Follow
When you update the OS on an M1 Mac, it transmits system unique identifiers to Apple's TSS server on gs.apple.com via plaintext HTTP (no TLS/SSL!) via an XML plist.
Verified today on a new M1 Max 16" rMBP upgrading to 12.2. I have pcaps.
@sneak Yikes, just for updates. Is the justification something like "that's how we do activation"?
@DrZeus yes it requires what is called an "image" which is a personalized/signed boot certificate for your specific system measurements. this has been happening on every iphone for ages, and every arm mac, and is not new. what's surprising is that it's not TLS.
@sneak Oh, the good old “let's send everything in plain text because we're suddenly suspiciously lazy".
