My Mac contacted 63 different Apple owned domains in an hour, while not is use

Original Article ↗ Hacker News Discussion ↗

Scope of the Concern: “Chatty” macOS

  • Original complaint: a Mac contacted 63 Apple-owned domains in an hour while idle.
  • Many commenters say this is unsurprising for a modern, integrated OS: background updates, iCloud sync, push notifications, anti‑theft, malware lists, news/weather widgets, etc.
  • Others find the volume and opacity disturbing, especially when they don’t use many of those services (HomeKit, News, Weather still phone home unless actively disabled).

Apple vs Microsoft vs Linux

  • Several note Windows telemetry is more extensive and more obviously tied to advertising and “spyware” behavior; others push back that both OSes mix “functional” and telemetry endpoints.
  • Link to Microsoft’s documented endpoint list is cited to show they at least explain most domains.
  • Linux desktops are described as comparatively “quiet” by default: little or no built‑in telemetry, and distros like Debian patch it out.
  • But once you install cloud‑backed apps (Spotify, VS Code, Steam), Linux networks can look similarly chatty.

User Expectations vs Privacy

  • Defenders argue: users expect up‑to‑date weather/news, instant notifications, cloud backup, cross‑device sync; this implies constant connectivity and background work, ideally when the machine is idle.
  • Critics counter: most of this could be on-demand, opt‑in, and easy to turn off; the always‑on behavior plus poor controls looks like a “benevolent dictator” model where the vendor effectively owns the machine.
  • Blocking Apple domains often breaks features; some see that as evidence the platform isn’t truly user‑controlled.

Trust, Telemetry, and Encryption

  • One camp says using macOS without trusting Apple is irrational; another calls that a false dichotomy and frames it as risk management and compartmentalization (e.g., Windows only for gaming).
  • Debate over whether Apple “sells data,” with the Google search deal cited as selling access, if not raw data.
  • Long subthread on how much of Apple’s ecosystem is truly end‑to‑end encrypted and whether Apple can unlock devices; views range from “real E2E for some services” to deep mistrust of Apple’s claims.
  • Some note a subset of Apple traffic (e.g., captive portal checks, certain device setups) is unencrypted and can leak metadata.

Control Tools and Practical Limits

  • Tools like Little Snitch and LuLu are recommended for per‑process blocking, but some Apple traffic can bypass or is hard to attribute (e.g., generic system daemons).
  • Commenters with constrained bandwidth or privacy priorities describe switching to Linux/NetBSD for transparency and minimal unsolicited network activity.
  • Several argue that for most users, fully escaping “big tech” connectivity is unrealistic; attempting to do so becomes a full‑time job.