Feed
 

M1 chips caution

Avatar Eric Jervis
This is from the newsletter from the Mac Doctor, [undisclosed email] and seems rather worrying....

The new machines talk to Apple ALL the time - telling Apple where you are; what program you have just opened; how long you used it; what web browser you are using to visit where; and lots more technical information. (In fact, current Intel-based Apple computers talk to Apple ALL the time but it can be switched off.) On the new M1 chips - no. You will be feeding data - even more data – to Apple all the time (unless you switch off your connection to the internet). This adds to the control Apple have over your computer - the T2 chip already makes recent machines unrepairable by tying the computer to your Apple ID (and finger prints if you use them).

Re: M1 chips caution

Avatar Mick Burrell
With all the fuss Apple make about our privacy, I find that hard to believe. has anyone seen anything like this from another source?

Re: M1 chips caution

Avatar Eleanor Spenceley
I think the M1 angle is dubious and it's more about Big Sur specifically.
Here's a typical article I know about.

M1 Security Features

Re: M1 chips caution

Avatar Lionel Ogden
If you use any mobile phone it regularly checks where you are and for how long in order to maintain a connection. However not many people, other than career criminals, carry their phone around switched off to prevent the phone from being traced.

Re: M1 chips caution

Avatar Eric Jervis
Some naughty people might if they dare to visit their relatives on Christmas Day in defiance of an evil government....

Re: M1 chips caution

Avatar Tony Still
The item that Eleanor referenced concerns the Online Certificate Status Protocol (OCSP). This has existed in macOS for several years and performs a defensive security function. If it is the origin of these stories then it has been entirely misunderstood.

macOS apps are increasingly digitally-signed by their developer. This allows macOS, when opening the app, to check that it has not been modified en route but is the same app that left the developer (typically, modification would be the addition of malware).

However, if the original developer is a bad actor, they could insert malware before signing so the macOS check would only confirm that the malware is intact. Apple protects against this if a developer is found to be spreading malware by revoking (cancelling) their certificate (the thing that lets them digitally sign). The OCSP bit is your Mac periodically getting an update from Apple about revoked certificates: it gets a list of bad certificates so it can warn you if you try to open an app from such a developer.

This is a Good Thing.

As I have often said, you can't avoid trusting someone, you can only choose who to trust. I choose Apple, which does not have a track record of misusing data unlike some others who do.
 
Feed