Privacy and security are not the same thing, although they’re related. Privacy is about your data staying yours, and not being shared or transmitted without your knowledge. Security is about your computer or device not getting compromised, infected, or hacked.
Sometimes the two are at odds.
“Macs, by default, send a tremendous amount of data to Apple,” security researcher and self-described hacker Jeffrey Paul told me recently on the TechFirst podcast, focusing on a Mac technology called Gatekeeper. “Gatekeeper … uses a system called OCSP which checks on each app launch, whether or not the app that you’re launching is malware or is known to be malware to Apple. And it does that using the network … but these checks were being transmitted unencrypted.”
To break it down: Apple created a system called Gatekeeper, which is designed to ensure that only safe software runs on your Mac. It does that by phoning home to Apple fairly regularly with data on the developer of the apps that you are using. The goal: checking whether they are approved, known good developers who have not released spam or malware.
Unfortunately, the makers of Gatekeeper used internet-standard protocols when implementing this security feature, and at the time, that meant sending data unencrypted. Since most developers on the Mac have only a single app, Paul says, that’s as good as sending up a flare with with data on what apps you’re using. Not only was the data sent unencrypted, Gatekeeper intentionally bypasses VPNs, or virtual private networks, which means you can’t hide your activity even if you work fairly hard to.
That’s privacy — or lack thereof.
It’s hard to say how many users it affects, but it’s likely over 100 million. Apple CEO Tim Cook announced that there were more than 100 million active Macs worldwide in late 2018. Apple shipped almost 18 million Macs in 2019, and probably more than that in 2020, as laptop sales have jumped due to a rise in working from home offices. All Mac owners running Mac OS X Catalina (released in 2019) or later are using Gatekeeper, whether they…