> No, macOS does not send Apple a hash of your apps each time you run them.
> You should be aware that macOS might transmit some opaque information about the developer certificate of the apps you run. This information is sent out in clear text on your network.
> You shouldn’t probably block ocsp.apple.com with Little Snitch or in your hosts file.
HN submission/comments of linked blog post[0]. Among those comments:
> In the example from the article: if Mozilla's certificate is sent, then it's very likely that the app that has been opened is Firefox, as the a priori likelihood of using Firefox is way higher than eg using Thunderbird. If the developer is Telegram LLC, then ... and so on.
> It is only very very slightly less concerning than sending the app hashes. Coming to the conclusion that this is all great and fine is really absurd.
2 comments
[ 9.9 ms ] story [ 17.8 ms ] threadFrom a much better researched take: https://blog.jacopo.io/en/post/apple-ocsp/
> No, macOS does not send Apple a hash of your apps each time you run them.
> You should be aware that macOS might transmit some opaque information about the developer certificate of the apps you run. This information is sent out in clear text on your network.
> You shouldn’t probably block ocsp.apple.com with Little Snitch or in your hosts file.
> In the example from the article: if Mozilla's certificate is sent, then it's very likely that the app that has been opened is Firefox, as the a priori likelihood of using Firefox is way higher than eg using Thunderbird. If the developer is Telegram LLC, then ... and so on.
> It is only very very slightly less concerning than sending the app hashes. Coming to the conclusion that this is all great and fine is really absurd.
[0] https://news.ycombinator.com/item?id=25095438