Big Sur apparently allowed Mac apps to get around VPNs, meaning some data got leaked out of the tunnel. Did it affect all VPN apps, though? Let’s find out. Continue reading →
Big Sur had a pretty rocky start. Once installed, it actually allowed up to 56 Mac apps to bypass third-party security solutions – like VPNs and firewalls.
Basically, even though you were using a VPN while running an app like iCloud or Siri, a lot of data would leak out of the VPN tunnel. That means Apple would see your IP address and what country you’re using their apps from.
Not to mention hackers would just need to find a vulnerability in one of Apple’s apps, and they’d be able to take over your device since they’d bypass your firewall. Or they could take advantage of the fact that your VPN is leaking data, and spy on your traffic to steal sensitive information.
Want to learn exactly what happened? We’ll tell you all you need to know in this article.
Apparently the Big Sur update came with a special key called “ContentFilterExclusionList.” That key is a part of the NetworkExtension API which a lot of security tools like VPNs and firewalls now use.
Essentially, here’s how the ContentFilterExclusionList key affects firewalls and VPNs:
Time for some good news – this update doesn’t impact all VPN services! It only affects VPNs that use the NetworkExtension API. Luckily, it’s not mandatory for them to do so. As a result, many VPN providers avoided it, and used different methods (utun devices or PFCTL, just to name a few examples).
Those services are not susceptible to Big Sur’s forced traffic leaks. You can safely use Mac apps with them without having to worry about your data being compromised. Also, it looks like Apple’s built-in VPN wasn’t susceptible to traffic leaks either.
If you need help finding the best VPNs for Mac computers, just follow that link. It’s a guide from ProPrivacy (a leading VPN review site) that showcases VPNs that work extremely well on Mac devices. ProPrivacy even interviewed most of the providers on that list to confirm that their services can’t be compromised by Big Sur.
Yes – Apple got rid of this problem when they launched the Big Sur 11.2 update. To make Mac apps fully compatible with firewalls and VPNs, Apple simply deactivated the ContentFilterExclusionList key.
Besides that security issue, Apple also fixed numerous other bugs – like System Preferences not unblocking when you enter your admin password, or iCloud Drive turning off because you disabled the iCloud Drive Desktop & Documents Folders option.
Apple also fixed other security flaws – like a user being able to rejoin an iMessage group even though they were removed from it. To read about all the improvements, check out this support article from Apple.
To update to Big Sur 11.2, just do this:
Now just wait for the update to finish downloading and installing. Depending on your speeds, it could take a bit since it’s around 3.66GB.
While Big Sur brought a lot of improvements, it also endangered user data by allowing Mac apps to bypass firewalls and VPNs. Luckily, not all VPN clients were affected, and Apple solved this problem with the Big Sur 11.2 update (so be sure to download and install it ASAP).
If we forgot to mention anything about the Big Sur security issue, please let us know in the comments.
These gadgets owing to their small size, can also be used to spy on other…
What do you write in the "Personal qualities" section of your resume, and how seriously…
With the GotPrint mobile app, you don't need any third-party printing app to print your…