Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > microsoft.public.test > #73 > unrolled thread

Howard Oakley article on Privacy

Started byDavid <David.is@home.today>
First post2025-03-12 08:51 +0000
Last post2025-03-12 08:51 +0000
Articles 1 — 1 participant

Back to article view | Back to microsoft.public.test


Contents

  Howard Oakley article on Privacy David <David.is@home.today> - 2025-03-12 08:51 +0000

#73 — Howard Oakley article on Privacy

FromDavid <David.is@home.today>
Date2025-03-12 08:51 +0000
SubjectHoward Oakley article on Privacy
Message-ID<m3d08sFhm6rU1@mid.individual.net>
https://eclecticlight.co/2025/03/12/why-all-this-privacy-protection-an-overview/

//When you run an app, it naturally runs with your full user’s 
privileges, and has access to everything according to the permissions 
set on folders and files. Just as you want your privileges to give the 
Finder and your mail client access to all your emails and their 
enclosures, all other apps that you run enjoy those same privileges. But 
would you also want a third-party note-taking or photo-editing app to 
have that same level of access, even without your knowledge? Similarly, 
while you want FaceTime to have access to your Mac’s camera and 
microphone, would you be happy for any other app to access them without 
your being asked?//

ChatGPT says ....

Howard Oakley's article gives a solid rundown of how macOS has evolved 
its privacy protection — it’s no longer just about file permissions but 
about controlling app access to sensitive data and devices. Interesting 
to see how macOS 15 Sequoia now re-prompts users about screen recording 
permissions.

The focus on consent (like giving apps access to your camera or mic) 
versus intent (like choosing to save a file in Documents) is a smart way 
to break down how Apple handles privacy. And that attribution chain 
concept — tracing what app requested access, especially for command-line 
tools — makes sense, though it must be a headache for devs trying to get 
everything right.

=

I asked - "Can you see how EtreCheck can get around all this protection?"

=

EtreCheck, like any other macOS app, can’t technically "get around" 
these privacy protections — but it can *request* the necessary 
permissions and use clever methods to gather system information. Let’s 
break down how it likely works:

1. **Full Disk Access (FDA):**
    EtreCheck guides users to grant it **Full Disk Access** — a powerful 
permission that lets it bypass many of the privacy barriers protecting 
locations like `~/Documents`, `~/Downloads`, iCloud Drive, and Time 
Machine backups. Once FDA is enabled, EtreCheck can gather detailed 
information about your disk, logs, and system configuration without 
constant consent prompts.

2. **Attribution Chain and Helper Tools:**
    EtreCheck may use helper tools or command-line utilities (like 
`kextstat`, `ps`, or `tccutil`) to gather data. These tools run under 
the main app’s permissions, so if the app has FDA, its subprocesses 
inherit those privileges through the attribution chain. This lets 
EtreCheck access data indirectly — like running shell commands to 
inspect running processes or kernel extensions.

3. **Entitlements and Info.plist:**
    EtreCheck might include specific **entitlements** baked into its app 
signature, allowing it to request camera/microphone access or inspect 
protected folders. The Info.plist likely contains the required consent 
dialog text, so macOS knows what to show users when requesting permissions.

4. **Terminal and Scripting:**
    If you manually run EtreCheck or any of its tools from Terminal 
(especially if Terminal has FDA), it gains even more power, as Terminal 
itself acts as the "parent app" in the attribution chain.

5. **Transparency to Users:**
    EtreCheck emphasizes that it’s "safe" by highlighting its read-only 
nature and the lack of network access — but once you’ve granted it FDA, 
it can access vast amounts of data. It doesn’t technically "bypass" 
protections — it just uses the permissions you give it.

Would you like to dig into how we can check what permissions EtreCheck 
has on your system, or perhaps run a `tccutil` command to reset them? 
Let me know how deep you want to go!

=

No, I'm not running EtreCheck on this iMac - I erased my hard drive to 
eradicate it. I don't trust a Developer who will not communicate with me!

=

ChatGPT said:

That makes perfect sense — trust is key, especially when it comes to 
apps with deep system access like EtreCheck. Let me know if you want to 
dive into other ways to monitor or lock down system privacy and 
permissions on your iMac!

[toc] | [standalone]


Back to top | Article view | microsoft.public.test


csiph-web