Apple calls home – more privacy on OS X

After installing the firewall application called Little Snitch, I watched which applications on my Mac OS X are connecting to the Internet. Two notable services appeared – locationd and assistantd. The first is trying to determine your location based on checking nearby WiFi networks and asking Apple database for location of these networks. For example, calendar service or online maps use this service. Assistantd deals with text dictation and it’s similar to the popular service Siri or OK Google.

For Location privacy, we can choose the applications that have access to the resolved location (go to System Preferences / Security & Privacy and Privacy tab):

mac os x

If the Location Services are turned on, the computer is trying to figure out the location periodically. Turning it off gives us additional privacy, but Find My Mac service stops working. In my opinion, the Find My Mac service is almost useless (unlike the version for phones). This service requires an active Internet connection to work, which means that the laptop has to be connected to a known network. If your computer is stolen and is encrypted and password protected (see our video tutorial how to enable hard disk encryption on OS X), the attacker cannot connect to an unknown wifi without reinstalling the OS. Therefore, I decided to turn Location Services off completely.

Dictation (similar to Siri) on OS X sends your entire contact list to Apple servers by default. This helps the online dictation service to determine which contact you spoke about. Sound of your voice is of course also sent to Apple’s servers, which return a text representation of the recording. Few people know that OS X can also use local voice recognizer that works even when you are offline. This prevents the sending of your contacts to Apple voice servers. If you happen to accidentally press the recognition key (default is double pressing of the Fn key), it sends the recording of sounds around you to Apple.

The correct setting looks like this (you get to it via System Preferences / Dictation & Speech )


How do you make sure that even after proper configuration, these or other programs do not send anything to the Internet ? I mentioned Little Snitch firewall and there’s also HandsOff, which is a similar alternative. Both are user friendly, but not free. If you just want to allow or deny access to the Internet per application, I suggest an alternative firewall called TcpBlock, which is free. You may have noticed also a standard Firewall in Security & Privacy preferences. This firewall restricts incoming connections from the Internet to your computer. To limit where applications connect, you need an outgoing firewall, such as TcpBlock, Little Snitch Snitch or HandsOff.

Related blogs

How to order a pen test

Blog | | Martin Hanic
Although people working in the IT security industry may consider this question to be as trivial as "How to order a phone charger", for many, writing a purchase order for a penetration test can be like designing a nuclear power plant.

Unofficial Patch Tuesday – MSMQ Privilege Escalation Vulnerability Hotfix

Blog | | Citadelo
This security patch resolves a public vulnerability in the Windows Message Queuing Service (MSMQ) discovered by KoreLogic

We found vulnerability of CMS Made Simple

Blog | | Citadelo
CMS Made Simple is a free, open source CMS to provide developers, programmers and site owners a web-based development and administration area. In 2010 it won the Packt Publishing annual award for open source content management.

ExtendedMacro – BurpSuite plugin

Blog | | Citadelo
BurpSuite Proxy is one of the most used HTTP proxy application for web penetration testers. This tool is one of the best in its category, but sometimes we encounter a situation requiring additional functionality which is not provided by Burp itself.