mac, don't track

macOS Privacy & Performance Optimizer

A tool to disable macOS telemetry, analytics, and unnecessary services while optimizing system performance and privacy

Table of Contents

• Features
• Quick Start
• Usage
  • Interactive Menu
  • Command-Line Options
  • Monitor Mode
• What It Does
  • Services Disabled
  • Domains Blocked
  • Firewall Rules
• System Requirements
• Important Notes
  • What Still Works
  • What This Blocks
  • Analytics Processes Still Run
• Backups
• Restoration
• Sources & References
• Security Considerations
• License
• Contributing
• Disclaimer & Warranty

Features

Analytics & Telemetry Blocking

• Disable 14 analytics daemons (analyticsd, audioanalyticsd, wifianalyticsd, etc.)
• Block 44 telemetry domains via hosts file (DNS-level blocking)
• Firewall rules using Packet Filter (pf) to block analytics network traffic
• Kill agent that continuously suppresses analytics processes
• Blocks metrics, diagnostics, and crash reporting services

Privacy Controls

• Disable Spotlight web suggestions
• Disable personalized ad tracking
• Disable Siri and Dictation
• Disable Handoff/Continuity
• Configure Safari privacy settings (tracking prevention, suggestions)

Advanced Options

• Network-level blocking via hosts file and firewall
• Power optimization settings
• Real-time monitoring

Quick Start

# Clone or download the script
cd /path/to/script

# Make executable
chmod +x macDontTrack.sh

# Run with sudo (required for system modifications)
sudo ./macDontTrack.sh

Usage

Interactive Menu

Run the script and follow the interactive prompts to select which optimizations to apply:

sudo ./macDontTrack.sh

Command-Line Options

# Dry run (preview changes without applying)
sudo ./macDontTrack.sh --dry-run

# Verbose output
sudo ./macDontTrack.sh --verbose

# Show current status
sudo ./macDontTrack.sh --status

# Restore defaults (undo all changes)
sudo ./macDontTrack.sh --restore

Monitor Mode

A live monitoring script is installed at ~/.macos_optimizer_monitor.sh:

# One-time status check
~/.macos_optimizer_monitor.sh

# Continuous monitoring (refreshes every 5 seconds)
~/.macos_optimizer_monitor.sh --watch

What It Does

Services Disabled

System Services (13):

• analyticsd - Core analytics daemon (High priority, sleep blocker)
• diagnosticd - Diagnostic collection (High priority, sleep blocker)
• SubmitDiagInfo - Diagnostic submission (High priority, sleep blocker)
• wifianalyticsd - WiFi usage analytics
• audioanalyticsd - Audio usage analytics
• ecosystemanalyticsd - Ecosystem analytics
• inputanalyticsd - Input/keyboard analytics
• diagnosticservicesd - Diagnostic services
• osanalyticshelper - OS analytics helper
• timemachine_diag - Time Machine diagnostics
• spotlight_diag - Spotlight diagnostics
• messagetracer - Message tracer
• systemadaptor - System analytics adapter

User Services (5):

• analyticsagent - Analytics agent
• diagnosticspushd - Diagnostic push daemon
• geoanalyticsd - Geo analytics
• diagnostics_agent - Diagnostics agent
• diagnosticextensionsd - Diagnostic extensions

Domains Blocked (44 total)

metrics.apple.com
metrics.icloud.com
metrics.mzstatic.com
securemetrics.apple.com
weather-analytics-events.apple.com
books-analytics-events.apple.com
iadsdk.apple.com
api-adservices.apple.com
... and 36 more

See the full list in the script at line 1129-1177.

Firewall Rules

Creates /etc/pf.anchors/com.analytics.blocker to block network traffic from analytics processes at the firewall level, preventing data transmission even if processes respawn.

System Requirements

• macOS 10.13+ (High Sierra or later)
• Bash 4.0+
• Root/sudo access
• System Integrity Protection (SIP) can remain enabled

Important Notes

What Still Works

Based on the domains being blocked, these services continue to function:

• App Store downloads and updates
• iCloud sync
• Apple Pay
• System updates
• Find My iPhone/Mac

Note

The domains blocked are analytics-specific. However, some Apple services may behave unexpectedly. Test carefully.

What This Blocks

• ❌ Analytics and telemetry data collection
• ❌ Diagnostic reporting to Apple
• ❌ Personalized advertising
• ❌ Usage tracking
• ❌ Web search suggestions

Analytics Processes Still Run

The analytics daemons (analyticsd, audioanalyticsd, etc.) will still appear in process lists because:

1. They respawn every 1-3 seconds (launchd manages them)
2. SIP prevents permanent deletion

However, they cannot send data because:

• DNS lookups are blocked (hosts file)
• Network connections are blocked (firewall)
• Processes are continuously killed (kill agent)

Backups

All modified files are automatically backed up:

• /etc/hosts → /etc/hosts.backup.YYYYMMDD_HHMMSS
• /etc/pf.conf → /etc/pf.conf.backup.YYYYMMDD_HHMMSS
• LaunchDaemon plists → ~/.macos_optimizer_backup/

Restoration

To restore all settings to defaults:

sudo ./macDontTrack.sh --restore

Or manually re-enable services:

sudo launchctl enable system/com.apple.analyticsd
sudo launchctl bootstrap system /System/Library/LaunchDaemons/com.apple.analyticsd.plist

Sources & References

This script's analytics blocking capabilities were enhanced using research from:

Domain Blocklists

• cedws/apple-telemetry - Comprehensive Apple telemetry domain blocklist
• NextDNS Native Tracking Domains - Apple - Curated list of Apple tracking domains
• jakejarvis/ios-trackers - iOS tracking and telemetry domains

Technical Documentation

• Apple Support - Analytics & Improvements
• Apple Support - Enterprise Network Requirements
• Intego - How to Turn Off Analytics on Mac

Community Resources

• Hacker News - macOS Telemetry Discussion
• Apple Community - analyticsd Discussion
• Force Disable LaunchDaemons Script

Security Considerations

This script:

• ✅ Works with SIP enabled (no system file modifications)
• ✅ Uses standard macOS tools (launchctl, defaults, pfctl)
• ✅ Does not disable security features
• ✅ Does not modify system binaries
• ✅ All changes are reversible

License

MIT License - Use at your own risk. Always review scripts before running with sudo.

Contributing

Issues and pull requests welcome. Please test thoroughly before submitting.

---

Disclaimer & Warranty

USE AT YOUR OWN RISK.

By using this script, you acknowledge and agree that:

• You are solely responsible for any and all consequences of running this script on your system
• The author(s) assume ZERO liability for any damage, data loss, system instability, or other issues that may arise
• This script modifies system-level configurations and may cause unexpected behavior
• You may experience issues including but not limited to:
  • System services breaking in mysterious ways
  • Analytics daemons respawning faster than you can kill them
  • Your Mac becoming sentient and refusing to send telemetry (feature, not bug)
  • Accidentally summoning daemons (the Unix kind, probably)

NO WARRANTY is provided, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-summoning of daemons.

This script is not affiliated with, endorsed by, or supported by Apple Inc. Apple will not help you if this breaks something. Neither will we, but at least we're honest about it.

ALWAYS review code before running it with sudo. If you don't understand what it does, don't run it.

By proceeding, you accept full responsibility for your actions and their consequences. You have been warned. 👻