v1.0 — Now available for macOS · Press ⌘ Space to launch
CmdSpace
Download free
← Back to blog
privacymacosroundup

macOS apps with zero telemetry: a verified 2026 list

CmdSpace Team·

Most macOS apps phone home in some way. App opens, button clicks, crash reports, "anonymous usage analytics," feature gates that check a license server — all of it shows up as network traffic that 99% of users will never notice. For the 1%…

Most macOS apps phone home in some way. App opens, button clicks, crash reports, "anonymous usage analytics," feature gates that check a license server — all of it shows up as network traffic that 99% of users will never notice. For the 1% who care, the question is harder than it should be: which apps actually send nothing without your explicit action?

This post is the verified-via-network-trace 2026 list. I will tell you the methodology, name the apps that pass, name the apps that almost pass, and explain why the question matters more in 2026 than it used to.

The bar for "zero telemetry"

A reasonable definition: when you use the app normally (open it, do work, close it), it makes no outbound network connections to the vendor's servers. The only acceptable connections are:

  • User-triggered. Clicking "share" or "publish" or "check for updates" is a deliberate action.
  • System-level. The OS's own connections (DNS, time, certificate revocation) are not the app's fault.

This bar excludes most apps. It is meant to. The point is to find the small subset of apps that meet the bar so you can build a daily workflow around them without auditing each one yourself.

How I verified

For each app on the list, I ran:

  1. Fresh launch from a clean install.
  2. Wireshark or Little Snitch capture on the relevant network interface.
  3. 10 minutes of normal use (open documents, create content, switch features).
  4. Application quit.

Any outbound connection that was not user-triggered or system-level was a fail. Auto-update checks are a borderline case I documented per-app.

The methodology is identical to what the Privacy Guides macOS recommendations suggest for verification. Verifying yourself is the right move; trusting any list (including this one) without verification is suboptimal.

The 2026 zero-telemetry list

Editors and notes

Sublime Text — pass. The license check is local. Auto-update is opt-in. No analytics.

Helix and Neovim — pass by design. Terminal editors with no network layer in the core.

Obsidian — pass with caveat. The desktop app makes zero connections in default config. If you enable Obsidian Sync or Publish (paid services), those are user-triggered and clearly labeled. The privacy page accurately describes this.

iA Writer — pass. License check is local. Auto-update is on a manual-trigger model.

Launchers

CmdSpace — pass. Local-only architecture. The auto-update check fetches a signed manifest from a static URL; no telemetry payload, no user identifier in the request. Disclosure: this is our product. The network audit is reproducible; verify with Little Snitch.

Alfred — pass. The Powerpack license check is one-time at install. After that, no outbound connections in default config. Workflow updates are user-triggered.

Ueli — pass. Open source, the network code is auditable. The plugin update mechanism is user-triggered.

Utilities

Hammerspoon — pass. Local automation framework. No telemetry.

Karabiner-Elements — pass. Local keyboard remapper. No telemetry.

Rectangle — pass. Window manager. The "check for updates" preference is opt-in.

Maccy — pass. Open-source clipboard manager. No analytics, no auto-update by default.

File management

Default macOS Finder — borderline. Finder itself is local but the OS layer underneath has Apple's broader telemetry, including Spotlight indexing and Apple Intelligence integration on Tahoe.

Code

VS Code — fails in default config (Settings Sync, telemetry, Copilot, "Help improve VS Code" all on by default). Can be made to pass with explicit setting overrides; see the "configure to pass" section below.

Apps that almost pass

These are apps with good privacy posture that did not quite hit the zero-telemetry bar. They are still defensible choices; they just are not zero-telemetry.

Things 3 — pass without Things Cloud. The hosted-syncing option is opt-in but the default first-run flow encourages enabling it.

Bear — pass without iCloud-based syncing. The app has analytics that fire on first-run; can be disabled.

Fantastical — fails. License check requires periodic phone-home; calendar sync requires whatever calendar service you use.

1Password — fails. The product is fundamentally a vendor-sync service; not its fault, just not what zero-telemetry means.

These are not bad apps. The phrase "zero telemetry" is a narrower bar than "good privacy."

Apps to be careful with

A short list of apps users sometimes assume are zero-telemetry but are not:

  • Notion — vendor-sync service, document content stored on Notion's servers.
  • Evernote — same.
  • Spotify — telemetry-heavy, expected for a streaming service.
  • Most "AI assistant" desktop apps — cloud-routed by definition.
  • Browser-based apps wrapped as Mac apps — usually the underlying web service phones home heavily.

Again, these are not bad apps. They just are not zero-telemetry, and "I have it installed" is not the same as "it does not phone home."

Configuring VS Code to pass

VS Code is the most common "almost passes" case because so many developers use it. To make VS Code zero-telemetry:

  1. Settings → Telemetry → Telemetry Level → Off
  2. Settings → Settings Sync → Turn off
  3. Disable or do not install GitHub Copilot, Copilot Chat, IntelliCode, and any AI extensions.
  4. Disable extension auto-update; set to manual.
  5. Disable workspace trust prompts that contact a server.

After these changes, VS Code makes effectively no outbound connections during normal editing. Verify with Little Snitch.

This same pattern works for most editors and IDEs: the network features are real but isolated, and disabling them generally works as advertised.

Why this matters in 2026

The macOS environment changed in the 2024-2026 window in three ways:

  1. Apple Intelligence shipped by default. Even apps that do not opt into it are surrounded by OS-level inference that may route specific actions through Apple's infrastructure. The Apple Intelligence privacy and security overview describes the boundary; turning it off requires going through Apple's intelligence engine page and System Settings.
  2. Subscription apps multiplied. Subscription apps almost always include vendor-sync and analytics because the business model assumes connected users. Zero-telemetry apps are mostly one-time-priced for this reason.
  3. AI features pushed cloud routing into more product categories. Notes apps, editors, mail clients, even text expanders started adding cloud-routed AI features in default-on configurations.

The result: the absolute number of zero-telemetry options grew (more apps exist), but the share of zero-telemetry options among popular apps shrank.

A working zero-telemetry stack

For reference, here is a stack that meets the bar end-to-end:

  • Editor: Sublime Text or VS Code (configured per above).
  • Notes: Obsidian (sync disabled).
  • Launcher: CmdSpace or Alfred.
  • Clipboard: Maccy.
  • Window management: Rectangle.
  • Tasks: Things 3 (cloud disabled) or plain Markdown in Obsidian.
  • Email: configure Apple Mail with IMAP only and analytics off, or accept the Mimestream trade-off.

Total cost: ~$150 one-time. Zero recurring subscriptions if you do not opt into Things Cloud or Obsidian Sync. Zero non-user-triggered outbound traffic.

Tools for verification

  • Little Snitch — the gold standard for macOS outbound connection monitoring. Paid.
  • LuLu — free open-source alternative for outbound monitoring.
  • Wireshark — packet-level capture if you want to read the actual bytes.
  • The Privacy Guides software list — community-maintained reference.

The audit your launcher's network activity post has the step-by-step Little Snitch + LuLu setup specifically for verifying a launcher.

The bottom line

Zero-telemetry macOS apps exist, the list of credible options is longer than it has been in years, and the verification methodology is reproducible. The actual difficulty in 2026 is not "find the apps" — it is "configure the OS around them" so the broader Apple Intelligence and Siri layers do not undercut your zero-telemetry app-layer choices.

For that broader question, local-first mac apps 2026 covers the wider lens, and using a mac launcher without apple intelligence covers the OS-level configuration specifically.

Sources