The inclusion of a single feature has had the security community and public beta users in an uproar over Apple’s security practices. Before we get into the main topic, here’s a quick summary of the changes in Big Sur 11.2.
What’s New in Big Sur 11.2?
Not many exciting new changes this update (aside from improved Bluetooth functionality), but the patch addresses the following issues:
- External monitors now function properly on Mac mini M1 when connected through an HDMI to DVI adapter
- Apple ProRAW photo edits would sometimes not save – this has been remedied
- iCloud Drive no longer switches off when the iCloud Drive Desktop & Documents Folders option is disabled
- System Preferences now properly unlock after inputting your admin password
- Pressing the Globe key now correctly displays the Emoji & Symbols pane
Of course, the biggest change wasn’t mentioned in Apple’s patch notes – the removal of the ContentFilterExclusionList component found in the second beta version of Big Sur 11.2. Then again, ZDNet reports that Apple didn’t intend to include the feature in the final version. It was simply meant to help engineers fix some bugs before the final release.
What’s the Deal with VPNs on Big Sur 11.2?
Simply put, the ContentFilterExclusionList feature (as its name implies) excluded Apple applications from security scans and similar behaviors. Using a VPN? iCloud and similar apps would no longer have their traffic routed through the VPN tunnel. This could lead to harmful data leaks, especially on public Wi-Fi where hackers may continuously eavesdrop on your connection. Even firewalls weren’t safe – apps included on the list could easily bypass user-created security filters.
This also affected anti-malware software. Security experts were worried that cyber criminals would create malicious code that attaches itself to first-party apps. Since they could no longer be scanned for viruses, you’d never become aware of any malware infections on your Mac.
Yes, malware is much rarer on Apple devices, but not unheard of. Just this January Apple quietly announced that iOS devices were actively exploited by hackers through several security exploits.
Which Providers Were Affected by the Issue?
Fortunately, a lot of top Mac VPN providers were not impacted by the inclusion of the component. The only VPN clients affected were ones that used the NEFilterDataProvider and NEAppProxyProvider extensions. Providers such as CyberGhost VPN and Surfshark were among those that needed to investigate the issue further, and make changes to their clients as needed.
NordVPN, ExpressVPN, Private Internet Access, and other VPNs do not use the macOS Network Extension APIs. As such, network traffic from first-party apps was correctly routed through their VPN tunnel.
Seeing as Apple has removed the exclusion list entirely, it’s now completely safe to use a VPN on Big Sur 11.2 and beyond. Naturally, you need to be careful of your VPN choice if you want to remain completely secure. Here’s the main thing you should look out for.
Free Mac VPNs – Are They a Good Idea?
Not exactly. While the price tag may seem tempting, you could end up paying way more than a simple subscription in damages. At least that’s the situation over 20 million free VPN users found themselves in, when seven Hong Kong providers leaked the following data online:
- User browsing histories and location data
- IP and home addresses
- Passwords in plain-text format
- Emails and payment info
This isn’t just an isolated incident either. According to a group of researchers, many free VPNs on the App Store are in violation of Apple’s Review guidelines. If that wasn’t enough, the same research reveals that nearly 60% of the most downloaded free Mac VPNs are owned by Chinese firms or private individuals. China is known for its heavily anti-VPN stance, so any data collected by such VPNs could very easily end up in the hands of the Chinese government.
Otherwise, your private browsing activity and location data could simply be sold off to advertising networks. And yes, it’s completely legal for free VPNs to do so as long as their privacy policy discloses their data-sharing practices.
Of course, not even reading VPN terms of service all day will guarantee that your data stays safe. How so? Well, remember the Hong Kong VPNs we mentioned earlier? All of their privacy policies claimed they didn’t store any user-related information.
Many “free” apps collect way more data about you than is needed for proper functionality, in direct contrast to what VPNs are supposed to accomplish. That is, to safeguard your private information from hackers and greedy ISPs trying to sell your data.
Upcoming Features in Big Sur 11.3
Let’s end on a more positive note and talk about the next big changes to macOS. The new Big Sur update which is expected to launch at the end of March promises to be more feature-rich than its predecessor. Here are some of the more noteworthy additions.
As expected, the patch adds several fixes and optimizations, especially for those trying to run iOS apps on M1 Macs. Users may now turn touch inputs (including taps, swipes, and drags) into keyboard commands by using the Touch Alternatives option.
Second of all, Apple has introduced more in-depth ways to customize Safari, such as rearranging your Favorites, Siri Suggestions, Reading List, and other Start Page sections. Meanwhile, devs received new tools to create Start Page features, as well as a Web Speech API – perfect for developing pages with speech recognition.
Gaming enthusiasts will be pleased to hear Big Sur now supports the new Xbox Series X/S and PlayStation 5 DualSense controllers. Apple Music users can finally stop worrying about their playlists suddenly stopping, with the addition of the new autoplay feature. It’s pretty much similar in function to the one added to iOS 14.
Perhaps the biggest news, however, is the addition of WebM support to Safari, nearly 11 years after its initial launch. Well, big news to those who aren’t using Google Chrome, Firefox, or other browsers at least. In any case, this means you won’t have to download WebM files and use a separate media player anymore. Still no WebM support on iOS devices yet, but fingers crossed they’ll resolve that soon