Big Sur definitely brought a lot of improvements. You got new icons, better performance, new and updated sounds, redesigned sheets, and more.
But did you also know that Big Sur suffered a privacy issue when it first launched?
Yep – the new update actually made it possible for Mac apps to bypass third-party security software like VPNs and firewalls. We’ll tell you all about this in this quick five-minute article.
What Did Big Sur Do to VPNs, Exactly?
Apparently, the update involved a troublesome key: ContentFilterExclusionList. It was part of the NetworkExtension API which a lot of security tools use.
So here’s what went wrong – that key allowed native Mac apps (like FaceTime and iCloud) to bypass the VPN tunnel. They’d pretty much communicate with Apple’s servers directly instead of doing it through the VPN. To get an idea of what we mean, here’s how the connection should normally look like via a VPN:
Mac à ISP Network à VPN Server à Apple’s Servers
And here’s how it looked like after the Big Sur update:
Mac à ISP Network à Apple’s Servers
So any app data would be leaked outside the encrypted tunnel. That means Apple would get your real IP even though you were using a VPN. And it would see how you were using their apps, and from where you were doing it.
But imagine if you would have used Mac apps over unsecured public WiFi! Hackers would have been able to spy on all the data that was leaked outside the VPN connection. Who knows what kind of sensitive information they would have gotten their hands on?
Read next: 21 Must-Have Tech Skills for the Modern Age
Can You Use a VPN with Big Sur?
Despite all those issues, you can actually safely use a VPN while also running Big Sur. You just have to make sure you use a good one that’s not susceptible to leaking your data when you’re using Apple’s apps.
Basically, as long as a VPN doesn’t use the problematic API, it should be fine. You won’t experience any leaking.
What are some good Mac VPNs then? Especially considering all of the above.
To find out, just follow that link. It’s a guide to the most popular Mac VPNs on the market written by ProPrivacy (a very big VPN review site). They actually interviewed most of the providers on that list to make sure their services work well with Big Sur.
Did Apple Fix the Bypassing Issues?
Yes. They fixed this problem with a new update: Big Sur 11.2. The new version deactivates the ContentFilterExclusionList key which started this whole problem.
So if you haven’t already, make sure you update to Big Sur 11.2. If you’d like to see what other improvements this new version bring, just check out this article.
The TL;DR Version
Apple made a huge mistake when they released Big Sur – it actually allowed Apple’s apps to bypass VPNs and firewalls. Luckily, many VPNs found a workaround. And Apple fixed this problem in the Big Sur 11.2 update.
Want something to mention here, please let us know in the comments. Also, if you’d like to recommend any specific Mac VPNs, please do so.