fun fact: modern M1 chips on the latest macOS contact the apple TSS server for bootloader signatures via plaintext http just like an iphone, and transmit their ECID (unique SoC hardware identifier) in *port 80 total plaintext* letting the backbones/IXes/NSA/CIA know the physical location of that specific computer.
this is happening on the latest and greatest M1 machines being sold right now, on the latest macOS, on every OS update.
search pcaps for gs.apple.com/17.171.47.65.
@woodrow the contentfilterexclusionlist misfeature was ripped out shortly thereafter because we screamed about it. no more intentional vpn bypasses from apple at the moment.
@woodrow it was only in the betas and maybe one short lived GA release iirc
I did not test it myself and am trusting the person who posted it. He was testing an M1 Mac mini shortly after they were released.