Home / Mac / macOS Big Sur Security and Privacy Guide

macOS Big Sur Security and Privacy Guide

Posted September 21, 2020

Apple will soon release MacOS Big Sur to the public – and it looks like it will provide a number of important security and privacy improvements. In this guide, we’ll tell you everything you need to know about Mac’s new and improved operating system!

About name and number

Ever since 2013, Apple has used landmarks in California to name each new version of their flagship OS, and macOS “Big Sur” is no exception. However, there is one big change this time: the version numbering the system is up to date. Instead of following the old 10.x convention, Big Sur will be the first version of macOS 11 (not to be confused with macOS 10.11 El Capitan). The reason is that Apple sees Big Sur as an important milestone in the development of macOS, and wanted the OS number to reflect that.

Signed system volume

In macOS 1

0.15 Catalina, Apple introduced the read-only system volume, which stored system content in its own separate area to prevent tampering with core OS files. In Big Sur, this protection goes a step further with Signed System Volume (SSV).

SSV uses cryptographic hashing to verify the integrity of all system data when installing, updating, or even starting up macOS Big Sur. In cryptographic hashing, an input value is run through a special mathematical algorithm to produce an output value (this output value is referred to as the “hash value”). Any change to the input value, no matter how small, will result in a completely different hash value – this is what makes cryptographic hashing such a useful tool for verifying the integrity of files.

SSV runs all files in the system volume through the SHA-256 hashing algorithm and then stores the resulting hash values ​​in the file system metadata. During updates and boots, these stored hash values ​​are compared with hase values ​​calculated from the data in the current system volume. Earn should be the same, so if a discrepancy is found, the system knows that there has been some change in the data on the system (indicating possible tampering) and will ask the user to reinstall macOS.

For most users, this will not affect the way they use macOS on a daily basis at all, whether they are updating or just starting up their Mac. But it’s good to know that Apple has made it a little harder for bad actors to mess with your operating system!

Faster updates

In macOS Big Sur, routine software updates will begin in the background, allowing you to continue working on your Mac as part of the update process. In addition, Apple says that the update process will go faster than before.

Because timely updates are critical to good personal security, we would definitely count this as a security upgrade: Faster, simpler updates should encourage a larger percentage of users to enable automatic updates for macOS (and for all apps).

To ensure that you have automatic updates enabled in macOS Big Sur, go to Apple menu > System selection > Software update and tick the box that says Keep my Mac updated automatically. click on Advanced… to see the option to automatically Install app updates from the App Store.

The big phasing out of kext continues …

When macOS Catalina came out last year, one of the big announcements was that core extensions, or “kexts”, would soon be phased out. A kernel extension is a special code that enables third-party developers to extend the functionality of the macOS kernel (the core code of the operating system) to run their apps. Kexts are often used to build device drivers, endpoint security products, and networking.

Apple has always seen keywords as risky because they allow third parties to access the most sensitive part of macOS, which opens up potential stability and security issues. For this reason, Apple decided to replace the keywords with system extensions (for network and endpoint security functionality) and DriverKit (for creating device drivers). Because these tools do not require core-level access – they run in the user area instead – developers now have a more secure way to get the extended core functionality they need.

Newer versions of macOS Catalina display a notification when a key (referred to as an “older system extension”) is first loaded. The user is warned that future versions of macOS do not support the extension, and it is recommended that you contact the developer for more information.

It does not look like Apple is going to do that hero kill keywords when macOS Big Sur rolls out, but they definitely keep moving in that direction. Apple expands list of outdated kernel extensions that have System Extension and DriverKit options – options that developers will be required to use in Big Sur. Apple’s official developer documentation underscores the point of this rather unambiguous message: “In macOS 11 and later, the kernel does not load a key if a corresponding system extension [or DriverKit] solution exists ”.

In short, the keys still hang in macOS Big Sur, but they are well and truly on their way out.

Privacy report in Safari

macOS Big Sur comes with Safari 14, which includes a number of important privacy upgrades.

The Privacy Report feature lets you see which sites are trying to track you around the web (this feature shows trackers that Safari has already blocked, so you do not need to take any further steps to prevent tracking).

To use the privacy report, just go to Safari in the menu bar and click Privacy report. There’s a tab too Websites which lets you see which sites have been trying to track you in the last 30 days, and tells you how many trackers they used. There is also a tab for Sporere, which lets you know which one sporere was seen most frequently on all sites.

To view only the privacy report data for a single site, click Privacy report icon in the Safari toolbar. You will be able to see if a website uses trackers or not, and will be able to click on > Trackers on this web page for more detailed information.

Password monitoring in Safari

If you have stored passwords in Safari, your browser will tell you if there is a problem with any of them. Go to to check for any issues Safari in the menu bar, and then Preferences > Password (you must enter your user password to access this feature).

From here, if you use a weak password, or a password that has appeared in a known data breach, you will see a warning icon next to the problem account. Click on this icon for more information – and then follow the security recommendations that Safari gives you to ensure you use a secure password.

For better password help, Safari can be used to create secure passwords when setting up new accounts. Just click on the small key icon in the form field when you are prompted to enter your new password and you will see an option highlighted Suggest a new password. If you click on this, Safari will automatically generate a strong password for you. Click Use strong password to confirm and save the password in Safari for future reference.

Website access control for Safari extensions

If you have customized Safari with browser extensions, you can now control how much access these extensions have to the web pages you visit. When you land on a webpage you have not visited before, you will be asked to grant an extension access to the page for single use, for a day or all the time. This is useful if there are certain extensions that you only use on a handful of sites, or only use once in a while, but that do not really need full access to your entire web history!

To see a list of Safari extensions and a summary of their permissions, go to Safari in the menu bar, then go to Preferences > Extensions for a list of all installed Safari extensions.

Mac App Store privacy information

Finally, an interesting change comes to the Mac App Store. Starting later this year, all apps in the Mac App Store will need to provide information about their privacy practices, including their data collection and data sharing activities. This information is displayed in a special section of the app’s page in the App Store, so you can learn how an app handles users’ privacy. for you decide to download it. The feature is still under development, so it will not be immediately available when Big Sur is launched this fall, but it is expected in a future OS update before the end of the year.

Looking forward

After macOS Big Sur is released to the public, we will make sure to keep you updated on any issues or bugs that arise, and will let you know when and when new updates become available.

Source link