This is exactly why local-first architecture matters. If your documents never leave your machine unencrypted, OS-level network privacy controls actually work in your favor rather than against you.
I've been building PrivaVault (encrypted doc management, launching next week) specifically with this threat model in mind everything's encrypted client-side before any network activity happens. MacOS can sniff the traffic all it wants, but it's just seeing encrypted blobs going to storage.
I've been building PrivaVault (encrypted doc management, launching next week) specifically with this threat model in mind everything's encrypted client-side before any network activity happens. MacOS can sniff the traffic all it wants, but it's just seeing encrypted blobs going to storage.