VPN-Killing ‘Feature’ Removed in New macOS Update

Have you been putting off updating macOS because you’ve heard bad things about a specific feature killing the effectiveness of security apps? Well, no need to worry anymore – Apple has done away with the controversial feature in the second beta of Big Sur 11.2. Here are the full details. 

What Feature Caused VPN Issues in Big Sur 11.2?

The issue that caused massive concerns in beta 2 of Big Sur 11.2 was the inclusion of the ContentFilterExclusionList “feature.” Essentially, this would exclude first-party apps like iCloud from third-party security checks – whether it’s VPNs, firewalls, anti-malware and so on.

Security experts believed malware would pose the greatest threat if this feature weren’t removed. How so? Simply put, cyber attackers could have designed malicious programs that latched on to Apple apps. Since first-party programs would be excluded from anti-malware scans, you can see how that could be a problem.

What about VPNs? How does Apple’s exclusion list affect such apps? Easy – VPNs are supposed to mask your real life location by hiding your IP address. By adding the ContentFilterExclusionList component, every first-party Mac app would broadcast your actual location to Apple at all times. Moreover, it could have caused potential data leaks, seeing as network traffic from these applications would bypass the VPN encrypted tunnel.

Is It Safe to Install Big Sur 11.2?

Absolutely. As reported by ZDNet, Apple only included the exclusion list component as a temporary measure while their engineers worked out the kinks in the new update. That’s what the tech giant claims, at least.

All we can hope now is that this wasn’t an indication of their intentions for their future products. At least they didn’t seem to repeat this mistake in Big Sur 11.3 (which releases towards the end of March).

Which Mac VPNs Were Unaffected?

The Big Sur 11.2 beta version mainly affected VPNs that use APIs found in the macOS Network Extension Framework (more specifically: NEFilterDataProvider and NEAppProxyProvider). Providers such as Surfshark and CyberGhost VPN put out statements that they would be looking into the issue. Although Apple has since removed the exclusion list, these providers have most likely changed the way their VPN clients work to avoid any similar issues in the future.

ExpressVPN, ProtonVPN and more providers have remained unaffected by the issue. Wondering what VPNs are best for Mac? Click the link to find a more complete list of the best Mac VPNs – fortunately, all of them should work properly with the latest build of Big Sur 11.2.

Should You Use a Mac VPN?

Apple is known to take the privacy and security of their products more seriously than the average. The best example of this is the time they stood their ground against the FBI, when the latter wanted Apple to implement a backdoor in iPhones.

That being said, they’re not infallible, and this exclusion list debacle should serve as a warning to take data security into your own hands. A good start is to encrypt your network data by using a VPN for your Mac and other devices. Not only will this protect you from hackers on public Wi-Fi, but it will also prevent your Internet provider from selling your private browsing activity to advertising networks.

Now, we’ve already mentioned that VPNs mask your IP to hide your location. Of course, the benefits go beyond just user privacy. By changing your IP (and thus your online location) with a VPN, you can access geo-blocked content. Say, Netflix shows you normally can’t watch in your area, or entirely new content platforms (like Hulu outside the US).

Not only that, but a VPN can help you bypass firewalls at work or at school. Normally, firewalls are used for security purposes, but companies and school use them to block the fun parts of the Internet to “make you more productive.” Too bad people always find other ways to procrastinate, so might as well do it on your own terms.

Fair warning, though: don’t use a school or work-provided device to do so.

Is It Safe to Use a Free VPN on macOS?

If you do decide to use a VPN, it’s better to avoid the vast majority of free providers out there. For one, more than half of the top downloaded free VPNs on the App Store and the Google Play Store are owned by China-based companies. That’s not a great sign, considering all that data is also monitored by the Chinese government.

Furthermore, researchers have discovered that most of the top 20 free providers don’t follow the App Store Review Guidelines. At least the situation is better than on the Google Play Store, where nearly 40% of VPNs contained malware.

Of course, that doesn’t mean Mac users should rest easy. Free VPNs can legally sell your browsing history and location data, much like ISPs are doing. All they need to do is to disclose the practice in their terms of service, and your online activity is fair game.

Then again, several free Hong Kong-based VPNs managed to leak the sensitive info of 20 million people online – all while claiming they didn’t keep any user logs. As such, there’s no guarantee that reading the privacy policy will do you any favors.

Outside these security concerns, free Mac VPNs just aren’t worth it for a few simple reasons:

  • Most free VPNs have data caps of up to 10 GB (the generous ones, at least). Others can go as low as 500 MB, making them pretty much useless for anything other than reading articles light on pictures. Naturally, there are a few providers without data caps, but you’ll still have to deal with the next point.
  • They throttle your bandwidth, meaning even the fastest connections will slow down to a crawl. Understandable, seeing as it’s the only way so many users can be on equal footing without paying a cent.

Finally, if you intend to use VPNs for Netflix, BBC iPlayer, Hulu, or other content platforms – you’re out of luck. Even subscription-based VPNs get blocked by these services, but they can afford wide server networks and fresh IP addresses to get around such blocks.

Leave a Comment