No, not any random app. You knowingly chose to install the app. It either came from the App Store or it was notarized by Apple.
There are just so many reasons why software needs to access your hard drive. My app, for example, needs to write files in ~/Library/Application Support/Chrome in order to add native messaging permissions for my extension. Can you imagine the number of "Karens" that are going to email me because they "caught" me trying to "steal their data" if they add restrictions to this folder?
Apple did the right thing by only adding warnings for more sensitive areas like your Downloads or Documents folder, but any more than that and I think it'll cause more harm than good.
I agree with the blog post. Apple seems to be more focused with "security theatre" right now (or at least half-assed security for the sake of marketing). They do things like add easy-to-implement (via their FileManager class) file access warnings to appease most non-technical users. But at the same time ignore bigger looming threats like apps accessing the Internet. I think the issue isn't the warnings, it's what the warnings are about.
Anyway, my guess is that Apple will be adding network access warnings in the future (since it seems they re-wrote a large chunk of the networking code recently) but let's not deny the two-faced marketing speak going on right now and fact that they do stuff like making it impossible to inspect network traffic from Apple apps. The hand-wavy "trust us" argument shouldn't work for Apple either. Why do I have to trust Apple more than a third party developer?
> Apple did the right thing by only adding warnings for more sensitive areas like your Downloads or Documents folder, but any more than that and I think it'll cause more harm than good.
Sorry, I didn't mean to argue for apps to be able to read your browsing history.
The main point I was trying to make was that apps having network access without warning is more of a security/privacy issue than apps being able to read local files without warning. It's probably why Little Snitch became so popular and why I think Apple is in the process of shoving them out of the market by building it into the OS (I'm guessing!).
I think they are implying apple can’t control the sensitivity of third party tools across the board, so it’s up to chrome to figure out how to protect your browsing history, and they need to improve their file system layout or APIs to protect their users.
There are just so many reasons why software needs to access your hard drive. My app, for example, needs to write files in ~/Library/Application Support/Chrome in order to add native messaging permissions for my extension. Can you imagine the number of "Karens" that are going to email me because they "caught" me trying to "steal their data" if they add restrictions to this folder?
Apple did the right thing by only adding warnings for more sensitive areas like your Downloads or Documents folder, but any more than that and I think it'll cause more harm than good.
I agree with the blog post. Apple seems to be more focused with "security theatre" right now (or at least half-assed security for the sake of marketing). They do things like add easy-to-implement (via their FileManager class) file access warnings to appease most non-technical users. But at the same time ignore bigger looming threats like apps accessing the Internet. I think the issue isn't the warnings, it's what the warnings are about.
Anyway, my guess is that Apple will be adding network access warnings in the future (since it seems they re-wrote a large chunk of the networking code recently) but let's not deny the two-faced marketing speak going on right now and fact that they do stuff like making it impossible to inspect network traffic from Apple apps. The hand-wavy "trust us" argument shouldn't work for Apple either. Why do I have to trust Apple more than a third party developer?