Apple’s macOS Big Sur gave many users a good scare. Shortly after the new OS was made available for download, some users experienced slowdowns while launching apps. Then, security researcher Jeffrey Paul wrote a blog post about the issue, pointing out that there’s a potentially big privacy problem that’s causing the slowdowns.
According to Paul, new versions of macOS send a unique identifier of every program a user runs to Apple. Issues with Apple’s server receiving the data caused the slowdowns, but, as Paul explained, the way in which the company sends this data is problematic, as it could mean that Apple gathers (and can potentially share this info with third parties, such as law enforcement agencies) a ton of info on what you do on your computer.
Shortly after that, Apple responded with an updated support document called “Safely open apps on your Mac,” first noticed by iPhone in Canada. In it, Apple explains that this technology, called Gatekeeper, is used to make sure that the software you run doesn’t contain malware. The technology does not infringe on user privacy, the company claims.
“Gatekeeper performs online checks to verify if an app contains known malware and whether the developer’s signing certificate is revoked. We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices. Notarization checks if the app contains known malware using an encrypted connection that is resilient to server failures,” the document states.
This may be so, but it’s obvious that Paul raised some good points in his blog post, such as the fact that users cannot opt-out of Gatekeeper, as well as IP addresses being logged.
Apple addressed both concerns. In the document, the company said it has “stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs.”
The company also said it will introduce some changes to how Gatekeeper works “over the next year.” The changes include a new encrypted protocol for Developer ID certificate revocation checks, strong protections against server failure, and an option for users to opt-out of these security protections.
It’s good that Apple has responded to these issues quickly. It is worrying, however, that the company has logged IP addresses associated with these checks in the first place, and that it never adequately communicated the implications of Gatekeeper technology to its users.