[skrrtww]

The title sort of implies this is intentional or privileged to Apple, while it rather seems more like just a bug.

I also wish people would post the FB numbers and the details of their report when they say they've reported things like this.

[Reptur]

Devil's advocate would say: They could do this and make it look like a bug that never gets fixed in order to avoid backlash. How it gets achieved is flexible if the goal is met.

[kergonath]

Why would they be afraid of backlash on such an obscure, technical feature? They never were in the past and are expected to take controversial technical decisions by now. And by “now”, I mean in the last 30-odd years.

[pkulak]

Yeah, if it was intentional, it would probably be a hard-coded, encrypted URL. Some devices are starting to do that to get around ad blocking.

[hiatus]

Good thing you can still see the domain over the network if you control the network.

[lukevp]

You can’t control anything if they do DNS over HTTPS to a hardcoded IP they control and cert pin so you can’t MITM the connection, can you?

[userbinator]

That's what a firewall is for.

[Wingy]

If the pinned cert is stored on some kind of ROM chip you could probably rewrite it to replace it with your own cert.

[hiatus]

You can at the very least block traffic to the hardcoded IP.

[pkulak]

Sure, but then DNS breaks on the device and it's useless. Might as well just hit it with a hammer.