Skip to main content

Apple made a huge macOS privacy promise four years ago, but it’s still unfulfilled

Shortly after the release of macOS Big Sur back in 2020, Apple faced widespread server outages. The outage affected macOS installations, iMessage, Apple Pay, and most notably: the notarization service. This meant that users had major issues opening apps, revealing a flaw in how Apple handles app verification on the Mac.1

Background

For some context, your Mac does a couple verification checks whenever you launch an app. One of the checks is to verify the app isn’t malware, and the other is to make sure the developer certificate associated with the app is still valid. These checks are meant to keep users safe, and are widely referred to as app notarization.

Normally, if you’re using your Mac offline, the checks just fail and your app will launch as usual. However, when this server outage occurred, macOS was still attempting to check the servers rather than just failing. This resulted in apps taking a painful amount of time to launch.

Apple’s promised changes

After this incident occurred, Apple announced changes to address the issues, including an option to allow users to completely opt out of online notarization checks. The changes were supposed to roll out starting in 2021.

Initially, Apple announced these improvements because there were concerns around whether or not the company was using the notarization process to collect data on what apps people were using. The company reassured that this wasn’t the case, and highlighted some changes they were going to make in a support document:

To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs.

In addition, over the the next year we will introduce several changes to our security checks:

  • A new encrypted protocol for Developer ID certificate revocation checks
  • Strong protections against server failure
  • A new preference for users to opt out of these security protections

Potential scrap of the feature

To Apple’s credit, it did implement some of the changes it promised, such as stopping collection of IP addresses. It also created a new encrypted protocol for Developer ID certificate checks.

However, there’s still no word on when they’ll release a complete opt-out of online notarization checks. Furthermore, all references on the support document regarding the feature were completely scrubbed sometime in the past year.

Developer Jeff Johnson also highlighted this situation on his blog.

It would appear that Apple has scrapped its plans on allowing users to launch apps without any form of online security checks before opening, which is a bit of a shame if true. Although rare, it is bizarre that apps could suddenly take far longer to launch due to servers being down.

9to5Mac’s Take

Allowing users to opt out of notarization checks would undoubtedly be a huge privacy win, and would challenge the narrative that your Mac isn’t really your computer.

Apple likely made other underlying macOS changes to assure that server outages would never prevent apps from launching properly in the future. Regardless, it would still be greatly appreciated for the promised notarization opt out to finally release. Apple needs to provide clarity on their plan here.

H/T: Polar Hacker


Follow Michael: X/TwitterThreadsInstagram

  1. Post updated October 12, 2024 with some minor revisions to bring light to the topic again. Originally posted August 11, 2024. ↩︎

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Michael Burkhardt Michael Burkhardt

Michael is 9to5Mac’s Weekend Editor, keeping up with all of the latest Apple news on Saturday and Sunday. He got started in the world of Apple news during the pandemic, and it became a growing hobby. He’s also an indie iOS developer in his free time, and has published numerous apps over the years.

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications