Contribute
Register

Well, this is scary "Your Computer Isn't Yours"

Going Bald

Moderator
Joined
Aug 14, 2010
Messages
23,234
Motherboard
GA-X58A-UD7-F7
CPU
W3670
Graphics
RX 580
Mac
  1. iMac
  2. MacBook Pro
  3. Mac mini
Classic Mac
  1. iMac
Mobile Phone
  1. Android
If you don't want them to see your stuff, don't use iCloud.
Do not use cloud storage at all - get a NAS and keep your storage disconnected from the internet. Anything in the cloud is subject to government scrutiny if they suspect a reason to look at it.

Personally, they can look at anything I have if they want to and I could not care less.
 
Joined
Jul 13, 2016
Messages
2,746
Motherboard
Gigabyte Z370 Gaming 5
CPU
I9 9900k
Graphics
Vega 64
Mac
  1. Mac mini
  2. Mac Pro
Mobile Phone
  1. iOS
Do not use cloud storage at all - get a NAS and keep your storage disconnected from the internet. Anything in the cloud is subject to government scrutiny if they suspect a reason to look at it.

Personally, they can look at anything I have if they want to and I could not care less.

This is totally my sediment! If it is on the internet it is fair game, if you want to keep it safe keep it off the internet. The internet is not safe it is like the dark alley in the bad neighborhood.
 
Joined
Feb 27, 2012
Messages
35
Motherboard
GA Z390 M gaming
CPU
i5 9400-f
Graphics
RX 560
Mac
  1. iMac
Mobile Phone
  1. iOS
Edit: Apple has posted an official response to the claims that they are spying on their customers.

See post #47 of this thread for more on this. Take home point is that the Gatekeeper certificate checks on your apps will now not be any risk to your privacy while connected to the internet.


Original Post:
No need to be scared about Apple's data collection that happens without your consent. Before doing anything you should read about the trustd process and what it does on your Mac. Here's the link:

Then read this article: https://blog.jacopo.io/en/post/apple-ocsp/

If you decide you want to block this certificate checking for personal security and privacy reasons....

There's a patch you can use to stop this activity in macOS Mojave through Big Sur.
Open up Terminal and copy and paste the following:

echo "127.0.0.1 ocsp.apple.com isrg.trustid.ocsp.identrust.com" | sudo tee -a /etc/hosts
View attachment 496197
It's probably wise to revert to the default setting before installing a new piece of software and after updating any software. In the rare case that a developer id is stolen or compromised and used to create malware, you would be exposed. OCSP stands for Online Certificate Status Protocol. It's the way Apple checks if the app was notarized by them. On the postive side, they gather the info to determine how many macOS users have malicious software running on their Macs.

To undo, run this terminal command:

sudo sed -i "" "/ocsp\.apple\.com/d" /etc/hosts

Of course you can always use the Malwarebytes for Mac program to check apps before you install them. Bitdefender from the MAS is another free option you can use to scan any software first.

To better understand what the echo command does see: https://www.tonymacx86.com/threads/...omputer-isnt-yours.306141/page-4#post-2195375

For those still running High Sierra or older macOS versions you don't need to use the patch to stop this. It only started after macOS Mojave was released. Jeff Johnson had this to say back in December of 2018:


I think it's very semplicistic to focus on certificate checking.
Jeffrey Paul's "Your computer Isn't Yours" reports several other violations of costumer's privacy, which are indeed of bigger concern.
- Os sends out constantly: Date, Time, Computer, ISP, City, State, Application Hash
- that set of information is shared with another company, Akamai.
-CommCenter and Maps data are also collected by Apple servers
- iMessage’s cryptography is backdoored
The issue was first reported back in October in the macOS Big Sur beta by Twitter user @mxswd, and others followed his path and raise awareness of what was going on.
Now my question is: if nobody noticed, would Apple have offered to delete IP logs, encrypting the communication between OS and servers, and, as you reported, giving users an option of disabling these online checks that leak what apps they’re opening? Realistically I don't really think so.
We are speaking of a company that artificially altered its own older products performances for years to induce its clients to buy new ones. And the reason why it stopped was because it became of public domain and a matter of lawsuit.
just the last fact is simply unbelievable and unacceptable.
 
Last edited:
Joined
Feb 27, 2012
Messages
35
Motherboard
GA Z390 M gaming
CPU
i5 9400-f
Graphics
RX 560
Mac
  1. iMac
Mobile Phone
  1. iOS
Do not use cloud storage at all - get a NAS and keep your storage disconnected from the internet. Anything in the cloud is subject to government scrutiny if they suspect a reason to look at it.

Personally, they can look at anything I have if they want to and I could not care less.
Same here, but it's not a matter of having something to hide or not. For years we were told that Apple considers our privacy a priority, and that iOS, macOS were almost invulnerable.. If I'll stop using cloud storage, what I saved there it's clear that will not be erased for real. It's a bit like Facebook, what you upload on their servers belongs to them. But at least Facebook policy was clear since the beginning.
I have always been a Apple fan. I have airport express in every room, Apple TV, last year iPad Pro, iPhone 12 pro.
several iPods (including the first one- I keep it in its original packaging) - I can't even remember what else: 3 sets of AirPods.... It's like an apple museum.I have tried over the years to make everybody I knew leave windows/android and buy apple phones or tablets. I found fascinating how easily you could share libraries, connect everything. And some of the people who I shared my enthusiasm with trusted my opinion. Far from being an hater.
I'm very disappointed to be honest.
 
Last edited:

pastrychef

Moderator
Joined
May 29, 2013
Messages
16,731
Motherboard
Gigabyte Z390 M Gaming
CPU
i9-9900K OC'd @ 5.0GHz
Graphics
Vega 56 (Bios flashed to 64)
Mac
  1. MacBook
  2. Mac Pro
Classic Mac
  1. iBook
  2. Power Mac
  3. PowerBook
Mobile Phone
  1. iOS
- Os sends out constantly: Date, Time, Computer, ISP, City, State, Application Hash

What they can do with this info. I don't know how they can improve the malware protection without application hash or the system the app is running on. If the ISP, City, and State thing bothers you, use a VPN.

When you make a phone call or send a text on your cellphone, you don't think the carriers know the time, date, phone, carrier you use, and city, state where you made the call from?


- that set of information is shared with another company, Akamai.

Where did you see this? Data being routed through Akamai is not the same as sharing data with Akamai.


-CommCenter and Maps data are also collected by Apple servers

Screen Shot 2020-12-04 at 8.50.45 AM.png

Source:https://www.idownloadblog.com/2019/03/13/apple-maps-navigation-privacy/

If maps using your location data bothers you, you can disable location services. I don't know if Maps will still actually work but at least they won't know where you are...
5d9f63d9122bd558a63562b5 copy.jpg
IMG_3924AC27657D-1.jpeg


- iMessage’s cryptography is backdoored

This is kind of misleading. I don't think this was done with malicious intent. I think it was for the purpose of simplification. Please see the following article on how the Messages encryption works. If the way Messages works is not secure enough for you, there are alternatives.


Now my question is: if nobody noticed, would Apple have offered to delete IP logs, encrypting the communication between OS and servers, and, as you reported, giving users an option of disabling these online checks that leak what apps they’re opening? Realistically I don't really think so.
We are speaking of a company that artificially altered its own older products performances for years to induce its clients to buy new ones. And the reason why it stopped was because it became of public domain and a matter of lawsuit.
just the last fact is simply unbelievable and unacceptable.

I don't think they would have encrypted the XProtect stuff if no one complained. I also don't think there's anything worth hiding in that data but encrypted is still better than not encrypted.

Whether the iPhone throttling for phones with dying batteries was to induce their customers to buy new phones is debatable. Yes, they should have informed customers of this practice from the get go and made it optional from the start. But none of this sacrificed anyone's privacy.

In all your bullet points, I still haven't seen any real personal info being collect and/or sold.
 
Last edited:
Joined
Feb 27, 2012
Messages
35
Motherboard
GA Z390 M gaming
CPU
i5 9400-f
Graphics
RX 560
Mac
  1. iMac
Mobile Phone
  1. iOS
What they can do with this info. I don't know how they can improve the malware protection without application hash or the system the app is running on. If the ISP, City, and State thing bothers you, use a VPN.

When you make a phone call or send a text on your cellphone, you don't think the carriers know the time, date, phone, carrier you use, and city, state where you made the call from?




Where did you see this? Data being routed through Akamai is not the same as sharing data with Akamai.




View attachment 499782
Source:https://www.idownloadblog.com/2019/03/13/apple-maps-navigation-privacy/

If maps using your location data bothers you, you can disable location services. I don't know if Maps will still actually work but at least they won't know where you are...
View attachment 499785
View attachment 499786




This is kind of misleading. I don't think this was done with malicious intent. I think it was for the purpose of simplification. Please see the following article on how the Messages encryption works. If the way Messages works is not secure enough for you, there are alternatives.




I don't think they would have encrypted the XProtect stuff if no one complained. I also don't think there's anything worth hiding in that data but encrypted is still better than not encrypted.

Whether the iPhone throttling for phones with dying batteries was to induce their customers to buy new phones is debatable. Yes, they should have informed customers of this practice from the get go and made it optional from the start. But none of this sacrificed anyone's privacy.

In all your bullet points, I still haven't seen any real personal info being collect and/or sold.

What I wrote above is a summary and is not just my opinion.
"your computer isn't yours" is a quite detailed report, and the subject is macOs 11.
iOS and IpadOs are not mentioned.
what I really find disappointing is that we are talking about a company who made us believe that our privacy is\was their priority, and that our data were so well protected that if we lose a password there's no way to retrieve them. that's what I heard many times. Even by apple support, (they probably had no idea), but in general that's the reputation they gained. But it was a lie.
You are correct, my mistake: requests go to a third-party CDN run by another company, Akamai. Share is not the same and I've not been accurate.
But since when Apple became a partner in the US military intelligence community's Prism spying program, our unencrypted backup can be viewed entirely by Apple sysadmins and the US military and feds.
now more information are available like what app I am using, and so on. I won't repeat the same story.
I loved Apple. I have been a total apple fan.
I feel betrayed and deceived.
And I don't have anything to hide. my backup is not scandalous. it's just personal. it's my memories and I wish I could have decided myself who I wanted to share them with.
That's all I have to say.
 
Last edited:

pastrychef

Moderator
Joined
May 29, 2013
Messages
16,731
Motherboard
Gigabyte Z390 M Gaming
CPU
i9-9900K OC'd @ 5.0GHz
Graphics
Vega 56 (Bios flashed to 64)
Mac
  1. MacBook
  2. Mac Pro
Classic Mac
  1. iBook
  2. Power Mac
  3. PowerBook
Mobile Phone
  1. iOS
What I wrote above is a summary and is not just my opinion.
"your computer isn't yours" is a quite detailed report, and the subject is macOs 11.
iOS and IpadOs are not mentioned.
what I really find disappointing is that we are talking about a company who made us believe that our privacy is\was their priority, and that our data were so well protected that if we lose a password there's no way to retrieve them. that's what I heard many times. Even by apple support, (they probably had no idea), but in general that's the reputation they gained. But it was a lie.
You are correct, my mistake: requests go to a third-party CDN run by another company, Akamai. Share is not the same and I've not been accurate.
But since when Apple became a partner in the US military intelligence community's Prism spying program, our unencrypted backup can be viewed entirely by Apple sysadmins and the US military and feds.
now more information are available like what app I am using, and so on. I won't repeat the same story.
I loved Apple. I have been a total apple fan.
I feel betrayed and deceived.
And I don't have anything to hide. my backup is not scandalous. it's just personal. it's my memories and I wish I could have decided myself who I wanted to share them with.
That's all I have to say.

If you lose your password, how will Apple get to your data? How did they lie? Do you have a link? This is the same thing that happened with the San Bernardino shooter. Just search "James Comey vs Apple" on Google.

Just because they partner with PRISM, it doesn't mean they are collecting extra information for them. They just provide what they have. Again, exactly what happened with the San Bernardino case. If they have nothing to give, who cares who they are partnering with? They can be partnering with Russia and China but with nothing to give, it means nothing.

Apple is who came up with the "Sign in with Apple" to help protect their customers from real villains like Google and Facebook. No one asked them to do this. They did it because it aligns with their business model. They don't profit from data collection. They sell more devices because their devices are more secure.

I'm not in with the tin foil hat crowd on this one.
 
Joined
Feb 27, 2012
Messages
35
Motherboard
GA Z390 M gaming
CPU
i5 9400-f
Graphics
RX 560
Mac
  1. iMac
Mobile Phone
  1. iOS
If you lose your password, how will Apple get to your data? How did they lie? Do you have a link? This is the same thing that happened with the San Bernardino shooter. Just search "James Comey vs Apple" on Google.
apparently they don't need my password, nor anybody's else. That's what Jeffrey Paul suggests.
His writing has been considered consistent but I don't have the possibility to do a fact-checking.
I know that they don't profit on data collection, I agree about it.
But my privacy is not their priority, nor yours. This is how they lied, in my opinion.
Did you have the chance to read his own words?
 

pastrychef

Moderator
Joined
May 29, 2013
Messages
16,731
Motherboard
Gigabyte Z390 M Gaming
CPU
i9-9900K OC'd @ 5.0GHz
Graphics
Vega 56 (Bios flashed to 64)
Mac
  1. MacBook
  2. Mac Pro
Classic Mac
  1. iBook
  2. Power Mac
  3. PowerBook
Mobile Phone
  1. iOS
apparently they don't need my password, nor anybody's else. That's what Jeffrey Paul suggests.
His writing has been considered consistent but I don't have the possibility to do a fact-checking.
I know that they don't profit on data collection, I agree about it.
But my privacy is not their priority, nor yours. This is how they lied, in my opinion.
Did you have the chance to read his own words?

If they don't need a password, the FBI would not have taken Apple to Congress.

I'd like to see Jeffery Paul crack my iPhone without my password or face.

I read that hit piece linked to post #1 and refuse to click on anything else of his.
 
Last edited:
Joined
Feb 27, 2012
Messages
35
Motherboard
GA Z390 M gaming
CPU
i5 9400-f
Graphics
RX 560
Mac
  1. iMac
Mobile Phone
  1. iOS
fact: Steve Jobs died in October 2011. PRISM Partnership started in October 2012

The October 2012 date is notable as coming a year after the death of Apple founder Steve Jobs. Perhaps, because it is an interesting coincidence, it’s led to speculation that Steve Jobs resisted systematic data collection from the NSA until his death. That statement was echoed on the record by NeXt developer Andrew Stone, who told Cult of Mac, “Steve Jobs would’ve rather died than give into that, even though he had a lot of friends at the NSA. Microsoft caved in first, then everyone else. Steve would’ve just never done it.”
this was published on June 18, 2013... not last year, not 6 months ago.
 
Top