That slightly snarky disclaimer you quoted actually has a serious backstory; the language came from https://fixubuntu.com (whose AGPL code was used here), and it was added after Ubuntu sent a legal demand that "Ubuntu" be removed from the fixubuntu domain name and website:
I actually toned down the snark -- just slightly -- from the original disclaimer.
It's remarkably easy to miss Spotlight's privacy disclosure in Yosemite -- the instant you start typing in the Spotlight search box, the disclosure disappears, and seemingly stays gone. There's no single "local search only" toggle, and you have to cross-reference the documentation provided in System Preferences against the list of "Search Results" to figure out which of the options actually sends your queries to Apple.
I wanted something simple, that I knew worked, and I could just tell family to run themselves, so I put this together. It's a convenient way to apply the settings, a jumping-off point for a more involved effort to resolve some of the other remaining privacy issues on Yosemite, and a handy way to get the privacy message across.
If you're interested in chipping in on the OS X privacy front, there's a lot more to look at than just Spotlight; my next goal is to get https://github.com/fix-macosx/sslsplit transparently capturing traffic in a Yosemite VM so that we can start nailing down exactly what is being sent from the myriad of daemons (and spotlight!) that are sending data outwards in a default configuration.
I'm very sympathetic to the "random internet code" issue, so I struck a balance by:
1) Displaying the source inline in the page (of course, there's no guarantee that it matches the downloaded code, but the goal here is to highlight the important of knowing what you're running).
2) Making the actual script URL a clickable link, so that folks that don't blindly execute curl scripts (myself included) can easily download the script and examine it.
3) Used a variation of the usual pipe approach (curl -O … && ./…) so that anyone downloading it would actually have a copy of what they just ran.
4) Serve the whole lot over TLS.
Thank you for taking the time respond, and for your impressive body of work.
My knee-jerk reaction to everything about this site can definitely be attributed to ignorance. Something worth considering, in my opinion, for the goal of the project.
fix-osx: I didn't know it needed fixing (in the context of what this site declares is wrong). I am open to being wrong, and that it would need fixing, but my gut response is that it doesn't. It is not intended to attack/dispute your messaging, but rather explain how it could be read by someone unfamiliar with how it is indeed that way.
Expanding on that, I don't hold that OSX inherently betrays user privacy. While this can be considered a privacy leak by ux design (it is, I agree), it's not something that would lead me to the conclusion that the OS has no privacy by design. I'll be looking more into this now, however.
Regarding the disclaimer... That backstory certainly validates the tone, but a disclaimer for the disclaimer would be nice for the uninitiated :-
Just to clarify, the submission's title of "No Privacy, by Design" doesn't represent my own position; it's not a phrase that's used on fix-macosx.com.
Thanks for the awareness!
If you really want to educate people, why not also provide directions on how to do it via the UI? Are you trying to scare people?
The privacy disclosure and instructions are perpetually available in spotlight settings by pressing the giant button labelled 'About Spotlight Suggestions & Privacy', which is probably the largest button in the entire OS.
But your server is configured to allow SSLv3
In other words (assuming an attacker can modify a sufficient amount of SSL traffic in transit), they could decrypt the python source code, but they can't insert new data without triggering a MAC validation failure on the client.
I'd love to see this.
I've just about wrapped up support for correlating connections with the local responsible program (see branch macosx-process-info); I also need to put some thought into how to handle non-TCP traffic.
I'll be posting Yosemite setup instructions later today; my plan is to collect a corpus of data from a default installation. One thing I could really use help with is providing a web-based visualization of that data.