Apple drops controversial firewall-bypass feature on macOS
Researchers claim the ContentFilterExlusionList posed a huge cyber security risk
Apple has removed a controversial feature in its macOS operating system that allowed more than 50 of its own apps to completely bypass third-party security tools like firewalls and virtual private networks (VPNs).
The ContentFilterExclusionList, introduced in macOS 11 Big Sur, was flagged by the security community and developers late last year as being a potential security risk. This list’s existence in macOS meant traffic generated from Apple software such as Maps and iCloud couldn’t be blocked by a socket filter firewall.
The developer of the Little Snitch firewall tool, Norbert Heger, described this behaviour as “a hole in the wall”.
Patrick Wardle, a security researcher with software firm Jamf, even demonstrated how it may be possible for malware to abuse “excluded” apps to generate web traffic to bypass firewalls.
Those who initially sounded the alarm, including Heger, Wardle and others, have now welcomed Apple’s decision to remove ContentFilterExclusionList with the release macOS 11.2 beta 2.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.