Apple explains unusual app behaviour amid fears it is spying on what users opened

Andrew Griffin
Monday 16 November 2020 08:57 EST
Comments
(AFP via Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Apple has attempted to clarify its policies after an unusual bug led to fears it was spying on what apps people opened.

In the wake of the release of MacOS Big Sur last week, many found that after installing the update they were unable to open apps as usual. While they would open fine if the computer was offline, if it was connected to the internet the apps would hang and not launch.

Experts found that the problem was arising because apps were "phoning home" to Apple when they were launched, but the busy nature of the time meant those servers were not working properly and could not respond to allow the app to open. Eventually, those servers recovered and the update began working as normal.

But after that issue, many pointed out that it is a concern that the apps were attempting to contact Apple in the first place, and speculated that it could mean the company was able to see or even control which apps its customers were using.

Those messages to Apple could also be intercepted, noted security researcher Jeffrey Paul in a blog post titled "Your Computer Isn't Yours", meaning that they could be read by intelligence agencies or malevolent hackers.

Now the company has looked to explain that problem, insisting that users were not at risk. It also announced a number of changes to its platform in an attempt to quell concerns that the process could be unsafe.

Those new changes will include stronger protections to ensure that servers do not fail in the same way, and a new preference option so that users can opt out of the protections if they wish.

The problems appear to have occurred because of a feature in Apple’s MacOS called “Gatekeeper”. That performs online checks when an app is opened, looking up a record stored by Apple that will tell the computer if it has malware or if its security certificate has been revoked.

Apple said in an update to a support document on its website that it has “never combined data from these checks with information about Apple users or their devices”. It also said that it does not “use data from these checks to learn what individual users are launching or running on their devices”.

It also insisted that the “security checks have never included the user's Apple ID or the identity of their device”. It also said that it would make changes to allow those checks to log less about their users, rolling out an update that will make it stop logging IP addresses, as well as deleting any IP addresses that it has collected until now.

The other changes will be rolled out over the next year. As well as better projections against the servers failing, and a new option to opt out, Apple will also add better encryption to the messages that its computers send to its servers.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in