Apple updated the documentation page describing the company’s next steps to prevent last week’s Gatekeeper error again, as Renee Richie noted. The company plans to implement the adjustments next year.
Apple had a tough launch day last week. The company has released macOS Big Sur, a major update for macOS. At the time, Apple was suffering from server problems.
Third-party applications failed to start because your Mac could not verify the application’s developer certificate. This feature, called Gatekeeper, ensures that you do not download a malware application that disguises itself as a legitimate application. If the certificate does not match, macOS prevents the application from starting.
Many are concerned about the implications for the confidentiality of the security feature. Does Apple register every app you run on your Mac to gain competitive information about using the app?
It turns out that this question is easy to answer, because the server does not require encryption. Jacopo Jannone intercepted an unencrypted network request and found that Apple was not secretly spying on you. The goalkeeper really does what he says he does.
“We have never combined data from these checks with information about Apple users or their devices. We do not use data from these inspections to find out what individual users run or run on their devices, “the company wrote.
But Apple goes one step further and communicates about the company’s next steps. As of last week, the company stopped registering IP addresses on its servers. It is not necessary to store this data for the Gatekeeper.
“These security checks have never included the user’s Apple ID or device identity. To further protect our privacy, we have stopped registering IP addresses related to developer ID certificate checks, and will ensure that all collected IP addresses are removed from the logs, “writes Apple.
Finally, Apple is redesigning the network request and adding a user-targeted opt-out option.
“In addition, next year we will make several changes to our security checks:
- New encrypted protocol for checks to revoke a developer certificate
- Strong server failure protection
- A new preference for consumers to drop these security protections. “