Edit: Guys I didn’t write the headline; the subtitle that I added, I’ve now fixed tho

Edit: Also, the information about there being no escape is out of date – here’s a quick guide to how to fix the problem in the modern day

    • octopus_ink@lemmy.ml
      link
      fedilink
      English
      arrow-up
      23
      ·
      edit-2
      8 months ago

      This is from 2020. You absolutely can use Little Snitch or a similar firewall to block this traffic.

      We agree how sinister and dystopian it is to need to work against your hardware/os vendor for something like this though, right?

      Shutup 10 exists, but that doesn’t make it OK that Windows users have to continuously be on guard for MS to try snooping on them, either.

    • Em Adespoton@lemmy.ca
      link
      fedilink
      arrow-up
      6
      ·
      edit-2
      8 months ago

      Can you though? LS now operates in user mode, which means it can no longer block traffic sent to Apple via a kernel thread.

      It’s all a bit pointless though, as a LOT of hardware now calls home as well, and it doesn’t matter what OS to run on top of it unless you’re running something like TempleOS. Vanilla Linux is not going to protect you by itself. And if you’re using a repository system for software updates, that’s going to be reporting your software too — and many web browsers also report the URLs you go to (or even consider going to) and what extensions you have loaded.

      But that article points at a solution for macOS users: it’s the certificates that are being checked. Any non-bog-standard software I run is not notarized or signed, and it functions just fine and has nothing to send back to Apple’s servers. First time I run it I need to right click and select Open to run the app, and this bypasses the entire signer system.

    • Zworf@beehaw.org
      link
      fedilink
      arrow-up
      1
      ·
      8 months ago

      Little Snitch

      Little Snitch won’t work because they use the Apple-blessed content filter which apparently doesn’t allow blocking this.

      Pointing it to localhost in the hosts file does work, as indicated in that article.