Has this been noted elsewhere? Sounds like Mulvad reported after the 6th which is pretty close to the RC.

From source: "we have investigated this issue after the 6th beta was released and reported the bug to Apple"

MacOS has had a host of these types of issues with their network stack over the last few years. They are almost always related to some "Magic" technology Apple is introducing such as AirDrop (raw wifi frames), Siri (multipath tcp) et. al. Essentially Apple have been introducing these new components with special elevated privileges which allow them to bypass or have priority access to the network stack in order to implement whatever brand of cross-protocol hoodoo they may require to function. At best, it's maddening, but at worst its a huge red flag that Apple seems ready and willing to accept these compromises into the functionality of their system. It is impossible to achieve total software control over the network stack in MacOS today.

Not publicly that I have seen, but I can assure you networking and cybersecurity companies (and others) saw this pretty quickly when the bug was first released. I was just glad to see a relatively big company calling out this rather egregious issue.

Security companies should be much more open about these issues, rather than quake the notion that if they go public, they’d lose their hush hush secret contacts at Apple that give them private entitlements for private functionality. (Source: first hand experience)

Your comment is pretty vague but intriguing. Are you allowed to share an example?

they're called managed capabilities and require apple's approval for unlocking access. CarPlay is an example:

https://developer.apple.com/documentation/carplay/requesting...

edit: tap to pay is another: https://developer.apple.com/documentation/proximityreader/se...

Those are public capabilities that require explicit approval from Apple in the form of an entitlement. That’s not what I am saying.

I’m talking about capabilities Apple officially denies having, or only gates to “partners”, and vends them using private header files and entitlements. One example is VPN service, which, before the NetworkExtension, were limited to the “Cisco”-branded user UI in Settings and MDM configuration files. Unless you had the (legacy) network manager private header files and a super private entitlement in you provisioning profile, allowing you to create VPN on-device without any MDM or configuration profile (or user consent), there was no way for an App Store app to create a VPN tunnel. We used to get these by mailing a contact inside Apple, asking for the latest headers before each major and minor iOS release. Before NetworkExtension, any public inquiry about creating VPN tunnels was denied by Apple and only officially supported by the Cisco app at the time.

Over the years, I’ve heard of many other such “features” only available to big “partners”.

These are broken out as standard entitlements in Xcode now and require standard approval process.

Private features are a standard practice pretty much everywhere you look around. Don’t believe me? Ask big google or facebook advertisers

Blizzard had a hardcoded exception in OSX (pre macOS) for the longest time.

What exception?