“The world’s biggest social network does a fair amount of altruistic work, some of it controversial, like Internet.org, some if it just straight-up nice,” Thomas Fox-Brewster reports for Forbes. “Falling firmly into the latter category is ‘osquery’, an open source framework for monitoring operating system security, which has just been updated to detect some serious vulnerabilities affecting Apple’s iOS and Mac OS X.”
“One of the more serious flaws could have been exploited to poison the Keychain in Macs that store passwords and other authenticating data in ‘items.’ It was possible to create malware, get it onto the Apple App Store and have it delete an item of a legitimate app and force it to dump its authenticating information into an attacker-controlled item. That could have given attackers access to all the private data in the good app,” Fox-Brewster reports. “Facebook’s osquery has been given a new tool that exposes what apps are doing on the Keychain to determine if they have malicious intent.”
Read more in the full article here.
MacDailyNews Take: Helpful open source tools like this from Facebook are always welcome!
SEE ALSO:
Apple patches Mac App Store for XARA exploits; additional fixes are ‘in progress’ – June 22, 2015
Major zero-day security flaws in both iOS and OS X allow theft of Keychain, app passwords – June 17, 2015
And see if they have a back door first. Less is more!
They just keep the creep factor to keeping track of everything you do online. Otherwise, they’re so nice!
If humanity worked together more often, we would achieve much more at greater exponential rates.
The answers to many of humanity’s unanswered questions are likely hidden as pieces of a puzzle within the collective minds of everyone alive.
The earth is one country and mankind its citizens. Unity is everything.