MacOS Can Be Private Only One Way

MacOS can only be fully private using little snitch to block all apple. First thing I need to address is that Apple collect tons of data and protect you from other people collecting tons of data at the same time.

This is why we need to block all incoming and outgoing connections to their servers. Remember to read everything before you go ahead and do anything.

What I recommend is to read this on a phone and follow along but here are some ground rules that need to be followed for maximum privacy:
No internet until we setup our settings.
No Apple ID
No Apple Products
These are the three ground rules and you must obey these for maximum privacy.

Initial Setup

• Choose your language and hit the right arrow.
• Select your country and click “Continue”.
• Opt for “Customized Settings”.
• Verify your language choice.
• Confirm your location.
• Enable dictation (mandatory).
• Skip Accessibility options by clicking “Not Now”.
• If prompted, select “My computer does not connect to the internet”.
• Click “Continue”, and again if asked to connect to the internet.
• Proceed through the Data & Privacy notification.
• Skip the Migration Assistant by clicking “Not Now”.
• Bypass the Apple ID requirement by selecting “Set Up Later”.
• Confirm by clicking “Skip”.
• Agree to the Terms and Conditions by clicking “Agree” twice.
• Create a local computer account with a generic name (Macbook Pro”) and a strong, memorable password. Avoid providing password hints. Click “Continue” when done.
• Disable “Location Service” and click “Continue”, then confirm with “Don’t Use”.
• Choose your time zone and click “Continue”.
• Deselect all analytics options and click “Continue”.
• Skip “Screen Time” settings by clicking “Set Up Later”.
• Turn off Siri and click “Continue”.
• Choose your preferred screen mode and click “Continue”.

Settings

Wi-Fi and Bluetooth:

  • Open System Settings from the Dock.
  • Go to Wi-Fi, turn it off, and uncheck both Ask to join networks and Ask to join hotspots.
  • Go to Bluetooth and turn it off.

OS Firewall:

  • Navigate to Network and select Firewall.
  • Turn on the Firewall and click Options.
  • Uncheck Automatically allow built-in software to receive...
  • Uncheck Automatically allow downloaded signed software to receive....
  • Enable Stealth mode and click OK.

Disable Notifications:

  • Go to Notifications.
  • Set Show previews to Never.
  • Turn off Allow notifications when the device is sleepingAllow notifications when the screen is locked, and Allow notifications when mirroring or sharing the display.
  • For each application, disable notifications and use the arrow to return.

Turn Off Unnecessary Connections:

  • Go to General in the left menu.
  • Select AirDrop & Handoff and turn off all options, ensuring AirDrop is set to No One.
  • Return to General in the left menu.
  • Select Sharing and make sure all options are disabled.
  • Go to Siri & Spotlight in the left menu and ensure Ask Siri is turned off.
  • Click Siri Suggestions & Privacy.
  • Click each option and disable all toggles, then click Done.
  • Disable all options within the Spotlight area.
  • Click Spotlight Privacy.
  • Click the + in the lower-left corner.
  • Change the dropdown field to Macintosh HD.
  • Click Choose, confirm with OK, and click Done.

Turn Off Gatekeeper:

  • Open Terminal and enter sudo spctl --master-disable and press Enter. You may need to enter your password.
  • Verify the status with spctl --status.
  • Go to System Settings > Privacy & Security and set Allow Applications From to Anywhere. This setting is at the bottom of the Privacy & Security panel.

Other Privacy and Security Settings:

  • Go to Privacy & Security in the left menu.
  • Select Analytics & Improvements and ensure all options are disabled.
  • Still in Privacy & Security, select Apple Advertising and turn off Personalized Ads.
  • Go to General in the left menu.
  • Select Software Update.
  • Click the i in the circle and deselect all options.
  • Then, go to General and choose Date & Time.
  • Click Set... next to Source and enter your password if prompted.
  • Change the time server to pool.ntp.org and click Done.

Turn On FileVault:

    • Go to Privacy & Security in the left menu.
    • Click Turn On... next to FileVault.
    • Enter your system password and click Unlock.
    • Choose Create a recovery key and do not use my iCloud account.
    • Document this recovery key somewhere safe and click Continue.

Applications

Installing Little Snitch

First, use a USB from another computer or connect to Wi-Fi to download and install Little Snitch from here.

  • Open Finder and navigate to the downloaded Little Snitch installation file.
  • Double-click the file and drag the Little Snitch icon into the Applications folder.
  • Close the Little Snitch window.
  • Go to the Applications folder using Finder.
  • Double-click the Little Snitch application and confirm by clicking “Open.”
  • Accept the license agreement and click “Install.”
  • Click “Open System Settings” when prompted.
  • Click “Allow” when asked for permission within System Settings.
  • Enter your system password and click “OK.”
  • Click “Allow” for network content access.
  • Close any notification windows that appear.
  • Click “Start Tour,” then “Next” six times.
  • Click “Continue,” select “Alert Mode,” and click “Next.”
  • Disable both “macOS Services” and “iCloud Services,” then click “Next.”
  • Click “Close” and then select “Demo Mode” on the popup.

It’s generally best to click “No” to any prompts that originate from Apple. You should create a second profile with updates not blocked. You can set this up within Little Snitch.

Recommended Browsers

Start with Mullvad and Brave; refer to the Browsers page for more details on these.

Additional Applications to Consider

  • LibreOffice: A powerful, free, and open-source office suite.
  • Proton Suite: While I prefer using it in the browser, it’s a solid application to have.
Scroll to Top