Apple's Operating Systems Are Malware
Malware means software designed to function in ways that mistreat or harm the user. (This does not include accidental errors.) This page explains how the software in Apple's computer products are malware.
Malware and nonfree software are two different issues. The difference between free software and nonfree software is in whether the users have control of the program or vice versa. It's not directly a question of what the program does when it runs. However, in practice nonfree software is often malware, because the developer's awareness that the users would be powerless to fix any malicious functionalities tempts the developer to impose some.
Type of malware
- Back doors
- Digital restrictions management or “DRM” means functionalities designed to restrict what users can do with the data in their computers.
- Jails—systems that impose censorship on application programs.
- Tyrants—systems that reject any operating system not “authorized” by the manufacturer.
Apple Back Doors
Mac OS X had an intentional local back door for 4 years, which could be exploited by attackers to gain root privileges.
The iPhone has a back door that allows Apple to remotely delete apps which Apple considers “inappropriate”. Jobs said it's OK for Apple to have this power because of course we can trust Apple.
The iPhone has a back door for remote wipe. It's not always enabled, but users are led into enabling it without understanding.
Apple used its censorship system to enforce Russian surveillance by blocking distribution of the LinkedIn app in Russia.
This is ironic because LinkedIn is a surveillance system itself. While subjecting its users to its own surveillance, it tries to protect its users from Russian surveillance, and is therefore subject to Russian censorship.
However, the point here is the wrong of Apple's censorship of apps.
Apple used its censorship system to enforce China's censorship by blocking distribution of the New York Times app.
Apple censors games, banning some games from the cr…app store because of which political points they suggest. Some political points are apparently considered acceptable.
Apple banned a program from the App Store because its developers committed the enormity of disassembling some iThings.
Apple rejected an app that displayed the locations of US drone assassinations, giving various excuses. Each time the developers fixed one “problem”, Apple complained about another. After the fifth rejection, Apple admitted it was censoring the app based on the subject matter.
This particular political slant affects other Apple services.
A vulnerability in Apple's Image I/O API allowed an attacker to execute malacious code from any application which uses this API to render a certain kind of image file.
A bug in the iThings Messages app allowed a malicious web site to extract all the user's messaging history.
Various proprietary programs often mess up the user's system. They are like sabotage, but they are not grave enough to qualify for the word “sabotage”. Nonetheless, they are nasty and wrong. This section describes examples of Apple committing interference.
Apple forced millions of iThings to download a system upgrade without asking the users. Apple did not forcibly install the upgrade but the downloading alone caused lots of trouble.
Proprietary companies can take advantage of their customers by imposing arbitrary limits to their use of the software. This section reports examples of hard sell and other unjust commercial tactics by Apple.
Apple Siri refuses to give you information about music charts if you're not an Apple Music subscriber.
The wrongs in this section are not precisely malware, since they do not involve making the program that runs in a way that hurts the user. But they are a lot like malware, since they are technical Apple actions that harm to the users of specific Apple software.
The iPhone 7 contains DRM specifically designed to brick it if an “unauthorized” repair shop fixes it. “Unauthorized” essentially means anyone besides Apple.
The article uses the term “lock” to describe the DRM, but we prefer to use the term digital handcuffs.
The Apple Music client program scans the user's file system for music files, copies them to an Apple server, and deletes them.
Apple stops users from fixing the security bugs in Quicktime for Windows, while refusing to fix them itself.
iOS version 9 for iThings sabotages them irreparably if they were repaired by someone other than Apple. Apple eventually backed off from this policy under criticism from the users. However, it has not acknowledged that this was wrong.
An Apple firmware “upgrade” bricked iPhones that had been unlocked. The “upgrade” also deactivated applications not approved by Apple censorship. All this was apparently intentional.
Apple proposes a fingerprint-scanning touch screen — which would mean no way to use it without having your fingerprints taken. Users would have no way to tell whether the phone is snooping on them.
iPhones send lots of personal data to Apple's servers. Big Brother can get them from there.
The iMessage app on iThings tells a server every phone number that the user types into it; the server records these numbers for at least 30 days.
Users cannot make an Apple ID (necessary to install even gratis apps) without giving a valid email address and receiving the verification code Apple sends to it.
iThings automatically upload to Apple's servers all the photos and videos they make.
iCloud Photo Library stores every photo and video you take, and keeps them up to date on all your devices. Any edits you make are automatically updated everywhere. [...]
There is a way to deactivate iCloud, but it's active by default so it still counts as a surveillance functionality.
Apple has made various MacOS programs send files to Apple servers without asking permission. This exposes the files to Big Brother and perhaps to other snoops.
It also demonstrates how you can't trust proprietary software, because even if today's version doesn't have a malicious functionality, tomorrow's version might add it. The developer won't remove the malfeature unless many users push back hard, and the users can't remove it themselves.
Various operations in the latest MacOS send reports to Apple servers.
Spyware in MacOS: Spotlight search sends users' search terms to Apple.
The iBeacon lets stores determine exactly where the iThing is, and get other info too.
Apple can, and regularly does, remotely extract some data from iPhones for the state.
DRM (digital restrictions mechanisms) in MacOS. This article focuses on the fact that a new model of Macbook introduced a requirement for monitors to have malicious hardware, but DRM software in MacOS is involved in activating the hardware. The software for accessing iTunes is also responsible.
DRM that caters to Bluray disks. (The article focused on Windows and said that MacOS would do the same thing subsequently.)
iOS, the operating system of the Apple iThings, is a jail for users. That means it imposes censorship of application programs.
Apple has used this power to censor all bitcoin apps for the iThings.
Apple, in the iThings, pioneered the practice of general purpose computers that are jails, and the term comes from iThing users, who referred to escaping from the censorship as “jailbreaking.”
Here is an article about the code signing that the iThings use to jail the user.
Curiously, Apple is beginning to allow limited passage through the walls of the the iThing jail: users can now install apps built from source code, provided the source code is written in Swift. Users cannot do this freely because they are required to identify themselves. Here are details.
While this is a crack in the prison walls, it is not big enough to mean that the iThings are no longer jails.
Apple arbitrarily blocks users from installing old versions of iOS.
The iThings are tyrant devices: they do not permit installing a different or modified operating system. There is a port of Android to the iThings, but installing it requires finding a bug or “exploit” to make it possible to install a different system.
“Dark patterns” are user interfaces designed to mislead users, or make option settings hard to find.
This allows a company such as Apple to say, “We allow users to turn this off” while ensuring that few will understand how to actually turn it off.