G+_Eddie Foy Posted September 30, 2015 Share Posted September 30, 2015 Seems Apple can no longer live on it's Security Through Obscurity model any more. http://tinyurl.com/qcelllm http://tinyurl.com/qcelllm Link to comment Share on other sites More sharing options...
G+_Michael Heinz Posted September 30, 2015 Share Posted September 30, 2015 1. In what sense is Gatekeeper "security through obscurity"? IIRC, they published the specs and what it does when they first released it. 2. This exploit requires that a valid, approved, OS X app actually contain a hidden malware bundle and open it. Wouldn't that be detected at the time the app was signed? http://blog.trendmicro.com/trendlabs-security-intelligence/gatekeeper-on-mac-os-x-10-9-mavericks/ Link to comment Share on other sites More sharing options...
G+_Michael Heinz Posted September 30, 2015 Share Posted September 30, 2015 Actually, here's a 3rd point - this exploit required the signed, valid, app to overwrite itself with the malware in the zip file - how many apps do you know of that have the administrative permissions to overwrite themselves in the applications directory? Link to comment Share on other sites More sharing options...
G+_Billy Vaughn Posted October 1, 2015 Share Posted October 1, 2015 You should always be worried no matter what OS you run. I agree with Michael Heinz. Like so many vulnerabilities they work in theory and not necessarily in practicality. Should you be aware of this? Yes, but should you shut down your Mac and hide it in the closet, not even close. Link to comment Share on other sites More sharing options...
Recommended Posts