Follow
OS updates for M1 macs (like today's 12.2 security update) connect to some random 17./8 on port 80 to "personalize", which presumably transmits your hardware serial unencrypted? i'm redoing it now, while pcapping, to see what it is actually sending...
@sneak i ran into it 3 weeks ago myself, this is apples page about it: https://support.apple.com/guide/security/secure-software-updates-secf683e0b36/web