What exactly does one learn from this normally? A leftover daemon is a bit of an edge case, and you could have learnt the same from looking at Activity Monitor, seeing a permissions pop-up, noticing higher energy use, etc, but learning that software connects to China seems... fine? Unless one wants to classify all connections to China as by-definition bad, which is discrimination that I don't want to engage in personally.
A bad actor can conceal whatever they want by renting a server anywhere they like. Meanwhile, there are many legit reasons why software might connect to China – maybe the company hosts services on Alibaba Cloud, maybe the software is from a Chinese producer and they chose local hosting.
A bad actor can conceal whatever they want by renting a server anywhere they like. Meanwhile, there are many legit reasons why software might connect to China – maybe the company hosts services on Alibaba Cloud, maybe the software is from a Chinese producer and they chose local hosting.
To me, the map is mostly fear-mongering.