[FireBeyond]

> What specifically do you mean? Their frankly quite paranoid security and privacy white papers are pretty comprehensive and I don’t think they could afford to lie in those.

A couple of years ago Apple was busted when it was discovered that most Apple first-party apps weren't getting picked up by packet sniffer or firewalls on macOS.

Apple tried deflecting for a while before finally offering up the flimsy claim that it "was necessary to make updates easier". Which isn't a really good explanation when you're wondering why TextEdit.app needs a kernel network extension.

[kalleboo]

What actually happened was Apple removed support for kernel extensions that these firewall apps used.

The user-mode replacement APIs allowed by sandboxed apps had a whitelist for Apple's apps, so you couldn't install some App Store firewall app that would then disable the App Store and screw everything up.

After the outrage, in a point release a few months later, they silently emptied out the whitelist, resolving the issue.

They never issued any kind of statement.

[FireBeyond]

So their "fix", as described here, removed protection from "having the App Store disabled and everything screwed up"?

That makes no sense.

Even if it did, the app the would need protection is the App Store, not every single Apple app. In many cases, the fix for the worst case scenario would be "remove firewall app".

Also, given that TextEdit was not an AppStore app, for but one example, but a base image app.

> They never issued any kind of statement.

Shocking. I've had at least two MBPs affected by different issues that were later subject to recall, but no statement there. radar.apple.com may well be read by someone, but is largely considered a black hole.