Keep Squawking
Welcome
Today I'm remembering an episode that happened a few years ago. We are still a proud print publishing company, but, like most publishers, we deliver some of our copies in electronic form through content platforms available for personal computers and mobile devices.
Dear Reader,
Today I'm remembering an episode that happened a few years ago. We are still a proud print publishing company, but, like most publishers, we deliver some of our copies in electronic form through content platforms available for personal computers and mobile devices. One of those platforms at the time was Apple Newsstand, a virtual newsstand for iPhone and iPad devices. The user interface for Apple Newsstand looked just like a magazine shelf at a bookstore, with a picture of a bunch of magazine shelves. Then, if you purchased a magazine, an icon with the cover of the magazine appeared on the virtual magazine shelf.
The goal of Apple Newsstand was to be a perfect little replacement of a real neighborhood newsstand – you buy any magazine you want (from Apple), and all the magazines you buy line up along your own personal virtual newsstand. The international company I worked for back then had several magazines, and they submitted applications for their magazines to be on Apple Newsstand. Linux magazines? No problem. System administration magazines? Sure. Raspberry Pi and Drupal magazines? Of course. But when we submitted a request to sell an Android magazine, the application was quickly rejected. It turns out that Apple was banning anything that mentioned Android from their newsstand because Android was competing against the iPhone and (according to them), it was an inferior, copycat technology. In other words, Apple Newsstand was a perfect little replacement for a real neighborhood newsstand, except that it inhabited an imaginary universe in which Apple's enemies did not exist.
Apple could have argued that it was their store and they could sell whatever they wanted, but there is something a little disingenuous about that argument. Apple Newsstand wasn't just a store – it was the way to consume magazines on an Apple system. It was an integral part of an ecosystem that purported to present a virtual version of everyday life. Since then, several other browser-based magazine platforms have appeared, and Apple Newsstand has itself been retired in favor of newer tech, so it is difficult to compare it to the situation today, but at the time, it seemed a lot like the monopolistic practices of Microsoft back in the browser war days, when "control of the desktop" meant control of the complete user experience, only Apple wielded a much more powerful form of control. The episode reflects a common theme in the evolution of the electronic marketplace, in which the user voluntarily surrenders freedom and privacy for the chance to be the one who is seen dabbling with smooth and shiny technology.
Fast forward to this month, and a new chapter in this saga is playing out with Apple's new macOS 11.0 "Big Sur" system. A blog post by security expert Jeffrey Paul [1] outlines some of activities that Big Sur attends to in secret, including the fact that it "…sends to Apple a hash (unique identifier) of each and every program you run, when you run it." Paul adds that "Because it does this using the Internet, the server sees your IP, of course, and knows what time the request came in. An IP address allows for coarse, city-level and ISP-level geolocation, which allows for a table with the following headings: Date, Time, Computer, ISP, City, State, Application Hash…This means that Apple knows when you're at home. When you're at work. What apps you open there, and how often."
Of course, Apple and other vendors have been spying on their users for years, but the thing that is most striking about this, other than the sheer audacity of it, is that there doesn't seem to be any way to actually turn it off. (In the past, there was usually some way to suspend the surveillance if you really took the time and tried hard enough.)
Another weird thing that Paul and other security researchers have discovered is that even a VPN or user-controlled firewall can't stop your Mac from leaking this information to Apple. According to the report, if you intentionally configure your system to route all traffic through a VPN, it will use the CommCenter component (used for making phone calls) to maintain its own connection for sharing reports on your behavior.
Sometime after Paul's blog post appeared, Apple posted their own statement [2], saying that the app logging technology was a thing called Gatekeeper, which checks the developer ID signature to ensure that the app has not been altered by malware. Apple says "We have never combined data from these checks with information about Apple users and their devices." They don't offer any proof – you're just supposed to take their word for it. They also don't promise they will never combine the data in the future – just that (if you take their word for it) they aren't doing it now.
The way this privacy trampling works is that the vendor tries something, and if no one says anything, it becomes the new norm. If enough people squawk, they say "OK never mind…" and dial it back some. Perhaps in response to the negative feedback they have received so far, Apple has now stated that they will create a new preference setting sometime in the next year that will allow users to opt out of the Gatekeeper reporting feature. They still haven't explained why they thought it was reasonable that a computer configured to route all traffic through a VPN would continue to send information to the vendor through a secret backdoor – and what other information they might be sending in addition to the Gatekeeper data. We might have to keep squawking about that part.
Joe Casad, Editor in Chief
Infos
- "Your Computer Isn't Yours": https://sneak.berlin/20201112/your-computer-isnt-yours/
- "Safely Open Apps on Your Mac": https://support.apple.com/en-us/HT202491
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Direct Download
Read full article as PDF:
Price $2.95
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Find SysAdmin Jobs
News
-
Kubuntu Focus Announces XE Gen 2 Linux Laptop
Another Kubuntu-based laptop has arrived to be your next ultra-portable powerhouse with a Linux heart.
-
MNT Seeks Financial Backing for New Seven-Inch Linux Laptop
MNT Pocket Reform is a tiny laptop that is modular, upgradable, recyclable, reusable, and ships with Debian Linux.
-
Ubuntu Flatpak Remix Adds Flatpak Support Preinstalled
If you're looking for a version of Ubuntu that includes Flatpak support out of the box, there's one clear option.
-
Gnome 44 Release Candidate Now Available
The Gnome 44 release candidate has officially arrived and adds a few changes into the mix.
-
Flathub Vying to Become the Standard Linux App Store
If the Flathub team has any say in the matter, their product will become the default tool for installing Linux apps in 2023.
-
Debian 12 to Ship with KDE Plasma 5.27
The Debian development team has shifted to the latest version of KDE for their testing branch.
-
Planet Computers Launches ARM-based Linux Desktop PCs
The firm that originally released a line of mobile keyboards has taken a different direction and has developed a new line of out-of-the-box mini Linux desktop computers.
-
Ubuntu No Longer Shipping with Flatpak
In a move that probably won’t come as a shock to many, Ubuntu and all of its official spins will no longer ship with Flatpak installed.
-
openSUSE Leap 15.5 Beta Now Available
The final version of the Leap 15 series of openSUSE is available for beta testing and offers only new software versions.
-
Linux Kernel 6.2 Released with New Hardware Support
Find out what's new in the most recent release from Linus Torvalds and the Linux kernel team.