PDA

View Full Version : Gatekeeper vulnerable to letting malware through?



lclev
01-16-2016, 06:24 PM
http://thehackernews.com/2016/01/mac-os-x-gatekeeper-hack.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers +News+-+Security+Blog%29&_m=3n.009a.1156.fe0ao06xsz.ntb

Just wondering what everyone else thought. I found it interesting that the issue with gatekeeper is that it does not seem to recognize potential malware apps that are included in the approved folder.

Any thoughts to the author's free tool?

https://objective-see.com/products/ostiarius.html

Lisa

chas_m
01-16-2016, 06:31 PM
There's been no known attacks in the wild, although the "pirated xcode embedding malware" thing was based on a similar exploit.

My opinion: I don't think there's much to worry about here. Apple has already issued a partial fix, is working on a full fix, and the risk is insanely low (unless, of course, you pirate Mac apps!).

Less "sky is falling" reporting: http://www.macnn.com/articles/16/01/15/discoverer.of.original.flaw.says.man.in.the.middle .attacks.still.possible.132053/

lclev
01-16-2016, 07:18 PM
My take - one more reason to avoid CNET and SoundForge downloads. :Smirk:

Lisa