This Apple Screw Up Points to a Bigger Picture

Apple rolled out a new operating system for its Macintosh computers, Big Sur, and it slowed down the operation of every Mac with an online connection, whether or not they were running, or even capable of running the upgrade:

Mac users today began experiencing unexpected issues that included apps taking minutes to launch, stuttering and non-responsiveness throughout macOS, and other problems. The issues seemed to begin close to the time when Apple began rolling out the new version of macOS, Big Sur—but it affected users of other versions of macOS, like Catalina and Mojave.

Other Apple services faced slowdowns, outages, and odd behavior, too, including Apple Pay, Messages, and even Apple TV devices.

It didn’t take long for some Mac users to note that trustd—a macOS process responsible for checking with Apple’s servers to confirm that an app is notarized—was attempting to contact a host named ocsp.apple.com but failing repeatedly. This resulted in systemwide slowdowns as apps attempted to launch, among other things.

The big picture here is not that Apple screwed up.  The big picture here, as Jeffrey Paul notes is that your computer no longer belongs to you.  It is under the direct control of a corporation who may or may not have your best interests at heart:

It’s here. It happened. Did you notice?

I’m speaking, of course, of the world that Richard Stallman predicted in 1997. The one Cory Doctorow also warned us about.

On modern versions of macOS, you simply can’t power on your computer, launch a text editor or eBook reader, and write or read, without a log of your activity being transmitted and stored.

It turns out that in the current version of the macOS, the OS sends to Apple a hash (unique identifier) of each and every program you run, when you run it. Lots of people didn’t realize this, because it’s silent and invisible and it fails instantly and gracefully when you’re offline, but today the server got really slow and it didn’t hit the fail-fast code path, and everyone’s apps failed to open if they were connected to the internet.

………

This means that Apple knows when you’re at home. When you’re at work. What apps you open there, and how often. They know when you open Premiere over at a friend’s house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city.

“Who cares?” I hear you asking.

Well, it’s not just Apple. This information doesn’t stay with them:

  1. These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables.

  2. These requests go to a third-party CDN run by another company, Akamai.

  3. Since October of 2012, Apple is a partner in the US military intelligence community’s PRISM spying program, which grants the US federal police and military unfettered access to this data without a warrant, any time they ask for it. In the first half of 2019 they did this over 18,000 times, and another 17,500+ times in the second half of 2019.

This data amounts to a tremendous trove of data about your life and habits, and allows someone possessing all of it to identify your movement and activity patterns. For some people, this can even pose a physical danger to them.

Big brother is here, and he’s inside of the house.

Leave a Reply