Minimizing macOS Telemetry

Both Apple and Microsoft collect hundreds of user metrics when we use macOS and Windows operating systems. They receive constant data about the apps we open, our location, any network configurations, connected devices, and our overall behaviors. This is why I never associate an AppleID with my Macbook Pro. I install software through Brew and have no need for the App Store. This prevents Apple from storing telemetry from my computer within an Apple account which eliminates much of the privacy invasion. However, this does not prevent Apple from collecting data from my machine during every minute of usage. For that we need a network firewall such as Little Snitch or Lulu.

I have explained Little Snitch in my books and on my show. It is a premium ($) product which I have used for many years. Lulu is a free option which may also suffice for most users. For this demonstration, I explain my actions through Little Snitch, but you could probably replicate with Lulu. Never install both Little Snitch and Lulu! Pick only one.

Little Snitch allows us to block network connection within specific applications. I have previously explained how I block Microsoft Office and Adobe products from sending out any data during usage. This prevent Microsoft and Adobe from knowing the names of files I am creating, my IP address, and other sensitive data. This is the traditional purpose for apps such as Little Snitch. However, we can use these apps to minimize much of Apple's invassive telemetry if we are willing to push the balance of privacy versus functionality.

First, I modified Little Snitch's default system setting within the "Rules" menu. You cannot delete the rules which allow basic macOS and iCloud functionality, but you can disable them by unchecking the options as seen below. This will immediately prevent iCloud and online Apple services from functioning properly, but I don't mind. Since I do not have an Apple ID associated with my machine, I am not using iCloud anyway.

You will likely now begin receiving popup messages from Little Snitch asking if you want to allow specific connections, such as "itunescloudd" attempting to connect to icloud.com. Even if you never use iTunes, iCloud, or Apple Music, your Mac computer is constantly sending data to Apple servers about your online activities. I believe this should be blocked. Below are the various Apple services which I blocked. While I could have blocked "All" outgoing connections for these apps, I usually choose to only block the domain which is trying to be accessed. This way, I can be alerted if a new domain is trying to be reached. In the following screen captures, you can see that I am blocking data from being transmitted from the App Store, Find My App, Music, News, Notes, Podcasts, and Stocks. Obviously, you would not want to do this if you use any of these apps. I do not. Furthermore, I am blocking data from being transmitted by underlying services such as calendar, commerce, cloud, games, and parsce-fbf (Siri).

There were a few settings which I did not disable, such as trustd (confirms security certificates for apps), timed (synchronizes time), softwareupdated (updates operating system), and a few others. I also had a lot of connection problems when I completely blocked mDNSResponder. Therefore, I allowed my DNS (1.1.1.1) but blocked everything else, as seen below. This prevents Apple servers from receiving data sent from software but allows those applications to connect to the internet.

This does not prevent 100% of Apple telemetry, but it eliminates much of it. I do not claim that these settings are optimal or appropriate for everyone. I only share the Apple telemetry which I blocked without limiting any daily functionality for my usage. Expect several annoyances as you find your perfect settings. I plan to continue further manual blocks until I begin breaking things again. More details on my show this Friday.