According to researchers, Apple Apps on Big Sur bypass Firewalls and VPNs, and it's not clear why Apple is doing this.
What this amounts to is that bad actors could exploit this hole in Apple apps on Big Sur to send out your personal data to remote servers. This should worry everyone.
What is confusing many of the reports I’ve read involves the Big Sur firewall; where most systems have a single firewall Apple has two: one is the familiar one and changes here are absolute including allow/block of Apple system/trusted apps, the other is a content blocker firewall that, by default, allows Apple system/trusted.
The first is a packet level firewall, the second a content level. As few if any others have this dichotomy there is confusion and misunderstanding both on the part of reporters and on the part of, for instance, some VPN providers (who are either ignorant or incompetent) who should know better; their competitors are already marketing their advantage, ie Big no on Big Sur: Mullvad disallows Apple apps to bypass firewall [mullvad.net].
Note: I’m not commenting on the good bad indifference of Apple’s firewall methodology just on the apparent mis-reporting.
