Security researcher Jeffrey Paul offers the following:

With the newest macOS you simply can't power on your computer, use a text editor or eBook reader, or write something without a log of your activity being transmitted and stored for future use. macOS sends to Apple a unique identifier for every program you run, when you run it. Most don't realize this because it does this silently and invisibly. However some days Apple's data server slows way down and everyone using macOS has apps that fail to open when connected to the internet.

When Mac users are on the internet Apple's server sees their IP and knows when the request came in. An IP address enables city-level and ISP level geo-location to take place, providing a report with 'Date, Time, Computer, ISP, City, State, and Application in use'. Apple can and does use this information for everything including the App Store, the Creative Cloud, Tor Browser, and cracking or reverse engineering tools. Whatever a user may be doing on their Mac is logged.

Apple knows when you're home, when you're at work, what apps you open, and how often. They know when you open an app at a friend's house using their Wi-Fi, and they know when you use Tor Browser during a hotel stay in another city.

So, you ask, "Who cares what Apple does?"

The problem is, it's not just Apple that sees this information. These 'OCSP requests' are transmitted 'unencrypted' from your computer to Apple. Everyone who 'sees' the network you're on can see this information, including your ISP and anyone tapped into their system. These unencrypted requests end up at a company called Akamai. Where they go and what's done with them from there should worry anyone.

In October, 2012 Apple partnered with the US military intelligence community's PRISM spying program, granting US federal police and military unfettered access to this data 'without a warrant', whenever they ask for it. In the first half of 2019 Apple provided such information more than 18,000 times, and another 17,500+ times in the second half of 2019. If you're using a Mac thinking you can't do better than that, ..think again.

This behind the scenes data collection amounts to a wealth of information about Mac user's lives and habits, allowing anyone with access to it to identify your movement and activity patterns right down to time, date, applications used and what you did with them. This puts some Mac users in actual physical danger.

Up to now it's been possible to block this unsecured snooping on your Mac using a program called 'Little Snitch'. It allows computer-to-Apple communication to continue, but gives you the ability to disable macOS's default rules and approve or deny each of these tattle-tale connections. With 'Little Snitch' your computer worked fine without snitching on you to Apple - up to now it did anyway.

The latest version of macOS, v11.0, 'Big Sur' comes with new APIs that prevent 'Little Snitch' from working the way it used to. Apple's 'Big Sur' no longer permits 'Little Snitch' to inspect or block OS level processes. These new APIs even disable the VPNs Mac users often rely on, making Mac apps bypass them and use their leaky ISPs instead.

I know, right? ..Hopefully someone comes up with a new security program that allows Mac users to bypass 'Big Sur's new API rules and once again cut Apple off at the pass. Personally I won't be holding my breath waiting for that to happen. As a Linux Mint user I don't have to worry about such things. But for macOS users who've 'upgraded' or are considering an upgrade to 'Big Sur', best of luck to you, you'll need it..


The voyage of discovery that truly matters is not in seeking new lands but in seeing with new eyes.