 |
 |
Software Update Question
|
|
|
|
|
Mac Enthusiast
Join Date: Dec 2002
Location: Newport Beach, CA
Status:
Offline
|
|
Just out of curiosity, does Apple gather info on the software installed on your machine? Versions, serial numbers, registration, etc....
I know they scan the machine to see what needs to be updated, but do they take back and record any of this info for any reason?
(I'm not asking because of stolen software, just want to know what is going on  )
Thanks....
|
Be a traveler, not a tourist
|
| |
|
|
|
|
|
|
|
Professional Poster
Join Date: Apr 1999
Location: Copenhagen, Denmark
Status:
Offline
|
|
Originally posted by EnVoy:
Just out of curiosity, does Apple gather info on the software installed on your machine? Versions, serial numbers, registration, etc....
I know they scan the machine to see what needs to be updated, but do they take back and record any of this info for any reason?
(I'm not asking because of stolen software, just want to know what is going on )
Thanks....
When Software Update is runs it basically looks in you /Library/Receipts folder to see what you have installed.
|
|
JLL
- My opinions may have changed, but not the fact that I am right.
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Mar 2004
Location: MacNN database error. Please refresh your browser.
Status:
Offline
|
|
It must do more than that because if an application is moved from the Applications folder (say into a sub-folder), then Software Update won't discover it.
|
This is a computer-generated message and needs no signature.
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2001
Location: Retired.
Status:
Offline
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Dec 2002
Location: Newport Beach, CA
Status:
Offline
|
|
I already use Little Snitch, but I dont think t will help in this case. Little Snitch wont tell you what is sent back and forth, only that a connection is being made. Thanks for the suggestion, though, LS is an awesome app .....
|
Be a traveler, not a tourist
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Nov 2003
Location: Minnesota
Status:
Offline
|
|
If you're really paranoid, you could run tcpdump or ethereal and watch all of the traffic that leaves your machine.
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Feb 2001
Location: Vancouver, WA
Status:
Offline
|
|
Looks like there's an exchange of XML documents between client and server... a longer and more interesting exchange than I'd suspected.
First, the client requests http://swscan.apple.com/scanningpoin...ingpointX.xml. This has a bunch of instructions telling the Software Update client what to look for. Some of the items are paths to applications or packages in /Library/Receipts, others are specially-formed queries: most of those refer to version numbers stored in plist files in /System/Library/CoreServices, but there's also a handful of queries related to various attributes of the IOAppleBluetoothHIDDriver.
Second, the client sends back an XML document containing the information it was queried for. If you have an application or package receipt installed in one of the paths referenced by scanningpointX.xml, the client response includes the version number of the bundle at that path. It also includes responses to the specially-formed queries if those queries' criteria are satisfied (i.e. it didn't send back anything related to the bluetooth driver query, probably because that query was asking if I had an Apple bluetooth mouse or keyboard, and I don't). And there's some generic info at the top of the document: the Open Firmware name of your model of Mac (e.g. PowerMac3,5), the amount of physical RAM, and whether Software Update is set to automatically check for updates at regular intervals.
Finally, the server responds with an XML document which pretty much describes what you see in the Software Update window: the name, size, version, etc., download URL, and description of each update available.
So, no serial numbers. They do, however, include your Apple ID cookie in HTTP requests... that may just be a side effect of Software Update using the same underlying network code as Safari, iTunes, and iDisk, though. So there is at least the potential for them to be doing something dastardly. Well, assuming you'd consider it dastardly for them to keep a record of which people (identified by their Apple Store / iTunes / .Mac contact information) own which model of Mac, how much RAM they have installed, and what Apple software they have installed. (Of course, if you bought your Mac from the online Apple Store, they already have that Mac's serial number matched to your name and address.) Whether Apple actually is doing anything you'd consider evil is something you'd have to ask them. Their privacy policy might be a good place to start.
|
|
|
| |
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Dec 2002
Location: Newport Beach, CA
Status:
Offline
|
|
Thanks Rickster, very helpful and informative.
Curious as to how you found all that out, with tcpdump or ethereal as suggested?
|
Be a traveler, not a tourist
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
