1
0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2025-10-24 16:22:10 +00:00

Compare commits

...

10 Commits

Author SHA1 Message Date
mfwmyfacewhen
d746fd7fe3 remove "allow apps downloaded from app store" setting 2023-08-09 18:04:21 -05:00
mfwmyfacewhen
6259f964f4 move app revocation checks 2023-08-09 04:29:21 -05:00
mfwmyfacewhen
e0d81ac98b remove privacy notes 2023-08-09 04:26:03 -05:00
mfwmyfacewhen
cfe6bd7959 consolidate information on app revocation checks 2023-08-09 03:41:58 -05:00
mfwmyfacewhen
91ac91be42 remove third party software recommendation 2023-08-09 03:32:49 -05:00
mfwmyfacewhen
f96d54e89d remove notarization in antivirus section 2023-08-09 03:18:37 -05:00
mfwmyfacewhen
10d317809b more accurate wording for app sandbox 2023-08-09 03:13:43 -05:00
mfwmyfacewhen
8d1083ecc5 remove mac address randomization 2023-08-09 03:10:43 -05:00
mfwmyfacewhen
07c3434915 change allow applications downloaded from setting to be more accurate 2023-08-09 03:09:40 -05:00
mfwmyfacewhen
330f6f9b20 remove activation lock 2023-08-09 03:00:55 -05:00

View File

@@ -7,22 +7,6 @@ description: macOS is Apple's desktop operating system that works with their har
Older Intel-based Macs and Hackintoshes do not support all the security features that macOS offers. To enhance data security, we recommend using a newer Mac with [Apple silicon](https://support.apple.com/en-us/HT211814). Older Intel-based Macs and Hackintoshes do not support all the security features that macOS offers. To enhance data security, we recommend using a newer Mac with [Apple silicon](https://support.apple.com/en-us/HT211814).
## Privacy Notes
There are a few notable privacy concerns with macOS that you should consider. These pertain to the operating system itself, and not Apple's other apps and services.
### Activation Lock
Brand new Apple silicon devices can be set up without an internet connection. However, recovering or resetting your Mac will **require** an internet connection to Apple's servers to check against the Activation Lock database of lost or stolen devices.
### App Revocation Checks
macOS performs online checks when you open an app to verify whether an app contains known malware, and whether the developers signing certificate is revoked.
Previously, these checks were performed via an unencrypted OCSP protocol which could leak information about the apps you ran to your network. Apple upgraded their OCSP service to use HTTPS encryption in 2021, and [posted information](https://support.apple.com/HT202491) about their logging policy for this service. They additionally promised to add a mechanism for people to opt-out of this online check, but this has not been added to macOS as of July 2023.
While you [can](https://eclecticlight.co/2021/02/23/how-to-run-apps-in-private/) manually opt out of this check relatively easily, we recommend against doing so unless you would be badly compromised by the revocation checks performed by macOS, because they serve an important role in ensuring compromised apps are blocked from running.
## Recommended Configuration ## Recommended Configuration
Your account when you first set up your Mac will be an Administrator account, which has higher privileges than a Standard user account. macOS has a number of protections which prevent malware and other programs from abusing your Administrator privileges, so it is generally safe to use this account. Your account when you first set up your Mac will be an Administrator account, which has higher privileges than a Standard user account. macOS has a number of protections which prevent malware and other programs from abusing your Administrator privileges, so it is generally safe to use this account.
@@ -31,8 +15,6 @@ However, exploits in protective utilities like `sudo` have been [discovered in t
If you do use a second account, it is not strictly required to ever log in to your original Administrator account from the macOS login screen. When you are doing something as a Standard user which requires Administrator permissions, the system should prompt you for authentication, where you can enter your Administrator credentials as your Standard user on a one-time basis. Apple provides [guidance](https://support.apple.com/HT203998) on hiding your Administrator account if you prefer to only see a single account on your login screen. If you do use a second account, it is not strictly required to ever log in to your original Administrator account from the macOS login screen. When you are doing something as a Standard user which requires Administrator permissions, the system should prompt you for authentication, where you can enter your Administrator credentials as your Standard user on a one-time basis. Apple provides [guidance](https://support.apple.com/HT203998) on hiding your Administrator account if you prefer to only see a single account on your login screen.
Alternatively, you can use a utility like [macOS Enterprise Privileges](https://github.com/SAP/macOS-enterprise-privileges) to escalate to Administrator rights on-demand, but this may be vulnerable to some undiscovered exploit, like all software-based protections.
### iCloud ### iCloud
The majority of privacy and security concerns with Apple products are related to their *cloud services*, not their hardware or software. When you use Apple services like iCloud, most of your information is stored on their servers and secured with keys *which Apple has access to* by default. This level of access has occasionally been abused by law enforcement to get around the fact that your data is otherwise securely encrypted on your device, and of course Apple is vulnerable to data breaches like any other company. The majority of privacy and security concerns with Apple products are related to their *cloud services*, not their hardware or software. When you use Apple services like iCloud, most of your information is stored on their servers and secured with keys *which Apple has access to* by default. This level of access has occasionally been abused by law enforcement to get around the fact that your data is otherwise securely encrypted on your device, and of course Apple is vulnerable to data breaches like any other company.
@@ -117,12 +99,6 @@ Decide whether you want personalized ads based on your usage.
- [ ] Uncheck **Personalized Ads** - [ ] Uncheck **Personalized Ads**
##### Security
Apps from the App Store are subject to stricter security guidelines, such as stricter sandboxing. If the only apps you need are available from the App Store, change the **Allow applications downloaded from** setting to **App Store** to prevent accidentally running other apps. This is a good option particularly if you are configuring a machine for other, less technical users such as children.
If you choose to also allow applications from identified developers, be careful about the apps you run and where you obtain them.
##### FileVault ##### FileVault
On modern devices with a Secure Enclave (Apple T2 Security Chip, Apple silicon), your data is always encrypted, but is decrypted automatically by a hardware key if your device doesn't detect it's been tampered with. Enabling FileVault additionally requires your password to decrypt your data, greatly improving security, especially when powered off or before the first login after powering on. On modern devices with a Secure Enclave (Apple T2 Security Chip, Apple silicon), your data is always encrypted, but is decrypted automatically by a hardware key if your device doesn't detect it's been tampered with. Enabling FileVault additionally requires your password to decrypt your data, greatly improving security, especially when powered off or before the first login after powering on.
@@ -137,20 +113,6 @@ On older Intel-based Mac computers, FileVault is the only form of disk encryptio
- [x] Click **Turn On** - [x] Click **Turn On**
### MAC Address Randomization
Unlike iOS, macOS doesn't give you an option to randomize your MAC address in the settings, so you'll need to do it with a command or a script.
You open up your Terminal and enter this command to randomize your MAC address:
``` zsh
openssl rand -hex 6 | sed 's/\(..\)/\1:/g; s/.$//' | xargs sudo ifconfig en1 ether
```
en1 is the name of the interface you're changing the MAC address for. This might not be the right one on every Mac, so to check you can hold the option key and click the Wi-Fi symbol at the top right of your screen.
This will be reset on reboot.
## Security Protections ## Security Protections
macOS employs defense in depth by relying on multiple layers of software and hardware-based protections, with different properties. This ensures that a failure in one layer does not compromise the system's overall security. macOS employs defense in depth by relying on multiple layers of software and hardware-based protections, with different properties. This ensures that a failure in one layer does not compromise the system's overall security.
@@ -175,20 +137,19 @@ System Integrity Protection makes critical file locations read-only to protect a
#### Application Security #### Application Security
### App Revocation Checks
macOS performs online OCSP checks using HTTPS encryption when you open an app to verify whether an app contains known malware, and whether the developers signing certificate is revoked.
We recommend against blocking these checks.
##### App Sandbox ##### App Sandbox
macOS apps downloaded from the App Store are required to be sandboxed usng the [App Sandbox](https://developer.apple.com/documentation/security/app_sandbox). macOS apps downloaded from the App Store are required to use the [App Sandbox](https://developer.apple.com/documentation/security/app_sandbox). You should avoid non-App Store software as much as possible.
!!! warning
Software downloaded from outside the official App Store is not required to be sandboxed. You should avoid non-App Store software as much as possible.
##### Antivirus ##### Antivirus
macOS comes with two forms of malware defense: Protection against malware on your system is provided by *XProtect*, an antivirus program built-in to macOS.
1. Protection against launching malware in the first place is provided by the App Store's review process for App Store applications, or *Notarization* (part of *Gatekeeper*), a process where third-party apps are scanned for known malware by Apple before they are allowed to run.
2. Protection against other malware and remediation from existing malware on your system is provided by *XProtect*, a more traditional antivirus software built-in to macOS.
We recommend against installing third-party antivirus software as they typically do not have the system-level access required to properly function anyways, because of Apple's limitations on third-party apps, and because granting the high levels of access they do ask for often poses an even greater security and privacy risk to your computer. We recommend against installing third-party antivirus software as they typically do not have the system-level access required to properly function anyways, because of Apple's limitations on third-party apps, and because granting the high levels of access they do ask for often poses an even greater security and privacy risk to your computer.