|
|
|
|
|
|
by okamiueru
1818 days ago
|
|
|
That's not the worst part. MacOS monitors every time you run an executable, which executable, when and where, and it shares this with unencrypted traffic. Not only that, but the data is collected as part of PRISM, so there is no court order to get it. https://sneak.berlin/20201112/your-computer-isnt-yours/ |
|
|
PRISM is an internal codename for (not bulk! specific!) downloading of data direct from FAANG et al servers under FISA Amendments Act section 702. It's warrantless but is not bulk/mass surveillance. (Also, it technically is a "court order" as there is a secret rubber stamp "FISA court", but it doesn't require a warrant or probable cause, or allow for review/appeal because it's proceedings are classified.)
https://en.m.wikipedia.org/wiki/United_States_Foreign_Intell...
Theoretically it's not supposed to be used against US citizens but Snowden has claimed that a secret interpretation in a secret court has decided that it can be.
https://www.eff.org/702-spying
They use it a ton, though, as it's the #1 most used source in the US IC. Apple turns over more than 30k user accounts of data under warrantless FISA orders each year, per their own transparency report.
That said, Apple has (in response to my blog post you linked) committed to a) encrypting that OCSP traffic in the next macOS, and b) deleting all of their stored logs.
That wouldn't have stopped the IC from monitoring all of that previous unencrypted traffic and logging it themselves, though, but that has nothing to do with PRISM/FISA. That's bulk collection, which is a different thing than PRISM.