…with Apple’s commitment to security and privacy, it is investing in creating a new, encrypted protocol that goes above and beyond OCSP…
Do you remember the last “Apple is doomed” news? Do you? Well, it’s not so doomed after.
As everybody could expect, the they are as exposed as others could be in the current always connected cloud.
Of course Apple is working to avoid the potential riks.
<<The company also details Apple IDs and device identification have never been involved with these software security checks. But going forward “over the next year,” Apple will be making some changes to offer more security and flexibility for Macs.
First is that Apple will stop logging IP addresses during the process of checking app notarizations.
Second, it’s putting in place new protections to prevent server failure issues. And finally, addressing the overarching concern that Jeffry Paul raised, Apple will release an update to allow users to opt-out of using these macOS security protections.
macOS has been designed to keep users and their data safe while respecting their privacy.
Gatekeeper performs online checks to verify if an app contains known malware and whether the developer’s signing certificate is revoked. We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices.
Notarization checks if the app contains known malware using an encrypted connection that is resilient to server failures.
These security checks have never included the user’s Apple ID or the identity of their device. To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs.
In addition, over the next year we will introduce several changes to our security checks:
*A new encrypted protocol for Developer ID certificate revocation checks
*Strong protections against server failure
*A new preference for users to opt out of these security protections
We’ve also learned more technical details about how this all works from Apple that aligns with what independent security researcher Jacopo Jannone shared earlier.>>