Blog piece submitted by The New Oil
This week, Apple released their latest and greatest operating system for their laptop and desktop devices: MacOS 11.0, named “Big Sur.” Generally speaking, I encourage updates as soon as they become available, although sometimes when a major update like this is released, it can be prudent to wait until the next patch to iron out some of the bigger bugs. This seems like one of those times.
The first thing that struck everyone within days of Big Sur’s release was that it dramatically slowed down every device. If you actually clicked all four of those links (don't worry, I don't blame you if you didn't), you may have noticed something additionally worrisome. One new, controversial change in Big Sur seems to be that every app you open attempts to call “ocsp.apple.com” via a service called “trustd.” The reasoning is simple: Apple is checking every program you open for malware. And if that makes your skin crawl, it should.
As I explained in my last article about WhatsApp, metadata is a powerful thing that should not be underestimated. At a bare minimum, this new “feature” has the ability to know when I open every app on my device, and that’s a lot more information than it seems. For example, on any given day, I open my word processor and Firefox about a dozen times each. You can safely assume that I have a hard time getting focused on work.
What makes this feature even more upsetting is the apparent inability to stop it. In the last link I shared, the author mentioned how popular Mac firewalls like Little Snitch and Lulu were unable to stop the transmission of this data for some apps, primarily Apple’s apps. The data was being transmitted outside the firewall and the VPN tunnel. This is extremely troublesome, especially for people who have a vested interest in hiding their true IP address from Apple and have gone to great lengths to do so.
Before you freak out and panic, let’s take a breather. Hope is on the horizon. First off, this move is being met with widespread criticism and controversy, and nothing motivates a company more than bad PR (except maybe profits). Contrary to the old saying, any press is not always good press. There is a possibility that in the next few days or weeks, we will see Apple promise to roll this “feature” back in the next patch, especially given their recent efforts to position themselves as the "privacy friendly" Big Tech company.
Furthermore, Sun Knudsen has already found and offered a solution that you can implement directly on the MacOS config files to block this from happening, as did Jeff Johnson (the person who apparently originally shared this story on Twitter). And if I may go full devil’s advocate, Techlore is pointing out that some of these claims (for example, there’s one that some of this extra-firewall/VPN traffic isn’t even encrypted) haven’t been verified by either Apple or any external security experts. Don’t throw your Macbook in the microwave just yet.
Or maybe, do actually! I think the real takeaway from this story should be twofold: first off, we always have to be on our guard. Between Apple, Google, and Microsoft, I would personally consider Apple to be more privacy-respecting, but we know for a fact that even “more privacy respecting” doesn’t count for much. Just this year, Apple was caught using human contractors to listen to Siri recordings, despite promising last year that they would stop the practice. Companies lie, companies make changes, and things that were once private (or relatively private) are no longer so. Not to sound overly paranoid, but you always have to be vigilant. As they say in the TV show Person of Interest, “only the paranoid survive.”
The second takeaway should be to consider alternatives. Sadly, some of us are locked into a Mac ecosystem. I work in churches frequently for my day job, and churches are stuck in the Apple ecosystem for one reason alone: Pro Presenter. Pro Presenter is the defacto software for worship, sermons, and basically anything visual. It’s powerful, it’s well supported, and it just plain works. If you do or want to run a church of any sustainable size, you NEED Pro Presenter.
But unless you’re in one of those highly-specific positions, this may be a good time for you to start searching for a company that more closely aligns with your own ethics. I’m talking, of course, about Linux. Linux is open source and it’s maintained by a community of people who value transparency, customization, and self-sovereignty. Linux is all about putting the user back in charge: in charge of the data, in charge of the functionality, and in charge of the security. Linux doesn’t treat it’s users as a product to be extorted and sold.
This isn’t the first time a company has come under fire for shady practices, unintentional and well-meaning or otherwise, and I promise it won’t be the last. But for you, dear reader, it could be. This could be your wakeup call to take your digital life back into your own hands. I encourage you to seriously consider that, if you can. If you’re a Mac user, a good Linux distribution to look into is Elementary.
Article received from and published on behalf of regular decentralize.today blog contributor, The New Oil