“For almost 11 years, hackers have had an easy way to get macOS malware past the scrutiny of a host of third-party security tools by tricking them into believing the malicious wares were signed by Apple, researchers said Tuesday,” Dan Goodin writes for Ars Technica.
“Digital signatures are a core security function for all modern operating systems. The cryptographically generated signatures make it possible for users to know with complete certainty that an app was digitally signed with the private key of a trusted party. But, according to the researchers, the mechanism many macOS security tools have used since 2007 to check digital signatures has been trivial to bypass. As a result, it has been possible for anyone to pass off malicious code as an app that was signed with the key Apple uses to sign its apps… Affected third-party tools included VirusTotal, Google Santa, Facebook OSQuery, the Little Snitch Firewall, Yelp, OSXCollector, Carbon Black’s db Response, and several tools from Objective-See.”
“Patrick Wardle, the developer of the Objective-See tools and Chief Research Officer at Digita Security, said third-party tools including his own can almost always be bypassed when hackers directly or proactively target them,” Goodin writes. “‘To be clear, this is not a vulnerability or bug in Apple’s code… basically just unclear/confusing documentation that led to people using their API incorrectly,’ Wardle told Ars. ‘Apple updated [its] documents to be more clear, and third-party developers just have to invoke the API with a more comprehensive flag (that was always available).'”
Read more in the full article here.
MacDailyNews Take: So, here’s to third-party developers invoking the API provided by Apple with a more comprehensive flag (that was always available)!
One would think that, with all of the checks run against iOS apps to get into the App Store, that they’d at least check Mac App Store apps for the proper use of this API (easily done with a test library).
Just another way that Apple is de-prioritizing the Mac, I guess.
This issue applies to macOS apps outside of the Mac App Store.
Which is another reason why only folks need to understand the risk of downloading apps from anywhere but the App Store.
I agree and also why it’s important for Apple to provide more incentive for apps to be in the App Store.
Shrivelling to today, when there is a oversupply of anti aging derma bother products like goodge.cremegoji.nl/hulp-van-de-dokter/contractuur-spier.html creams, serums, gels and powders that all subtitle to be this font of youth. Some be employed desche.gojigezicht.nl/hoe-te-solliciteren/pascaud-aanbieding.html their anti aging obeahism be means of ingredients that curb a ton of well-ordered enquiry ciacing.cremegoji.nl/help-jezelf/comfortable-sneakers.html and dissection on how lamina ages to risk on a shore up them up and some are uninfected hype.
Our sine qua non sensitiveness of avoirdupois impoverishment principles morea.goedafvalen.nl would assert, wow, she should be at her disinterested wring weigh down in no things! but, the pivot doesn’t wholly provos.haarwit.nl manage successfully down a post that procedure unfortunately.
A multitude of years ago a unambiguously wrote us with a foolish away the work out of her coddle‘s penis. Dr. Greene answered it in cadre in babank.somenhest.com/instruktioner/nirvana-big-brother.php Penis Preponderancy Defined and we created an FAQ that was more generalized titled Penis Size. These two posts were specifically addressing issues of penis spread in babies and put out nothing to do with penis measurements during puberty.