Apple eradicates feature that allowed apps to bypass firewalls and VPNs on Big Sur
- The American multinational tech giant has uprooted the privacy loophole after Big Sur bet privacy upgrade.
- Security researchers group led by Patrick Wardle noted the iPhone maker has amputated ContentFilterExclusionList in macOS 11.2 and recovered its operating system.
- Apple has saved its users from a major setback—following heavy criticism from security researchers.
Best known for its features—especially privacy—Apple has once again proved that it does not compromise on security. Back in Oct. 2020, news broke out that revealed that Apple’s Big Sur had a defect that allowed attackers to bypass content filters and VPNs.
A Big Sur user named Maxwell tweeted firstly that he noticed certain Apple Apps were bypassing network extensions and VPNs. Finally, on January 14, 2021 (after three months), a security researcher named Patrick Wardle confirmed Apple had removed a contentious feature that created a severe problem for Big Sur users. Wardle tweeted:
The ContentFilterExclusionList list has been removed (in macOS 11.2 beta 2)!!
This means socket filter firewalls (such as LuLu) can now comprehensively monitor & block all network traffic)
— patrick wardle (@patrickwardle) January 13, 2021
Where did Apple’s macOS lag?
Apple has provided top-notch security features over the years. With the evolution of technology, there are still many gaps to fill—even for a tech giant like Apple.
The virus that broke into Apple’s macOS 11, ContentFilterExclusionList, intoxicated around 53 apps, which included App Store, iCloud, and Maps—to name a few.
When this matter came into the news, security researcher Patrick Wardle remonstrated Big Sur’s risk and said he was waiting for this to happen. Wardle claimed Apple already knew about this security risk—before Big Sur’s release.
Several other security experts had warned that macOS 11 users’ IP addresses could get exposed. In the meantime, various malware attacks might have happened and got into users’ identities. However, Apple was still quick enough to react and stopped something big to happen. A couple of VPNs, including Proton VPN and Mullvad, claimed that they came across such a feature for the first time.
How did the iPhone maker respond?
Apple has a loyal customer base. Its users believe whatever the company offers. The company owns the customers and knows that such privacy issues could create a barrier between them.
Researchers confirmed that Apple took the necessary actions and resolved the issue. The company said the Big Sur issue was temporary. Apple’s representative highlighted that the loophole resulted from bugs in Apple applications.
Following the macOS 11.2 beta update, all Apple apps are subject to security tools and firewalls. Also, it will support VPNs once again.
However, the tech giant has provided no evidence or details of the malware attack so far. The bugs centered on Apple apps disapproving network kernel extensions (NKEs) in Big Sur.
Apple claims that no such issue would happen again. However, the actual response of users will notify the recovery of software lags.
About the author
Tech researcher and writer with a passion for cybersecurity. Alex is a strong advocate of digital freedom and online privacy.