Apple + Recommended + Security & Privacy

Spotlight Suggestions in OS X Yosemite and iOS: Are You Staying Private?

Posted on by

The simple truth is, if you put the words “Apple” and “privacy” together, you’re going to make headlines.

So it was no surprise to me when an enormous kerfuffle kicked off over the weekend about concerns that the latest version of Apple’s OS X operating system, Yosemite, was sending precise details of users’ locations and their search terms back to Apple.

Although OS X Yosemite patches numerous security holes (including the Shellshock and POODLE vulnerabilities), could this be the sting in the tale?

What has happened here is that Yosemite has a revamped version of Spotlight, which now can serve up suggestions from the Internet.

Of course, to do that, it has to share information with the internet first. And that information may not just be shared with Apple itself, but also third party providers such as Microsoft’s search engine Bing.

Apple was clearly aware that this might concern some users, and created a “privacy-built-in” webpage where it describes how different features in OS X Yosemite work in regards to securing sensitive information:

Apple talks Spotlight privacy

Spotlight Suggestions

With iOS 8 and OS X Yosemite, searching with Spotlight now goes beyond your device to give you suggestions from sources like Wikipedia, the iTunes Store, and Maps. Before it answers, Spotlight considers things like context and location while protecting your privacy by using an anonymous identifier that refreshes every 15 minutes. You can always opt out of Suggestions and continue to use Spotlight solely for local search on your device. You are also free to opt out of having Spotlight use Location Services any time you want. If you opt out, Spotlight will still use your IP address to determine a general location to make your searches more relevant. Unlike our competitors, we don’t use a persistent personal identifier to tie your searches to you in order to build a profile based on your search history. We also place restrictions on our partners so they don’t create a long-term trail of identifiable searches by you or from your device.

Although some might have preferred if Apple hadn’t enabled these potentially privacy-eroding features by default in the first place, it’s clear what message the company is pushing: If you don’t like the feature – turn it off.

Here’s how to disable the functionality in OS X Yosemite.

Open System Preferences and choose Spotlight. Now untick Spotlight Suggestions, Bing web searches and anything else that doesn’t suit you. In the example below I have also disabled searching of Mail & Messages – but that’s just a personal preference.

Spotlight preferences

To its credit, Apple can hardly be accused of hiding sweeping details of what it is doing under the carpet.

On that very dialog above there’s a link, called “About Spotlight Suggestions and Privacy.” Clicking it returns the following advisory:

Spotlight privacy statement

When you use Spotlight, your search queries, the Spotlight Suggestions you select, and related usage data will be sent to Apple. Search results found on your Mac will not be sent. If you have Location Services on your Mac turned on, when you make a search query to Spotlight the location of your Mac at that time will be sent to Apple. Searches for common words and phrases will be forwarded from Apple to Microsoft’s Bing search engine. These searches are not stored by Microsoft. Location, search queries, and usage information sent to Apple will be used by Apple only to make Spotlight Suggestions more relevant and to improve other Apple products and services.

If you do not want your Spotlight search queries and Spotlight Suggestions usage data sent to Apple, you can turn off Spotlight Suggestions. Simply deselect the checkboxes for both Spotlight Suggestions and Bing Web Searches in the Search Results tab in the Spotlight preference pane found within System Preferences on your Mac. If you turn off Spotlight Suggestions and Bing Web Searches, Spotlight will search the contents of only your Mac.

Now, before you relax and pat yourself on the back, you’re not quite done.

You have stopped Spotlight from sharing your search queries, but you haven’t stopped OS X’s default browser from doing the same trick.

To stop Safari sharing the same information, you have to go to *another* place: Safari > Preferences > Search and disable Include Spotlight Suggestions.

Safari settings

So, what if you are an iPhone or iPad owner?

Well, it’s a similar process. Simply go to Settings > General > Spotlight Search and disable Spotlight Suggestions, Bing Web Results, or anything else that you don’t want or need.

Spotlight preferences on iOS

Think you’re all done? Well, maybe you’re not.

Although what you type into Spotlight may no longer be leaving your computer, there might be other information which is leaking out.

For instance, how comfortable are you with sharing your physical location with different apps? Do you even know which apps are receiving details of where you are?

A quick visit into OS X Yosemite’s System Preferences can reveal all. This time, instead of changing Spotlight’s preferences, you need to click on Security & Privacy and choose the Privacy tab.

Once there you can choose Location Services and view whether they are enabled and, if so, which apps can access your location.

In the example below, you can see that the Weather and Maps applications are allowed to know my location, but I have declined to share such details with Evernote or the Reminders app.

Location privacy on Yosemite

To make changes to these settings, you may need to unlock the padlock by entering an administrator password.

By the way, you will find the iOS-equivalent to these settings under Settings > Privacy > Location Services. It’s well worth checking out which iPhone and iPad apps you are running that are accessing your location, as it’s much more common for mobile apps to request such information.

Would you have preferred Apple to have not turned on these features in Spotlight by default? Would it have been better if Apple had sold you the benefits of enabling the features, and invited you to turn them on, rather than leave it to you to retrospectively turn them off?

Leave a comment below and have your say.

About Graham Cluley

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats. Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security. Follow him on Twitter at @gcluley. View all posts by Graham Cluley →