The inclusion of just one feature caused an outcry from the security community and public beta users over Apple’s security practices. Before we get into the main topic, here’s a quick summary of the changes to Big Sur 11.2.
What’s new in Big Sur 11.2?
There aren’t many exciting new changes in this update (aside from improved Bluetooth functionality), but the patch fixes the following issues:
- External monitors now work correctly on Mac mini M1 when connected through an HDMI to DVI adapter
- Sometimes Apple ProRAW photo edits weren’t saved – this has been fixed
- iCloud Drive no longer turns off when iCloud Drive Desktop & Documents Folders option is disabled
- System Preferences now unlock correctly after entering your administrator password
- Pressing the Globe key now correctly displays the Emoji and Symbols pane
Of course, the biggest change wasn’t mentioned in Apple’s patch notes – the removal of the ContentFilterExclusionList component found in the second beta of Big Sur 11.2. Then again, ZDNet reports that Apple had no plans to include the feature in the final version. It was simply meant to help engineers fix some bugs before the final release.
What’s wrong with VPNs on Big Sur 11.2?
Simply put, the ContentFilterExclusionList feature (as the name suggests) excluded Apple apps from security scans and similar behaviors. Are you using a VPN? iCloud and similar apps would no longer see their traffic routed through the VPN tunnel. This could lead to harmful data leaks, especially on public Wi-Fi where hackers can continually eavesdrop on your connection. Even firewalls weren’t secure – apps included in the list could easily bypass user-created security filters.
It also affected anti-malware software. Security experts feared that cybercriminals could create malicious code that attaches to proprietary applications. Since they can no longer be scanned for viruses, you will never be aware of malware infections on your Mac.
Yes, malware is much rarer on Apple devices, but not unheard of. Back in January, Apple quietly announced that iOS devices were being actively exploited by hackers through multiple security exploits.
Which suppliers have been affected by the problem?
Fortunately, many top Mac VPN providers weren’t affected by the component’s inclusion. The only VPN clients affected were those using the NEFilterDataProvider and NEAppProxyProvider extensions. Providers such as CyberGhost VPN and Surfshark were among those who needed to dig deeper into the issue and make changes to their customers if needed.
ExpressVPN, Private Internet Access, and other VPNs (see more of them here) don’t use macOS network extension APIs. As such, network traffic for proprietary applications was successfully routed through their VPN tunnel.
Since Apple has removed the exclusion list entirely, it is now completely safe to use a VPN on Big Sur 11.2 and beyond. Of course, you have to be careful with your choice of VPN if you want to stay completely secure. Here is the main thing to watch out for.
Free Mac VPNs – Are They a Good Idea?
Not exactly. While the price may seem tempting, you could end up paying a lot more than just a subscription in damages. At least that’s the situation over 20 million free VPN users found themselves in, when seven providers in Hong Kong disclosed the following data online:
- User browsing history and location data
- IP and home addresses
- Passwords in plain text format
- Emails and payment information
It is not an isolated incident either. Many free VPNs on the App Store violate Apple’s review guidelines, according to a group of researchers. If that wasn’t enough, the same research reveals that nearly 60% of the most downloaded free Mac VPNs are owned by Chinese companies or individuals. China is known for its strong anti-VPN stance, so any data collected by these VPNs could very easily end up in the hands of the Chinese government.
Otherwise, your private browsing activity and location data could simply be sold to ad networks. And yes, it’s completely legal for free VPNs to do so as long as their privacy policies disclose their data sharing practices.
Of course, even not reading the VPN terms of service all day will ensure that your data stays safe. How? ‘Or’ What? Well, remember the Hong Kong VPNs we mentioned earlier? All of their privacy policies stated that they did not store any user information.
Many “free” apps collect much more data about you than is necessary for proper functionality, unlike what VPNs are supposed to accomplish. In other words, to protect your private information from hackers and greedy ISPs who try to sell your data.
Features coming in Big Sur 11.3
Let’s end on a more positive note and talk about the next big changes to macOS. Big Sur’s new update, due to launch in late March, promises to be more feature-rich than its predecessor. Here are some of the more notable additions.
As expected, the patch adds several fixes and optimizations, especially for those trying to run iOS apps on M1 Macs. Users can now turn touch inputs (including taps, swipes, and swipes) into keyboard commands using the Touch Alternatives option.
Second, Apple introduced more detailed ways to customize Safari, such as rearranging your favorites, Siri suggestions, reading list, and other sections on the start page. Meanwhile, developers received new tools for building start page functionality, as well as a Web Speech API – perfect for developing pages with speech recognition.
Gaming enthusiasts will be happy to hear that Big Sur now supports the new Xbox Series X / S and PlayStation 5 DualSense controllers. Apple Music users can finally stop worrying about their playlists suddenly stopping, with the addition of the new AutoPlay feature. Its operation is quite similar to that added to iOS 14.
Perhaps the biggest news, however, is the addition of WebM support to Safari, almost 11 years after its initial launch. Well, great news for those who don’t use Google Chrome, Firefox, or other browsers at least. Either way, that means you won’t have to download WebM files and use a separate media player anymore. Still no WebM support on iOS devices, but fingers crossed they will fix it soon.