I recently learned that even blackholing the entire /8 block of Apple's IPs at the router, after they bypass your provided DNS servers, after they bypass your /etc/hosts file, macOS then tries to phone home using IPv6.
These attempts* go on 24/7 even with 0 apps open and the computer being idle.
helpd, geod, locationd, cloudd, the list of apps phoning home when your computer is idle goes on and on and on. Nevermind that they have the metadata to track every launch of every app on your OS.
Then you've got Adobe who is apparently convinced that by virtue of installing their software, they own the resources on your machine and network to their heart's content and spam non-stop phone-home messages to adobess.com adobesc.com adobe.io etc etc
I was tired of seeing 7+ Adobe background daemons, launchagents, helpers, brokers, core sync, etc crap that they decided must be running constantly. I made a script that fires every hour and if no Adobe apps are running it just kills all those useless processes. My machine is so much happier now.
launchd sounds scary but it is not that hard to get an agent enabled. It's basically a plist file or two in the right place and a command to enable it. You can have launchd call your shell script once per minute.
I used this to good effect once to log the output of a few debug commands to text, commit that to a git repo, and move on. Then I could come back later and see what was going on before an issue happened on that system.
Regarding finding the adobe process names, you can filter output of `ps aux` based on application path or name to get a current list process IDs and kill those.
In this particular case, watch out for getting into a launchd fight, where launchd is simultaneously killing adobe processes and also relaunching them because of Adobe's own launchd registrations.
Indeed. Some component of Adobe's suite will be responsible for re-enabling them, so it's just a balance between actually using the software and disabling the background tasks.
So block their ASN, and not just IPv4. Apple has a long standing policy that all apps should be useable over IPv6, this is the same for their own applications.
I have quite a restrictive firewall. Like an old school one: accept the necessary, drop the rest.
Found my Mac unusable in these conditions. It always tries to phone home unsuccessfully, so freezes. Then freezes again.
It has the offline mode but it has no firewalled mode unfortunately. Once the cable is inserted it keeps trying.
These attempts* go on 24/7 even with 0 apps open and the computer being idle.
* https://i.imgur.com/md2ykLl.png
helpd, geod, locationd, cloudd, the list of apps phoning home when your computer is idle goes on and on and on. Nevermind that they have the metadata to track every launch of every app on your OS.
Then you've got Adobe who is apparently convinced that by virtue of installing their software, they own the resources on your machine and network to their heart's content and spam non-stop phone-home messages to adobess.com adobesc.com adobe.io etc etc