban e CI\/CD, tutto sotto\u2026","rel":"","context":"In &quot;Software&quot;","block_context":{"text":"Software","link":"https:\/\/monodes.com\/predaelli\/category\/software\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9478,"url":"https:\/\/monodes.com\/predaelli\/2022\/07\/07\/scoperte-2\/","url_meta":{"origin":8426,"position":1},"title":"Scoperte","author":"Paolo Redaelli","date":"2022-07-07","format":"link","excerpt":"Scoperta del giorno: LibreOffice Writer on rollApp Il tuo elaboratore di testi gratuito per ogni tipo di documento nel cloud. Ottimizzato specificamente per il tuo dispositivo. Provalo! Non \u00e8 il mio genere ma \u00e8 molto buono sapere che c'\u00e8!","rel":"","context":"In &quot;Software&quot;","block_context":{"text":"Software","link":"https:\/\/monodes.com\/predaelli\/category\/software\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2022\/07\/libreoffice-on-rollapp.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2022\/07\/libreoffice-on-rollapp.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2022\/07\/libreoffice-on-rollapp.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2022\/07\/libreoffice-on-rollapp.webp?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":10471,"url":"https:\/\/monodes.com\/predaelli\/2023\/05\/17\/cara-decathlon\/","url_meta":{"origin":8426,"position":2},"title":"Cara Decathlon","author":"Paolo Redaelli","date":"2023-05-17","format":false,"excerpt":"Chers patrons du D\u00e9cathlon , Chers patrons du Delhaize et toutes les autres enseignes qui ont une auto-caisse. Vous \u00eates presque exclusivement en auto-caisse maintenant.La derni\u00e8re fois que j'y \u00e9tais , la dame qui v\u00e9rifiait les re\u00e7us \u00e9tait \u00e0 la sortie en arr\u00eatant tout le monde.Je n'ai pas choisi de\u2026","rel":"","context":"In &quot;Ethics&quot;","block_context":{"text":"Ethics","link":"https:\/\/monodes.com\/predaelli\/category\/ethics\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2023\/05\/casse-automatiche.webp?fit=960%2C534&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2023\/05\/casse-automatiche.webp?fit=960%2C534&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2023\/05\/casse-automatiche.webp?fit=960%2C534&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2023\/05\/casse-automatiche.webp?fit=960%2C534&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":6992,"url":"https:\/\/monodes.com\/predaelli\/2020\/04\/01\/live-streaming-su-youtube-tutorial-dirette-nel-youtube-studio\/","url_meta":{"origin":8426,"position":3},"title":"Live Streaming su YouTube \u2013 Tutorial Dirette nel YouTube Studio","author":"Paolo Redaelli","date":"2020-04-01","format":"link","excerpt":"Vuoi fare una diretta su YouTube? In questo tutorial ti guido nelle impostazioni del Live Streaming nel Youtube Studio per iniziare a fare dirette. Live Streaming su YouTube \u2013 Tutorial Dirette nel YouTube Studio Che \u00e8 esattamente quel che ho fatto all'inizio. Poi ci ho ricamato sopra con i telefoni\u2026","rel":"","context":"In &quot;Senza categoria&quot;","block_context":{"text":"Senza categoria","link":"https:\/\/monodes.com\/predaelli\/category\/senza-categoria\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2020\/04\/Window_e_Dashboard_canale_-_YouTube_Studio_e_Live_Streaming_YouTube.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2020\/04\/Window_e_Dashboard_canale_-_YouTube_Studio_e_Live_Streaming_YouTube.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2020\/04\/Window_e_Dashboard_canale_-_YouTube_Studio_e_Live_Streaming_YouTube.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2020\/04\/Window_e_Dashboard_canale_-_YouTube_Studio_e_Live_Streaming_YouTube.jpg?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2020\/04\/Window_e_Dashboard_canale_-_YouTube_Studio_e_Live_Streaming_YouTube.jpg?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2020\/04\/Window_e_Dashboard_canale_-_YouTube_Studio_e_Live_Streaming_YouTube.jpg?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":10502,"url":"https:\/\/monodes.com\/predaelli\/2023\/06\/07\/solo-uno\/","url_meta":{"origin":8426,"position":4},"title":"Solo uno?","author":"Paolo Redaelli","date":"2023-06-07","format":"status","excerpt":"Ricordi il tuo libro preferito dell'infanzia? Non ne ho uno solo, ma molti, tutti quelli che ho letto di Jules Verne: Ventimila leghe sotto i mari, L'isola misteriosa, Viaggio al centro della terra. E poi quando gi\u00e0 ero in prima media, a dieci anni, Lo Hobbit, per cui devo ringraziare\u2026","rel":"","context":"In &quot;Mood&quot;","block_context":{"text":"Mood","link":"https:\/\/monodes.com\/predaelli\/category\/mood\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7056,"url":"https:\/\/monodes.com\/predaelli\/2020\/04\/03\/openlitespeed-troppo-buono-per-essere-vero\/","url_meta":{"origin":8426,"position":5},"title":"(open)LiteSpeed: troppo buono per essere vero?","author":"Paolo Redaelli","date":"2020-04-03","format":false,"excerpt":"Leggendo la chat di IoRestoACasa.work mi \u00e8 caduto l'occhio su un frammento di conversazione che decantava le qualit\u00e0 del server web LiteSpeed, sostenendo che fosse\u00a0molto pi\u00f9 veloce di Nginx. Tralasciamo che in prima battuta credevo fosse lighttp. Poi ho storto il naso scoprendo che era proprietario ma aveva una versione\u2026","rel":"","context":"In &quot;Proprietary software&quot;","block_context":{"text":"Proprietary software","link":"https:\/\/monodes.com\/predaelli\/category\/software\/proprietary-software\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/monodes.com\/predaelli\/wp-content\/uploads\/sites\/4\/2020\/04\/2631_chart_02.webp?resize=350%2C200","width":350,"height":200},"classes":[]}],"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/monodes.com\/predaelli\/wp-json\/wp\/v2\/posts\/8426","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/monodes.com\/predaelli\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/monodes.com\/predaelli\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/monodes.com\/predaelli\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/monodes.com\/predaelli\/wp-json\/wp\/v2\/comments?post=8426"}],"version-history":[{"count":0,"href":"https:\/\/monodes.com\/predaelli\/wp-json\/wp\/v2\/posts\/8426\/revisions"}],"wp:attachment":[{"href":"https:\/\/monodes.com\/predaelli\/wp-json\/wp\/v2\/media?parent=8426"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/monodes.com\/predaelli\/wp-json\/wp\/v2\/categories?post=8426"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/monodes.com\/predaelli\/wp-json\/wp\/v2\/tags?post=8426"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}