Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Apple Snooping on users and sending the result unencrypted  (Read 504 times)

Alex Atkin UK

  • Kitizen
  • ****
  • Posts: 1742
    • My Broadband History
Apple Snooping on users and sending the result unencrypted
« on: November 15, 2020, 01:18:51 AM »

Quote
It turns out that in the current version of the macOS, the OS sends to Apple a hash (unique identifier) of each and every program you run, when you run it. Lots of people didnít realize this, because itís silent and invisible and it fails instantly and gracefully when youíre offline, but today the server got really slow and it didnít hit the fail-fast code path, and everyoneís apps failed to open if they were connected to the internet.

Because it does this using the internet, the server sees your IP, of course, and knows what time the request came in. An IP address allows for coarse, city-level and ISP-level geolocation, and allows for a table that has the following headings:

Date, Time, Computer, ISP, City, State, Application Hash

Apple (or anyone else) can, of course, calculate these hashes for common programs: everything in the App Store, the Creative Cloud, Tor Browser, cracking or reverse engineering tools, whatever.

This means that Apple knows when youíre at home. When youíre at work. What apps you open there, and how often. They know when you open Premiere over at a friendís house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city.

ďWho cares?Ē I hear you asking.

Well, itís not just Apple. This information doesnít stay with them:

https://sneak.berlin/20201112/your-computer-isnt-yours/

Maybe a bit dramatic, but with modern analysis it is a cause for concern.

I wonder how this compares to the telemetry Microsoft collect?
« Last Edit: November 15, 2020, 01:21:35 AM by Alex Atkin UK »
Logged
INTAKE (ECI) Zen: Home Hub 5A OpenWrt Plusnet: VMG-3925-B10B Three 4G: Hauwei B535-232 Router: pfSense (i5-7200U) WiFi: Ubiquiti nanoHD
Thinkbroadband Quality Monitors

Weaver

  • Addicted Kitizen
  • *****
  • Posts: 9320
  • Retd sw dev; A&A; 4 ◊ 7km ADSL2; IPv6; Firebrick
Re: Apple Snooping on users and sending the result unencrypted
« Reply #1 on: November 15, 2020, 07:24:49 AM »

Is that true for iOS too? Donít like that at all!  :no: >:(

I wonder if we could firewall this off?

Since Apple use privacy addresses with IPv6, then they canít tell anything much about you if you do use IPv6. They can get stats on what apps are in use but the Ďby whomí thing isnít really doable in that case. And with IPv4 a lot of users have dynamic addresses from their ISPs anyway.
« Last Edit: November 15, 2020, 07:28:33 AM by Weaver »
Logged

displaced

  • Reg Member
  • ***
  • Posts: 212
Re: Apple Snooping on users and sending the result unencrypted
« Reply #2 on: November 15, 2020, 06:37:23 PM »

It's an RFC 6960 OCSP certificate revocation check... and it's the developer certificate whose hash is checked, not an individual application cert.

And this only applies to apps that have a developer certificate. macOS doesn't require these certificates be present, but will warn for apps that don't have one.  For unsigned apps, there's no certificate, and therefore no OCSP call.

Our machines are (or should be) sending OCSP requests very frequently, even non-Apple devices, since this is also how browsers check that HTTPS certs haven't been revoked.

OCSP as a protocol does have some privacy concerns, but they would apply to all applications of OCSP, including our browsers.
« Last Edit: November 15, 2020, 06:40:48 PM by displaced »
Logged
Vodafone Landline+FTTC: Huawei DSLAM, HG612 modem, pfSense router, Ubiquiti access points. GigE home LAN with Netgear ProSafe switches. Mac, FreeBSD and Win10.

stevebrass

  • Reg Member
  • ***
  • Posts: 170
Re: Apple Snooping on users and sending the result unencrypted
« Reply #3 on: November 18, 2020, 10:04:46 PM »

Logged
Netgear Orbi; Virgin Super Hub 3 in modem mode.

gt94sss2

  • Kitizen
  • ****
  • Posts: 1025
Logged

parkdale

  • Reg Member
  • ***
  • Posts: 410
Re: Apple Snooping on users and sending the result unencrypted
« Reply #5 on: November 19, 2020, 04:20:08 PM »

Logged

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5257
Re: Apple Snooping on users and sending the result unencrypted
« Reply #6 on: November 19, 2020, 05:01:49 PM »

For the rest of us using Android mob's https://www.theregister.com/2020/11/14/google_android_data_allowance/

I've always wished somebody would start a suit like that.  Not just for Google, but for any App or OS that uses my bandwidth without my express permission, even just if checking for updates/downdates.

I don't think I agree with The Register that "Data sent over Wi-Fi is not at issue".  Just because it's not metered doesn't mean that stealing it isn't theft.

Can't help wondering though... might permission be buried somewhere in the small print of the hundreds of pages of T&Cs that most of us just tick without absorbing? :-\
Logged
 

anything