https://eclecticlight.co/2025/03/12/why-all-this-privacy-protection-an- overview/
//When you run an app, it naturally runs with your full user’s
privileges, and has access to everything according to the permissions
set on folders and files. Just as you want your privileges to give the
Finder and your mail client access to all your emails and their
enclosures, all other apps that you run enjoy those same privileges. But would you also want a third-party note-taking or photo-editing app to
have that same level of access, even without your knowledge? Similarly,
while you want FaceTime to have access to your Mac’s camera and
microphone, would you be happy for any other app to access them without
your being asked?//
ChatGPT says ....
Howard Oakley's article gives a solid rundown of how macOS has evolved
its privacy protection — it’s no longer just about file permissions but about controlling app access to sensitive data and devices. Interesting
to see how macOS 15 Sequoia now re-prompts users about screen recording permissions.
The focus on consent (like giving apps access to your camera or mic)
versus intent (like choosing to save a file in Documents) is a smart way
to break down how Apple handles privacy. And that attribution chain
concept — tracing what app requested access, especially for command-line tools — makes sense, though it must be a headache for devs trying to get everything right.
=
I asked - "Can you see how EtreCheck can get around all this protection?"
=
EtreCheck, like any other macOS app, can’t technically "get around"
these privacy protections — but it can *request* the necessary
permissions and use clever methods to gather system information. Let’s break down how it likely works:
1. **Full Disk Access (FDA):**
EtreCheck guides users to grant it **Full Disk Access** — a powerful permission that lets it bypass many of the privacy barriers protecting locations like `~/Documents`, `~/Downloads`, iCloud Drive, and Time
Machine backups. Once FDA is enabled, EtreCheck can gather detailed information about your disk, logs, and system configuration without
constant consent prompts.
2. **Attribution Chain and Helper Tools:**
EtreCheck may use helper tools or command-line utilities (like `kextstat`, `ps`, or `tccutil`) to gather data. These tools run under
the main app’s permissions, so if the app has FDA, its subprocesses
inherit those privileges through the attribution chain. This lets
EtreCheck access data indirectly — like running shell commands to
inspect running processes or kernel extensions.
3. **Entitlements and Info.plist:**
EtreCheck might include specific **entitlements** baked into its app signature, allowing it to request camera/microphone access or inspect protected folders. The Info.plist likely contains the required consent
dialog text, so macOS knows what to show users when requesting permissions.
4. **Terminal and Scripting:**
If you manually run EtreCheck or any of its tools from Terminal (especially if Terminal has FDA), it gains even more power, as Terminal itself acts as the "parent app" in the attribution chain.
5. **Transparency to Users:**
EtreCheck emphasizes that it’s "safe" by highlighting its read-only nature and the lack of network access — but once you’ve granted it FDA, it can access vast amounts of data. It doesn’t technically "bypass" protections — it just uses the permissions you give it.
Would you like to dig into how we can check what permissions EtreCheck
has on your system, or perhaps run a `tccutil` command to reset them?
Let me know how deep you want to go!
=
No, I'm not running EtreCheck on this iMac - I erased my hard drive to eradicate it. I don't trust a Developer who will not communicate with me!
=
ChatGPT said:
That makes perfect sense — trust is key, especially when it comes to
apps with deep system access like EtreCheck. Let me know if you want to
dive into other ways to monitor or lock down system privacy and
permissions on your iMac!
On 12/03/2025 08:51, David wrote:
https://eclecticlight.co/2025/03/12/why-all-this-privacy-protection-
an- overview/
//When you run an app, it naturally runs with your full user’s
privileges, and has access to everything according to the permissions
set on folders and files. Just as you want your privileges to give the
Finder and your mail client access to all your emails and their
enclosures, all other apps that you run enjoy those same privileges.
But would you also want a third-party note-taking or photo-editing app
to have that same level of access, even without your knowledge?
Similarly, while you want FaceTime to have access to your Mac’s camera
and microphone, would you be happy for any other app to access them
without your being asked?//
ChatGPT says ....
Howard Oakley's article gives a solid rundown of how macOS has evolved
its privacy protection — it’s no longer just about file permissions
but about controlling app access to sensitive data and devices.
Interesting to see how macOS 15 Sequoia now re-prompts users about
screen recording permissions.
The focus on consent (like giving apps access to your camera or mic)
versus intent (like choosing to save a file in Documents) is a smart
way to break down how Apple handles privacy. And that attribution
chain concept — tracing what app requested access, especially for
command-line tools — makes sense, though it must be a headache for
devs trying to get everything right.
=
I asked - "Can you see how EtreCheck can get around all this protection?"
=
EtreCheck, like any other macOS app, can’t technically "get around"
these privacy protections — but it can *request* the necessary
permissions and use clever methods to gather system information. Let’s
break down how it likely works:
1. **Full Disk Access (FDA):**
EtreCheck guides users to grant it **Full Disk Access** — a
powerful permission that lets it bypass many of the privacy barriers
protecting locations like `~/Documents`, `~/Downloads`, iCloud Drive,
and Time Machine backups. Once FDA is enabled, EtreCheck can gather
detailed information about your disk, logs, and system configuration
without constant consent prompts.
2. **Attribution Chain and Helper Tools:**
EtreCheck may use helper tools or command-line utilities (like
`kextstat`, `ps`, or `tccutil`) to gather data. These tools run under
the main app’s permissions, so if the app has FDA, its subprocesses
inherit those privileges through the attribution chain. This lets
EtreCheck access data indirectly — like running shell commands to
inspect running processes or kernel extensions.
3. **Entitlements and Info.plist:**
EtreCheck might include specific **entitlements** baked into its
app signature, allowing it to request camera/microphone access or
inspect protected folders. The Info.plist likely contains the required
consent dialog text, so macOS knows what to show users when requesting
permissions.
4. **Terminal and Scripting:**
If you manually run EtreCheck or any of its tools from Terminal
(especially if Terminal has FDA), it gains even more power, as
Terminal itself acts as the "parent app" in the attribution chain.
5. **Transparency to Users:**
EtreCheck emphasizes that it’s "safe" by highlighting its read-
only nature and the lack of network access — but once you’ve granted
it FDA, it can access vast amounts of data. It doesn’t technically
"bypass" protections — it just uses the permissions you give it.
Would you like to dig into how we can check what permissions EtreCheck
has on your system, or perhaps run a `tccutil` command to reset them?
Let me know how deep you want to go!
=
No, I'm not running EtreCheck on this iMac - I erased my hard drive to
eradicate it. I don't trust a Developer who will not communicate with me!
=
ChatGPT said:
That makes perfect sense — trust is key, especially when it comes to
apps with deep system access like EtreCheck. Let me know if you want
to dive into other ways to monitor or lock down system privacy and
permissions on your iMac!
Views welcomed!
On 12/03/2025 10:00, David wrote:
On 12/03/2025 08:51, David wrote:
https://eclecticlight.co/2025/03/12/why-all-this-privacy-protection-
an- overview/
//When you run an app, it naturally runs with your full user’s
privileges, and has access to everything according to the permissions
set on folders and files. Just as you want your privileges to give
the Finder and your mail client access to all your emails and their
enclosures, all other apps that you run enjoy those same privileges.
But would you also want a third-party note-taking or photo-editing
app to have that same level of access, even without your knowledge?
Similarly, while you want FaceTime to have access to your Mac’s
camera and microphone, would you be happy for any other app to access
them without your being asked?//
ChatGPT says ....
Howard Oakley's article gives a solid rundown of how macOS has
evolved its privacy protection — it’s no longer just about file
permissions but about controlling app access to sensitive data and
devices. Interesting to see how macOS 15 Sequoia now re-prompts users
about screen recording permissions.
The focus on consent (like giving apps access to your camera or mic)
versus intent (like choosing to save a file in Documents) is a smart
way to break down how Apple handles privacy. And that attribution
chain concept — tracing what app requested access, especially for
command-line tools — makes sense, though it must be a headache for
devs trying to get everything right.
=
I asked - "Can you see how EtreCheck can get around all this
protection?"
=
EtreCheck, like any other macOS app, can’t technically "get around"
these privacy protections — but it can *request* the necessary
permissions and use clever methods to gather system information.
Let’s break down how it likely works:
1. **Full Disk Access (FDA):**
EtreCheck guides users to grant it **Full Disk Access** — a
powerful permission that lets it bypass many of the privacy barriers
protecting locations like `~/Documents`, `~/Downloads`, iCloud Drive,
and Time Machine backups. Once FDA is enabled, EtreCheck can gather
detailed information about your disk, logs, and system configuration
without constant consent prompts.
2. **Attribution Chain and Helper Tools:**
EtreCheck may use helper tools or command-line utilities (like
`kextstat`, `ps`, or `tccutil`) to gather data. These tools run under
the main app’s permissions, so if the app has FDA, its subprocesses
inherit those privileges through the attribution chain. This lets
EtreCheck access data indirectly — like running shell commands to
inspect running processes or kernel extensions.
3. **Entitlements and Info.plist:**
EtreCheck might include specific **entitlements** baked into its
app signature, allowing it to request camera/microphone access or
inspect protected folders. The Info.plist likely contains the
required consent dialog text, so macOS knows what to show users when
requesting permissions.
4. **Terminal and Scripting:**
If you manually run EtreCheck or any of its tools from Terminal
(especially if Terminal has FDA), it gains even more power, as
Terminal itself acts as the "parent app" in the attribution chain.
5. **Transparency to Users:**
EtreCheck emphasizes that it’s "safe" by highlighting its read- >>> only nature and the lack of network access — but once you’ve granted >>> it FDA, it can access vast amounts of data. It doesn’t technically
"bypass" protections — it just uses the permissions you give it.
Would you like to dig into how we can check what permissions
EtreCheck has on your system, or perhaps run a `tccutil` command to
reset them? Let me know how deep you want to go!
=
No, I'm not running EtreCheck on this iMac - I erased my hard drive
to eradicate it. I don't trust a Developer who will not communicate
with me!
=
ChatGPT said:
That makes perfect sense — trust is key, especially when it comes to
apps with deep system access like EtreCheck. Let me know if you want
to dive into other ways to monitor or lock down system privacy and
permissions on your iMac!
Views welcomed!
Not everyone seems to like Howard's efforts to help us!
https://discussions.apple.com/thread/256004656?sortBy=rank
Your thoughts, please.
On 12/03/2025 12:40, David wrote:
On 12/03/2025 10:00, David wrote:
On 12/03/2025 08:51, David wrote:
https://eclecticlight.co/2025/03/12/why-all-this-privacy-protection-
an- overview/
//When you run an app, it naturally runs with your full user’s
privileges, and has access to everything according to the permissions
set on folders and files. Just as you want your privileges to give
the Finder and your mail client access to all your emails and their
enclosures, all other apps that you run enjoy those same privileges.
But would you also want a third-party note-taking or photo-editing
app to have that same level of access, even without your knowledge?
Similarly, while you want FaceTime to have access to your Mac’s
camera and microphone, would you be happy for any other app to access
them without your being asked?//
ChatGPT says ....
Howard Oakley's article gives a solid rundown of how macOS has
evolved its privacy protection — it’s no longer just about file
permissions but about controlling app access to sensitive data and
devices. Interesting to see how macOS 15 Sequoia now re-prompts users
about screen recording permissions.
The focus on consent (like giving apps access to your camera or mic)
versus intent (like choosing to save a file in Documents) is a smart
way to break down how Apple handles privacy. And that attribution
chain concept — tracing what app requested access, especially for
command-line tools — makes sense, though it must be a headache for
devs trying to get everything right.
=
I asked - "Can you see how EtreCheck can get around all this
protection?"
=
EtreCheck, like any other macOS app, can’t technically "get around"
these privacy protections — but it can *request* the necessary
permissions and use clever methods to gather system information.
Let’s break down how it likely works:
1. **Full Disk Access (FDA):**
EtreCheck guides users to grant it **Full Disk Access** — a
powerful permission that lets it bypass many of the privacy barriers
protecting locations like `~/Documents`, `~/Downloads`, iCloud Drive,
and Time Machine backups. Once FDA is enabled, EtreCheck can gather
detailed information about your disk, logs, and system configuration
without constant consent prompts.
2. **Attribution Chain and Helper Tools:**
EtreCheck may use helper tools or command-line utilities (like
`kextstat`, `ps`, or `tccutil`) to gather data. These tools run under
the main app’s permissions, so if the app has FDA, its subprocesses
inherit those privileges through the attribution chain. This lets
EtreCheck access data indirectly — like running shell commands to
inspect running processes or kernel extensions.
3. **Entitlements and Info.plist:**
EtreCheck might include specific **entitlements** baked into its
app signature, allowing it to request camera/microphone access or
inspect protected folders. The Info.plist likely contains the
required consent dialog text, so macOS knows what to show users when
requesting permissions.
4. **Terminal and Scripting:**
If you manually run EtreCheck or any of its tools from Terminal
(especially if Terminal has FDA), it gains even more power, as
Terminal itself acts as the "parent app" in the attribution chain.
5. **Transparency to Users:**
EtreCheck emphasizes that it’s "safe" by highlighting its read-
only nature and the lack of network access — but once you’ve granted >>>> it FDA, it can access vast amounts of data. It doesn’t technically
"bypass" protections — it just uses the permissions you give it.
Would you like to dig into how we can check what permissions
EtreCheck has on your system, or perhaps run a `tccutil` command to
reset them? Let me know how deep you want to go!
=
No, I'm not running EtreCheck on this iMac - I erased my hard drive
to eradicate it. I don't trust a Developer who will not communicate
with me!
=
ChatGPT said:
That makes perfect sense — trust is key, especially when it comes to >>>> apps with deep system access like EtreCheck. Let me know if you want
to dive into other ways to monitor or lock down system privacy and
permissions on your iMac!
Views welcomed!
Not everyone seems to like Howard's efforts to help us!
https://discussions.apple.com/thread/256004656?sortBy=rank
Your thoughts, please.
Quite a number of posts now - NONE made by me!
Any thoughts, folks?
Yes - you can get paranoiac about privacy. I have bookmarked the article but prefer not to fiddle. If it ain't broke, don't fix it.
On 13/03/2025 12:00, John Hill wrote:
[....]
Yes - you can get paranoiac about privacy. I have bookmarked the
article but
prefer not to fiddle. If it ain't broke, don't fix it.
I've never been worried about privacy. It is about *security* that I
have my concerns.
In case you've not looked, this is what John Daniel ('etresoft') has
recently posted in that thread:-
etresoft
User level: Level 9
53,112 points
Mar 13, 2025 12:47 PM in response to g_wolfman
What do any of us know really? The only thing that anyone knows for
certain about this thread is that it is of great interest to a certain notorious cyberstalker. You might not know his name (he has dozens of aliases), but he certainly knows yours. Stalker claims that he isn't "kpavel", just his "real-life chum".
Do we take Stalker at his word? Truth and lie are irrelevant to him. Statements are either effective stalking and harassment strategies or
they are not. That's all that matters. Software update, social media influencers, older people - they are all just tools of harassment. You
can only assist in his decade-long harassment campaign, or become a new target.
==
The original thread starter, Pavel (Paul) is a Ukrainian who is employed
by AgeUK. He visits Seachange here in Budleigh each Wednesday morning to provide free help and advice to the old folk in the surrounding area.
I've known him for some months now. He was a solicitor in Kiev (Kyiv)
but has come here with his wife and three children to escape the war.
His brother is still there and fighting at the front-line for both of them.
https://www.seachangedevon.org/
| Sysop: | Keyop |
|---|---|
| Location: | Huddersfield, West Yorkshire, UK |
| Users: | 714 |
| Nodes: | 16 (2 / 14) |
| Uptime: | 141:17:42 |
| Calls: | 12,087 |
| Files: | 14,998 |
| Messages: | 6,517,442 |