Most active commenters
  • dheera(3)

←back to thread

Apple's apps bypass firewalls like LittleSnitch and LuLu on macOS Big Sur

(twitter.com)
1183 points robenkleene | 11 comments | 20 Oct 20 15:51 UTC | HN request time: 1.478s | source | bottom
1. pier25 ◴[20 Oct 20 16:15 UTC] No.24839111[source]
A bit contradictory with Apple's supposedly privacy-focused approach, no?
replies(4): >>24839188 #>>24839314 #>>24840173 #>>24841770 #
2. comeonseriously ◴[20 Oct 20 16:20 UTC] No.24839188[source]
Of course, but they'll get a pass because "Apple's got yer back!"
3. dheera ◴[20 Oct 20 16:28 UTC] No.24839314[source]
Was Apple every privacy focused? I think they mostly try to play the good guys to get on users' sides but actually are pretty much the opposite. They know everything about you.

Why was the FBI even able to get access to that person's phone? Sounds like there was a loophole. Not happening if it were an encrypted Android device with a high-entropy password.

Apple also has vastly different policies in different countries. They do cooperate with government privacy invasions but they don't publish that fact in the US. It's a business decision but they are most definitely profit-focused, not privacy-focused.

replies(1): >>24839537 #
4. gruez ◴[20 Oct 20 16:45 UTC] No.24839537[source]
>Not happening if it were an encrypted Android device with a high-entropy password.

because you have to balance security with usability. iPhones use its security chip to slow/prevent password guessing. that allows you to use a weak password without losing much security, but if that system is compromised you're back to square one. I'm sure if you used a high entropy password on ios, they wouldn't be able to get access either.

replies(1): >>24839786 #
5. dheera ◴[20 Oct 20 17:04 UTC] No.24839786{3}[source]
> I'm sure if you used a high entropy password on ios

The problem is you don't get this choice in iOS.

A privacy-respecting company would provide you this option -- Android does. You can have a high-entropy passcode in Android if you wish, and choose to sacrifice usability in the interest of privacy, if that is what you'd like.

replies(2): >>24840037 #>>24840062 #
6. gruez ◴[20 Oct 20 17:24 UTC] No.24840037{4}[source]
>The problem is you don't get this choice in iOS.

Who says you can't?

https://9to5mac.com/wp-content/uploads/sites/6/2019/05/custo...

7. dheera ◴[20 Oct 20 17:26 UTC] No.24840062{4}[source]
@gruez Replying here since no reply button and I don't have time to wait for HN to make it appear

Thanks! I didn't realize iOS implemented this.

8. withinboredom ◴[20 Oct 20 17:35 UTC] No.24840173[source]
That privacy “focus” is just marketing.
9. threatofrain ◴[20 Oct 20 19:59 UTC] No.24841770[source]
Big entities probably make up 99% of the firewall market today, and for those who currently want firewalls, it makes far more sense to have independent hardware.

The use case for an end user managing their firewall experience with a 3rd-party software-based firewall AND who also wish to monitor Apple traffic is very niche.

For the overwhelming portion of the population, I would be more worried about the MacOS security model. Someone's iPad or iPhone experience can only be screwed up so much and can be reset without losing data. For MacOS the stakes are a lot higher, and users are trained to enter credentials for annoying-to-audit vague permissions.

In my view, MacOS is the biggest security hole in Apple's ecosystem. Doesn't this make you wonder how Apple will handle the health app on MacOS?

replies(1): >>24842198 #
10. pier25 ◴[20 Oct 20 20:45 UTC] No.24842198[source]
> In my view, MacOS is the biggest security hole in Apple's ecosystem.

Is it? Can you elaborate?

replies(1): >>24842407 #
11. ◴[20 Oct 20 21:14 UTC] No.24842407{3}[source]