Apple Hides Traffic of Some of Its Own Apps in Big Sur

Originally published at: Apple Hides Traffic of Some of Its Own Apps in Big Sur - TidBITS

TripMode developer David Dudok de Wit has discovered that Apple prevents application-level firewalls from monitoring or even measuring traffic from over 50 Apple apps and processes. It’s yet another way that Apple blocks developers from providing features that users want.


Apple’s coding and security have slipped enough that this year I ceased recommending Macs to most people and now suggest they should compare Windows and linux too. If this change goes through, I shall follow my own advice and consider running another system on our computers. It is one thing to forgo basic controls like this on a phone or tablet, but it is quite another on a computer.

1 Like

The HoudahSpot link should probably be this. (My post on the Mail issue is here. My post on the network filtering issue here.)


That’s better, thank you! I’ll update it…

1 Like

That’s nothing, Apple put dtrace into Mac OS X since the beginning but hobbled it so it couldn’t be used to debug iTunes DRM.

The dtrace live debugger can examine EVERYTHING at run time. It’s not hobbled on Solaris and other platforms. Just on Apple macOS.

1 Like

I’m a little confused by the Apple feedback page that I was directed to by your link. It asked me if I want to comment on the beta and another question (cannot recall), which I can’t seem to bypass to simply make a general feedback comment. Sorry to sound like a newbie, but I would like to comment on the issue this thread brings up.

The Apple feedback page that I was directed to by your link was blocked by:

Certificate Error
The server certificate is untrusted!

I am running MRT 1.68 and XProtect 2133.

You have to be signed up as a macOS beta tester of some flavor in order to use Feedback Assistant.

Not seeing any certificate issues with that link. That response doesn’t come from either MRT or XProtect. Are you a beta tester?

No, I’m not a beta tester. I am a translator for TidBITS-Japanese, and I was checking the links in the article. I simply clicked the Feedback Assistant link in the ExtraBITS article, and got the error, both from Safari 13.1.2 and iCab 6.0.4.

Interesting. I just visited the link. It asked me to log in with my Apple ID, but I was able to log in. I am in the developer program (free tier), but have never joined any beta program. I found a record of three bug reports I filed over the years via their old “bugreport” site (which appears to be down, probably replaced by the Feedback Assistant).

If you’re seeing a certificate error, then it may be a temporary situation. FWIW, I’m running Firefox 82 on macOS Catalina on a 2018 Mac mini.

I too have been grandfathered into the free developer program from almost twenty years ago, so can use Feedback Assistant. BugReports became Radars then were merged into FA for simplification purposed perhaps a year ago.

Sorry about pointing people to Feedback Assistant without remembering that it required having signed up for a beta test account. You can also submit feedback about macOS via this link:

Patrick Wardle is saying that Apple’s exclusion list could be abused by malware. I won’t pretend to understand how his screenshots illustrate this, but he’s a smart guy and I generally trust what he says.

Happy day—Apple has reversed course on this approach. Patrick Wardle explains in Hooray, no more ContentFilterExclusionList.


Hooray, Little Snitch rules again.