It seems that the latest macOS update Big Sur comes with serious privacy and security issues, specifically Apple apps bypassing the VPNs and firewall tools, thus connecting directly to Apple servers.
The problem isn’t just that the real IP would be revealed to Apple, but this can easily be exploited by malware, as a security researcher has pointed out on Twitter.
In Big Sur Apple decided to exempt many of its apps from being routed thru the frameworks they now require 3rd-party firewalls to use (LuLu, Little Snitch, etc.) 🧐
Q: Could this be (ab)used by malware to also bypass such firewalls? 🤔
A: Apparently yes, and trivially so 😬😱😭 pic.twitter.com/CCNcnGPFIB
— patrick wardle (@patrickwardle) November 14, 2020
It is not known yet whether Apple is going to mitigate this issue by releasing a patch, but here is what you can do to keep this problem away:
– don’t upgrade to Big Sur if you haven’t done so already and keep an eye on the news related to a potential patch
– use a VPN capable router and set the VPN connection on it istead of running it on your mac. This way, all traffic, including Apple apps, will be forced to reach the Internet through the router’s VPN connection
More details on Big Sur’s issue:
- https://threatpost.com/some-apple-apps-on-macos-big-sur-bypass-content-filters-vpns/161295/
- https://appleterm.com/2020/10/20/macos-big-sur-firewalls-and-vpns/
- https://thenextweb.com/plugged/2020/11/16/apple-apps-on-big-sur-bypass-firewalls-vpns-analysis-macos/