2
0

Apple's latest OS blocks your ability to block their spying on whatever they want


 invite response                
2020 Nov 13, 12:22pm   976 views  20 comments

by Patrick   ➕follow (55)   💰tip   ignore  

https://sneak.berlin/20201112/your-computer-isnt-yours/

On modern versions of macOS, you simply can’t power on your computer, launch a text editor or eBook reader, and write or read, without a log of your activity being transmitted and stored.

It turns out that in the current version of the macOS, the OS sends to Apple a hash (unique identifier) of each and every program you run, when you run it. Lots of people didn’t realize this, because it’s silent and invisible and it fails instantly and gracefully when you’re offline, but today the server got really slow and it didn’t hit the fail-fast code path, and everyone’s apps failed to open if they were connected to the internet.

Because it does this using the internet, the server sees your IP, of course, and knows what time the request came in. An IP address allows for coarse, city-level and ISP-level geolocation, and allows for a table that has the following headings:

Date, Time, Computer, ISP, City, State, Application Hash

Apple (or anyone else) can, of course, calculate these hashes for common programs: everything in the App Store, the Creative Cloud, Tor Browser, cracking or reverse engineering tools, whatever.

This means that Apple knows when you’re at home. When you’re at work. What apps you open there, and how often. They know when you open Premiere over at a friend’s house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city.

“Who cares?” I hear you asking.

Well, it’s not just Apple. This information doesn’t stay with them:

These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables.

These requests go to a third-party CDN run by another company, Akamai.

Since October of 2012, Apple is a partner in the US military intelligence community’s PRISM spying program, which grants the US federal police and military unfettered access to this data without a warrant, any time they ask for it. In the first half of 2019 they did this over 18,000 times, and another 17,500+ times in the second half of 2019.

This data amounts to a tremendous trove of data about your life and habits, and allows someone possessing all of it to identify your movement and activity patterns. For some people, this can even pose a physical danger to them.

Now, it’s been possible up until today to block this sort of stuff on your Mac using a program called Little Snitch (really, the only thing keeping me using macOS at this point). In the default configuration, it blanket allows all of this computer-to-Apple communication, but you can disable those default rules and go on to approve or deny each of these connections, and your computer will continue to work fine without snitching on you to Apple.

The version of macOS that was released today, 11.0, also known as Big Sur, has new APIs that prevent Little Snitch from working the same way. The new APIs don’t permit Little Snitch to inspect or block any OS level processes. Additionally, the new rules in macOS 11 even hobble VPNs so that Apple apps will simply bypass them.

Comments 1 - 20 of 20        Search these comments

1   WookieMan   2020 Nov 13, 12:49pm  

Not trying to be a jerk, but do you think ANY tech company isn't fucking with you? Apple is more discreet about it, but I'm of the mind anything that needs electric current is compromised. I just now fuck with their algorithms. It has worked. I love the ads I get. You'd think I was a 21 year old chick based on the ads I get in my browser.

Also, anything thing with a microphone should be turned off and unplugged if not using it. If it has a camera, cover it with a post it note. But audio is frankly more dangerous than anything unless you're a criminal. Audio is so easy to convert to data. Video with facial recognition is getting there, and quickly. But most people don't realize they have an open mic on in their home whether it's their phone, computer or even other devices like tvs.

When you say something in your own home and start getting ads for it, you realize how fucked up it is. So I try to keep any potential tech products off and unplugged as much as I can. I'm not perfect. Your best bet is to fuck with them though. Search for saddles for a horse. Search for dildos. Then search for ways to make an igloo. Search for how to kill a whale with your bare hands. If you do things that fuck up their advertising and data tracking, it becomes worthless to them if enough people do it. Most people don't know this though. So it's worth it for them to try and track and sell your data.
2   Tenpoundbass   2020 Nov 13, 12:52pm  

And Mint OS for the win!
3   Patrick   2020 Nov 13, 12:52pm  

WookieMan says
Not trying to be a jerk, but do you think ANY tech company isn't fucking with you?


At least with Linux it's not the OS fucking with you. And you can prove it.

And you can probably detect hardware fuckery too, if you know what you're doing. But only on Linux (or BSD).
4   Patrick   2020 Nov 13, 12:52pm  

Tenpoundbass says
And Mint OS for the win!


Yes, that.
5   Tenpoundbass   2020 Nov 13, 12:53pm  

100% of all development I do today is either through LogMeIn or Connect Wise to a workstation that has MS dev tools. I no longer need Windows on my Computer and that's my next fix.
6   WookieMan   2020 Nov 13, 1:04pm  

Patrick says
And you can prove it.

Can't prove anything until it's too late is all I'll say. Hence my take if it's plugged in and running, it's trying to get something from you. Especially internet connected devices. I don't claim to know the inner workings of most devices myself, but I'm skeptical of everything at this point.

When I get ads for something I've never searched, but only verbally talked about in my home (multiple times) I start to question everything.
7   WookieMan   2020 Nov 13, 1:08pm  

TrumpingTits says
My personal laptop is using OpenVPN. It definitely fools Twitter into believing I am logging in from Toronto.

I use a VPN much of the time but I get lazy. Some sites I need to use have blocked my VPN providers IP addresses. So I turn it off to access those sites and forget to turn it back on. Starting to be convinced it doesn't much matter at this point and just fucking around with the data they get from me, to throw them on a non-existent path.
8   richwicks   2020 Nov 13, 1:26pm  

WookieMan says
Not trying to be a jerk, but do you think ANY tech company isn't fucking with you?


Run Linux or get fucked. You can literally be running it in about 1 hour by installing it on a flash drive.

Tenpoundbass says
And Mint OS for the win!


I would put my weight behind KDE at this point. It's pretty, more than fast enough even on older computers, well integrated. It's quite similar to my old Beryl/Compiz setup - but of course GNOME dropped support for 2.0 and went to that godawful 3.0 - and killed 1/2 their APIs which I was ONCE proficient in.

Mint/Mate will eventually get left behind or even fragment more. KDE is a nice replacement in my estimation. I used to hate the desktop as it was a lookalike clone of CDE (1993) which was bloated and slow - and so was KDE. I will never go back to GNOME unless KDE screws me at least as badly as GNOME did.
9   Booger   2020 Nov 13, 1:47pm  

WookieMan says
When you say something in your own home and start getting ads for it,


I'd like to see some testing done in this. I mean, I haven't been getting ads for M134's yet ..
10   Booger   2020 Nov 13, 1:48pm  

Patrick says
Now, it’s been possible up until today to block this sort of stuff on your Mac using a program called Little Snitch


Wait for Little Snitch 2...
11   clambo   2020 Nov 13, 2:36pm  

Fuck that shit, I'm going use my old Mac until it's too out of date; then I'll get a Dell with Linux installed on it.
12   FortWayneAsNancyPelosiHaircut   2020 Nov 13, 2:55pm  

WookieMan says
Not trying to be a jerk, but do you think ANY tech company isn't fucking with you? Apple is more discreet about it, but I'm of the mind anything that needs electric current is compromised. I just now fuck with their algorithms. It has worked. I love the ads I get. You'd think I was a 21 year old chick based on the ads I get in my browser.


what's the trick man? Go to google and search for childish things or something? How do you get them to not know who you are?
13   FortWayneAsNancyPelosiHaircut   2020 Nov 13, 2:59pm  

can't you just kill it on the router as a temporary option? aka block certain website requests. I've never done it, but heard its an option.
14   WookieMan   2020 Nov 13, 3:59pm  

FortWayneAsNancyPelosiHaircut says
WookieMan says
Not trying to be a jerk, but do you think ANY tech company isn't fucking with you? Apple is more discreet about it, but I'm of the mind anything that needs electric current is compromised. I just now fuck with their algorithms. It has worked. I love the ads I get. You'd think I was a 21 year old chick based on the ads I get in my browser.


what's the trick man? Go to google and search for childish things or something? How do you get them to not know who you are?

You guys aren't getting what I'm saying. They're gonna know who you are regardless. That's a done deal the second a fiber, cable or phone line hits your house. Even if you put it in an LLC or whatever trick you think games the system.

My goal is to make it so they don't want my data because it's useless. They don't know who I am as it changes from day to day. Or what I want. I cycle through using Chrome, Safari, Firefox, etc. I purposely search random shit that makes no sense. Make a game of it with friends. Something like this.

If enough people fucked around like this, no one would spend money on the data. It's all about sales. If you're trying to hide from the government on the internet you're an idiot. Not gonna happen. My method is proven to piss IT and marketing people off. I know people in high places in multiple big companies like JP Morgan, Toyota, etc. They hate getting bad data to market to. They know your name and address 99% of the time regardless of how well you think you're hiding.
15   FortWayneAsNancyPelosiHaircut   2020 Nov 13, 4:04pm  

WookieMan says
FortWayneAsNancyPelosiHaircut says
WookieMan says
Not trying to be a jerk, but do you think ANY tech company isn't fucking with you? Apple is more discreet about it, but I'm of the mind anything that needs electric current is compromised. I just now fuck with their algorithms. It has worked. I love the ads I get. You'd think I was a 21 year old chick based on the ads I get in my browser.


what's the trick man? Go to google and search for childish things or something? How do you get them to not know who you are?

You guys aren't getting what I'm saying. They're gonna know who you are regardless. That's a done deal the second a fiber, cable or phone line hits your house. Even if you put it in an LLC or whatever trick you think games the system.

My goal is to make it so they don't want my data beca...


I like it, good way to fuck with them.
17   Automan Empire   2020 Nov 14, 11:08am  

I've NEVER owned a cell phone for this reason. People are just absolutely blown away, like how can I even LIVE!?! My response is, how can you accept the well known costs to your freedom and autonomy? (Everyone: Scroll, scroll, scroll, uh WHAT? Scroll, scroll, scroll...)
18   Patrick   2020 Nov 22, 10:57am  

By: Linus Torvalds (torvalds.delete@this.linux -foundation.org), November 14, 2020 1:12 pmRoom: Moderated Discussions
Paul (pavel.delete@this.noa -labs.com) on November 14, 2020 3:08 am wrote:
>
> What do you think of the new Apple laptop?

I'd absolutely love to have one, if it just ran Linux.. I have fairly fond memories of the 11" Macbook Air (I think 4,1) that I used about a decade ago (but moved away from because it took Apple too long to fix the screen - and by the time they did, I'd moved on to better laptops, and Apple had moved on to make Linux less convenient).

Apple may run Linux in their cloud, but their laptops don't ;(

I've been waiting for an ARM laptop that can run Linux for a long time. The new Air would be almost perfect, except for the OS. And I don't have the time to tinker with it, or the inclination to fight companies that don't want to help.

Linus
19   theoakman   2020 Nov 22, 12:37pm  

When I was in college, there was a stupid pyramid scam called All Advantage. They installed an ad browser and paid you 50 cents an hour to surf the net, you get $12.50 a month max, unless you referred people. Well, they wrote it into their software to ensure you weren't just leaving your computer on. So we wrote a program that just visited 10 websites every 30 seconds. It was free money until they signed up half the country and owed $100 million dollars the next month. They had to declare bankruptcy.

Anyway, at what point do we start writing bots to continuously search any number of thousands of topics which would essentially spam the crap out of google and give them all kinds of nonsense that they can't make sense of?
20   Patrick   2020 Nov 22, 1:01pm  

There is kind of a thing like that for ads:

https://adnauseam.io/

As online advertising becomes ever more ubiquitous and unsanctioned, AdNauseam works to complete the cycle by automating ad clicks universally and blindly on behalf of its users. Built atop uBlock Origin, AdNauseam quietly clicks on every blocked ad, registering a visit on ad networks' databases. As the collected data gathered shows an omnivorous click-stream, user tracking, targeting and surveillance become futile. Read more about AdNauseam in this paper.

Please register to comment:

api   best comments   contact   latest images   memes   one year ago   random   suggestions