A problem launching applications on Mac has led many users to question the sacrosanct doctrine of privacy advocated by Apple. As it stands, the brand could keep an eye on the applications launched and used on the Mac. The firm denies it.
Does Apple indirectly keep an eye on the applications you launch on your computer? This is the question to which the brand wishes to give a clear and definitive answer, following the questions of many users faced, last week, with a problem launching applications on the Mac. As reported The Verge, this bug came from a security protocol implemented by Apple to verify that applications launched on Mac come from reliable sources.
This protocol, nicknamed “GateKeeper” by Apple, ” performs online checks to see if an application contains known malware and if the developer signing certificate is revoked», Explains the Cupertino giant on a page of its official website. However, the said system is based on the OCSP (online certificate status protocol): a security feature discussed.
Apple too curious? No, answers the brand
In one post titled “Your computer is not yours”, security researcher Jeffrey Paul believes that this OCSP feature allows Apple to collect a summary of each program launched on Mac by its owner, as well as its IP address … and all over an unencrypted connection. For the researcher, the result is simple: if you are using a recent version of macOS, “an activity log is transmitted and storedBy Apple. A follow-up that should not be underestimated according to Jeffrey Paul, because if the information collected is used to identify a developer and not an application, few developers work on more than one application at a time.
Apple, for its part, wants to be clear: “We have never combined the data from these checks with information about Apple users or their devices.», Explains the brand with apple. “We do not use the data from these checks to find out what individual users are launching or performing on their devices. ».
Apple will improve its security protocols
As notedThe Verge, the complaint of many users on this possible collection of information seems in any case to have pushed Apple to move its lines. The group explains that it intends, over the coming year, to improve these security protocols.
Apple explains in particular that it will deploy a new encrypted protocol dedicated to checks on developer identification certificates, but also that it intends to add “stronger protections against server failures“. It was these failures that had prevented some users’ apps from launching properly last week.
More importantly, Apple finally promises that macOS users will soon be able to choose to disable these security protections … What reassure the most worried.