←back to thread

macOS unable to open any non-Apple application

(twitter.com)
2603 points mattsolle | 1 comments | 12 Nov 20 21:00 UTC | HN request time: 0s | source
Show context
Lammy ◴[12 Nov 20 21:38 UTC] No.25075443[source]
Maybe it's just me but the idea that my computer lets Apple (+ any LE organizations) surveil my app launches seems so much scarier than any malware.
replies(6): >>25075490 #>>25075500 #>>25075562 #>>25075747 #>>25075841 #>>25076444 #
brundolf ◴[12 Nov 20 21:44 UTC] No.25075490[source]
I don't know about you, but hashes of the binaries I run don't exactly reveal any sensitive personal information about me. That said, obviously they should have much more graceful degradation in place for when something is wrong with the service.
replies(8): >>25075523 #>>25075525 #>>25075542 #>>25075578 #>>25076133 #>>25076290 #>>25076425 #>>25076603 #
djsumdog ◴[12 Nov 20 21:46 UTC] No.25075523[source]
In this case, isn't the hash of the binary consistent across all devices, so Apples can in fact derive exactly which binary you're running (assuming they have a large database of application binary and hashes)?
replies(3): >>25075572 #>>25075582 #>>25075672 #
brundolf ◴[12 Nov 20 21:59 UTC] No.25075672[source]
Yes. My personal data involves what I do within those apps, not which ones they are.
replies(3): >>25075725 #>>25075758 #>>25075894 #
thelean12 ◴[12 Nov 20 22:03 UTC] No.25075725[source]
That's not even close to true. Apps that you have downloaded can reveal a massive amount of potentially personal information.

Think about someone having a dating app that would out them. Or a therapy app that they don't want people to know about. And that just scratches the surface.

replies(2): >>25075858 #>>25075965 #
brundolf ◴[12 Nov 20 22:20 UTC] No.25075965[source]
Part of it is that, when we're talking about a traditional computer (contrasted with a phone), all of that stuff happens in the web browser these days. The average user's native binaries are mostly limited to said web browser, some work communication apps, maybe a notes app, maybe some dev tools or office tools or media tools depending on the person. Nothing remotely interesting to advertising companies. Maybe that will change with the new iOS app support, but I kind of doubt it.

And anyway, when we are talking about a phone, it would be literally impossible to run an app store without recording (and personally identifying!) that information. Maybe that's one more argument to allow third-party app stores, which I'm not against (though who knows if they're more trustworthy with that data?), but nevertheless.

My point is that in the grand scheme of privacy concerns, this is a very silly hill to die on. In the grand scheme of system reliability, on the other hand, it's totally legitimate to be upset that this effectively took down thousands of expensive workstations across the world for a few minutes.

replies(2): >>25076106 #>>25076159 #
1. thelean12 ◴[12 Nov 20 22:37 UTC] No.25076159{3}[source]
So you're okay with it because at the moment you personally (or at least some vague idea of the "average user") don't have any "interesting" apps on your traditional computer? You should step back and understand why this is the wrong way to look at it.

Take a look at the macOS App Store medical section. Doing a quick scan of the top apps there is one app to help with some diabetes pump, one for a personal ECG machine, one that says it's a "mobile lactation consultant". Those can reveal a lot about a person that they might want to keep private. Searching "therapy" or "dating" also shows many results that people might want to keep private.