Hacker News new | past | comments | ask | show | jobs | submit login
Apple OSes Are Insecure by Design to Aid Surveillance (sneak.berlin)
18 points by keybits 12 months ago | hide | past | favorite | 3 comments



> Apple committed in writing a few major versions (i.e. ~3 years ago) to providing a preference setting for disabling online OCSP checks in macOS when I made a stink about it, within one year. Not only did this not happen within a year (a rare instance of Apple actually outright lying), but someone was kind enough to write me and tell me that Apple has edited the webpage to remove this promise. (emphasis mine)

https://support.apple.com/en-us/HT202491

Fortunately an older version was archived: https://archive.ph/yhThW

I believe the part that was removed is near the bottom:

> In addition, over the the next year we will introduce several changes to our security checks:

> - A new encrypted protocol for Developer ID certificate revocation checks

> - Strong protections against server failure

> - A new preference for users to opt out of these security protections

Definitely a curious turn of events.


Honestly if you really want this fixed, just sniff the app usage traffic from a few celebrities and publish online. It will be fixed quickly.


Damning.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: