Apple Memory Holes OCSP Preference
In addition, over the the next year we will introduce several changes to our security checks:
- A new encrypted protocol for Developer ID certificate revocation checks
- Strong protections against server failure
- A new preference for users to opt out of these security protections
In the September 26 version of that page, this whole section is gone (via Fred McCann).
Previously:
- Forty Years of GNU and the Free Software Movement
- Apple Reneged on OCSP Privacy
- Still No Preference to Opt Out of OCSP
- Apple Server Outage Makes Mac Apps Hang on Launch
Update (2023-10-09): Jeff Johnson:
I think the credit should go to this HN comment 5 days ago.
Update (2024-08-08): Jeff Johnson (Hacker News):
Apple’s broken promise is shameful. The company apparently hopes we forget that it ever made the promise. Apple talks a good game, claiming “privacy is a fundamental human right”, yadda yadda, but talk is cheap. When it comes to our right to stop our devices from phoning home to Cupertino, Apple is not interested. And if we can’t trust Apple to keep its promises, then why should we trust anything else that Apple says, such as that our IP addresses are not logged? After all, it’s impossible for us to verify this from the outside. Trust is earned through actions, and in this case Apple has neglected to act.
Update (2024-08-13): See also: Michael Burkhardt and Jeff Johnson.
2 Comments RSS · Twitter · Mastodon
Waiting for a changing of the guard at Apple, a new generation who sees the folly of the walled garden and works to open things up. NeXTSTEP - excuse me, Mac OS - is a phenomenal system that is hampered by Apple's ceaseless meddling.
I am, as ever, unsurprised by this. It's a privacy violation, unquestionably, but the privacy company would rather "forget" the whole incident than fix the problem and damage their egos. The brightest people in the room are always right. Always.
