Hello!

Some vocal proponents and shills on the internet and in privacy community are trying to defend and heavily insinuate lies about Apple’s notarisation not being of any consequence, and claiming Linux does it, and is an ordinary acceptable thing.

There is also being thrown around a claim about Apple’s notarisation checks being a documented process. Documentation does NOT make a thing right or wrong, it just establishes the flowchart or algorithm of a process.

Major edit: bypassing firewalls/VPNs was totally intended for MacOS and not a bug or flaw: https://i.imgur.com/M1ZwlDC.png

CDNUUIDs sent with the OCSP server checks are sent in PLAINTEXT on the internet to Apple servers: https://i.imgur.com/Q2IhYqM.png

Apple apps apparently have ads served, needing to be blocked via LittleSnitch, since firewalls are automatically bypassed: https://twitter.com/p9k/status/1324415251308269568

Apple has apparently claimed to fix this spying and plaintext lack of security over the next year (screenshot): https://support.apple.com/en-us/HT202491

That is all, folks! Take care and stay away from such garbage corporations.

@BlackCentipede
4
edit-2
5M

It should be plenty enough reasons not to buy Apple’s product when it’s difficult or impossible to get it fixed by them. Right to Repair ring any bell? No?

List of Cases

Apple refuse to fix my $5000 Macbook Pro

Apple Bar Genius Bar broke my $5000 iMac Pro

Apple refuse to Fix Our iMac Pro

Apple under fire for controversial business practices

Apple users have no one to blame, but themselves

Let’s compare specs and prices

Macbook Pro at $6499.99 + $379 Support for 3 yr (Note: You have to go into their Apple Shop for repair and support!)

Let’s try other providers for same spec

Alienware $5363 vs $6,883.00

Alienware Pro that beat Apple Macbook Pro:

  1. More CPU Cores, bigger cache and higher base-speed (10-Core, 20MB Cache, 3.7GHz to 5.3GHz w/Thermal Velocity Boost)

  2. Higher RAM Bandwidth at 2933 MHZ vs Apple’s 2666 mhz

  3. Better GPU with Nvidia 2080 RTX

  4. 4 Years Premium Support Plus, meaning they will go to your house and fix your laptop after remote diagnosis, you don’t have to go to them. Good luck getting Apple to do that.

  5. Parts are more than likely to be replaceable unlike Macbook Pro

  6. Software Compatibility, you can install Windows or Linux on the laptop (Or both!) so you would be able to access almost any software you need on it.

  7. Lower cost

The Cons:

  1. Less Storage on Laptop, 4 TB vs 8 TB (You can swap in 2x 4 TB NVMe when price drop in all eventuality, so… shrug )

  2. Lower display resolution at 2k, but you get this: 17.3" FHD (1920 x 1080) 360Hz 5ms 300-nits 100% sRGB color + Tobii Eyetracking + NVIDIA G-SYNC

Seriously, shop around, Apple is more of a scam. You get better support from Dell and HP than them.

@TheAnonymouseJoker
creator
25M

You do not need to look at ethical stuff like Right to Repair, or overpriced scamming to know Apple is a scam company. Apple did this notarisation spying even in MacOS 10.15 not just now, but they took it to next level here.

It helps to give people more reasons since we still have to contend with people who doesn’t care about privacy or why posting on TikTok is a bad idea.

@TheAnonymouseJoker
creator
2
edit-2
5M

Good point, I just wanted to show how less effort you need to make to see Apple is pure evil. You start to look at Louis Rossmann’s channel, and he will get across most of the ethical points to anyone easily.

There are Apple shills on the internet and on Reddit already defending Apple, trying to show them in a good light versus Google Android or Microsoft Windows.

ufra
15M

What is CDNUUID? I couldn’t find any good information.

@TheAnonymouseJoker
creator
2
edit-2
5M

From my understanding, it refers to you being the client target for the OCSP and certificate checks for the trusted party’s servers, where the ideally encrypted UUID is sent encrypted over to the trusted party’s servers.

Apple is sending your UUID as plaintext in this case, which many researchers have not mentioned. Something like a private encryption key, in layman terms for the trusted authority.

The horrible disaster that could happen is MITM attack, and someone disguises as Apple (public key) and pushes you a malicious root certificate and does bad things. This will simply result in distrust in the entire certificate signing system.

ufra
25M

Thanks, that gives me a little more to search on. As an ios user on all different kinds of networks it would be good to know what can be sniffed out.

CDN: A content delivery network, or content distribution network (CDN), is a geographically distributed network of proxy servers and their data centers.

UUID: A universally unique identifier (UUID) is a 128-bit number used to identify information in computer systems .

This shouldn’t be sent in plaintext because…

This information doesn’t stay with them:

These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables.

These requests go to a third-party CDN run by another company, Akamai.

Since October of 2012, Apple is a partner in the US military intelligence community’s PRISM spying program, which grants the US federal police and military unfettered access to this data without a warrant, any time they ask for it. In the first half of 2019 they did this over 18,000 times, and another 17,500+ times in the second half of 2019.

sauce

ufra
15M

Thanks, I already know about cdns, uuid and prism. I have never heard of a cdnuuid and had trouble finding how apple was using it. Are you saying they send device identification to akamai?

That is what the source article claims

ufra
15M

the article doesn’t mention a cdnuuid afaik, but:

Date, Time, Computer, ISP, City, State, Application Hash

I don’t like apple and don’t think it is private or anything like that but there seems to be some misunderstanding on what they are doing. The use of ocsp data in general would be good thing to look at as well. Every time you visit an https website for example, this ocsp call is made made to privately owned companies like digicert unless you disable it.

This is why I am curious about any uniquely identifying information like a uuid (cdnuuid?) being sent by apple. That would be quite bad.

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote closed source software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 53 users / day
  • 103 users / week
  • 221 users / month
  • 473 users / 6 months
  • 2496 subscribers
  • 1108 Posts
  • 5052 Comments
  • Modlog