The macOS system must disable personalized advertising.

STIG ID: APPL-14-002200  |  SRG: SRG-OS-000095-GPOS-00049 | Severity: medium |  CCI: CCI-000381

Vulnerability Discussion

Ad tracking and targeted ads must be disabled.

The information system must be configured to provide only essential capabilities. Disabling ad tracking ensures that applications and advertisers are unable to track users' interests and deliver targeted advertisements.

Check

Verify the macOS system is configured to disable personalized advertising with the following command:

/usr/bin/osascript -l JavaScript << EOS
$.NSUserDefaults.alloc.initWithSuiteName('com.apple.applicationaccess')\
.objectForKey('allowApplePersonalizedAdvertising').js
EOS

If the result is not "false", this is a finding.

Fix

Configure the macOS system to disable personalized advertising by installing the "com.apple.applicationaccess" configuration profile.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.