(sneak.berlin)
It turns out that in the current version of the macOS, the OS sends to Apple a hash (unique identifier) of each and every program you run, when you run it. Lots of people didn’t realize this, because it’s silent and invisible and it fails instantly and gracefully when you’re offline, but today the server got really slow and it didn’t hit the fail-fast code path, and everyone’s apps failed to open if they were connected to the internet.
This means that Apple knows when you’re at home. When you’re at work. What apps you open there, and how often. They know when you open Premiere over at a friend’s house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city.
patrickwardle lets us know that trustd, the daemon responsible for these requests, is in the new ContentFilterExclusionList in macOS 11, which means it can’t be blocked by any user-controlled firewall or VPN. In his screenshot, it also shows that CommCenter (used for making phone calls from your Mac) and Maps will also leak past your firewall/VPN, potentially compromising your voice traffic and future/planned location information.
Yikes!!! Have you read this, @matigo @peemee @axodys @phoneboy @streakmachine be interesting to hear your thoughts on this. Makes me lucky that I still have Sierra installed on the Mac that I don't use regularly. This is what Richard Stallman and Cory Doctorow warned us about so many years (and decades in Stallman's part) ago and now it's Apple's turn.
Yesterday's OCSP service-related issues highlighted the fact that macOS sends a hash of every app that users run along with the users' IP, unencrypted, to Apple