Apple found itself at the center of a scandal late last year when independent developers figured out that several dozen Apple apps could bypass firewalls and VPNs in macOS Big Sur. These Apple Apps bypass network extensions and VPN applications: maps, for example, can directly access the Internet, bypassing any running filters and proxies. The company has not officially commented on this issue, although many began to fear that such an exception could negatively affect the security of the Mac. Of course, if Apple sets rules for apps, why doesn’t it want to follow them on its own?
Vulnerability in macOS Big Sur
How did this problem come to light? After some macOS applications stopped working due to a crash on Apple servers on the day Big Sur was launched, the developers tried to block the computer from communicating with these servers. But they found that Apple gave its official apps the right to have full network access even with a firewall configured.
It turned out that macOS Big Sur added an internal file called ContentFilterExclusionList, which is a list of several Apple applications and services that can bypass any firewall and VPN installed on the Mac. These apps include the App Store, FaceTime, a software update service, and even the Music app.
What’s new in macOS Big Sur 11.2
As this could lead to potential security and privacy issues, Apple removed this list of exceptions from macOS Big Sur 11.2. In the new beta, which was released yesterday, there is no longer a list of “special” applications, now they all obey the firewall and VPN.
However, since macOS Big Sur 11.2 is currently only available as a beta version, we do not yet know when this change will affect all users.
It’s unclear why Apple even made a list of select apps that can bypass firewalls and VPNs. Perhaps this is due to the innovations in macOS Big Sur, where the structure of writing kernel extensions has been changed. This, in particular, led to problems with VPN and firewall, and Apple did not seem to want these failures to affect the performance of its applications. Why do you think Apple did this? Share your opinion in the comments or in our chat в Telegram.
Apple often talks about the value of privacy and how much the company is doing to protect its users from being snooped by advertisers and others. However, the inability to see and block all outgoing traffic from the computer should in no way be interpreted as improving security or protecting privacy. Apparently, the company also realized the scale of this problem and therefore decided to remove the privileges for its own applications.
But it’s worth remembering that while macOS Big Sur 11.2 isn’t out for everyone, but is in beta status, millions of Macs around the world still pass Apple apps through firewalls and VPNs. There are ways to “do justice” yourself – using an external firewall or VPN client on the router, but this requires the appropriate skills. It’s probably easier to wait for Apple to roll out the new version of macOS Big Sur to everyone.
*The article has been translated based on the content of AppleInsider.ru — крупнейший сайт о iPhone, iPad, Mac в России by appleinsider.ru. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!