fun fact: modern M1 chips on the latest macOS contact the apple TSS server for bootloader signatures via plaintext http just like an iphone, and transmit their ECID (unique SoC hardware identifier) in *port 80 total plaintext* letting the backbones/IXes/NSA/CIA know the physical location of that specific computer.

this is happening on the latest and greatest M1 machines being sold right now, on the latest macOS, on every OS update.

search pcaps for gs.apple.com/17.171.47.65.

@sneak
So Apple living up to its expectation of being garbage?

What happening if one blocks this transmission?

Follow

@dsfgs then the os update will not install.

@dsfgs that's not what abuse is. apple's boot security is worlds better than the tpm crap available on the pc side

@sneak @dsfgs then they improved something because it was shit a few years ago

@woodrow
We were speaking from the unencrypted surveillance part, but appreicate your insight into other aspects.

Partly related, we've been noticing a #post2016 trend, including in Firefox and linux distros to do #connectivityChecks regularly — some implementations unencrypted!

Using something like #tcpdump can help identify these. Of course at the hardware level, such software solutions can't help, one'd need other hardware intercepting/anonymising(?) the traffic, if possible.

@sneak

@sneak @dsfgs is it possible to prevent the info leak by connecting to a wifi that has VPN on it? (Assuming the VPN can be trusted)

@caliw
Ok, we weren't sure how they were connecting.

The danger is be for things to connect like #AmazonSidewalk, or you will have no router and connect direct to the #5G tower or #spaceExplorer's (memecoiner's) shartellite network.

@sneak

@caliw
If the VPN is behind the WiFi and not running on the Mac itself then yeah that cannot be bypassed.
@sneak @dsfgs
Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!