Apple's Gatekeeper Still Broken

itwbennett writes: This weekend, Apple security expert Patrick Wardle will detail a vulnerability in Apple's Gatekeeper that makes it possible to bypass the anti-malware defense. This is the same vulnerability that was disclosed last April, which Apple said it patched later. Wardle was able to easily bypass Apple's fixes. He says "all Apple did was blacklist the signed apps he was abusing, but didn't fix the underlying issue, which is that, essentially, Gatekeeper functions as a guard that doesn't check" software already on the whitelist.

Doesn't matter.

People will still flock to Apple and buy the shit out of it. And Apple knows it.

Re:Doesn't matter.

Never let it be said that ignorance isn't bliss. You must be extremely happy.

Re:Doesn't matter.

[cant_get_a_good_nick]

I really never understood the anger of someone mad that someone else bought, well any item.

"you're such a _____ fanboi and you buy _____ and you suck (____'s CEO)'s dick!"

Who the hell cares. You buy what you want to buy, If you don't have a mac this doesn't affect you in the least. At least the Linux fanboi's could bitch at MS worms taking enough bandwidth to hurt Internet speeds. Apple Mac market share is small enough (through growing) to not hurt anyone not owning a Mac. This really isn't a true new worm. Anyone getting you to install a new app that partially passes gatekeeper can probably get you to install it and override gatekeeper. It's not that big of a leap.

I honestly feel bad at anyone angry at Apple selling too many computers. Do you need a cookie? Want to talk about it? Did your parents love you enough as a child?

Re:Doesn't matter.

[The-Ixian]

Yeah no kidding.

I don't personally like Apple the company. I just think they are too much about marketing hype. I was also not a fan of Steve Jobs personally.

But I still will recommend a Mac to someone when appropriate.

Computers and operating systems are tools not ideologies. Use the best tool for the job.

I won't be buying Apple products any time soon, but that is because there are tools out there that work better for me.

Re:Doesn't matter.

Stroke that neckbeard. The rest of us will continue to be productive in OS X despite some slight problems.

A security issue like this isn't a "slight" problem you turtleneck wearing knob-slobber.

Re:Doesn't matter.

[ComputerGeek01]

Windows? Which is taking away control of your computer and sending analytics to the mother ship whether you agree or not?

As opposed to Apple where you never had any control over any of their devices to begin with? Apple IS the worst of all possibilities; they are overpriced, have ZERO support options outside of the "Mac Geniuses", nothing is documented and there is no ability to customize their software or tweak the system performance. You might be as happy as a pig in shit with a device that just does one thing adequately right out of the box and is useless for anything else, but this is a site for engineers; not social runoff that thinks it's too smart for Facebook.

Re: Doesn't matter.

[cyber-vandal]

Those options aren't available on OS X?

Re:Doesn't matter.

But what else are people of a technical persuasion with no lives supposed to while away the hours of the day on? How will they maintain that false sense of superiority? That big bright thing in the sky burns, don't you know?!

Like another responder, I hate Apple the company with a burning passion of a thousand suns for actual wrongs done to me by middle and senior management level Apple employees. That said, I won't deny that, at least once upon a time, they built some great hardware and software. I think the glory days on both are well behind the company and it's only a matter of time before everyone else catches on, but they rightfully deserve credit for forcing everyone else to step up their quality game, giving us options besides a beige box and for being the first company with stones enough to kill off the floppy drive even if it was already years overdue by that point. Mac OS X also forced Microsoft to get serious about improving Windows, so out with GDI+ and in with Aero and the same basic thing with Android and even Windows Phone/Mobile and iOS. The competition, IMO anyway, has largely surpassed Apple who is now relying on the PITA factor of switching and getting new apps to keep users more than it'd care to admit, but they nonetheless deserve credit for forcing everyone to step up their efforts.

Re:Doesn't matter.

And some other angry dorks mod his anti-Apple comment up to +4 insightful. I could see if he worked for an Apple competitor not liking Apple, but otherwise?

Re:Doesn't matter.

[Mattintosh]

Windows is far superior to Mac OS X. So is Linux.

Having been a user of all three, and a developer on all three, systems for many years, I actually know what I'm talking about.

I would readily recommend Windows workstations and, for some tasks, servers. I would readily recommend Linux for servers. I have written software for both. I would not recommend Macs for anything, as the hardware is unimpressive and not different from anything any other PC manufacturer makes, and the software is stifling and foam-padded so as not to be "unfriendly". Personally, I find that exact quality to be rather unfriendly in and of itself.

So if you need a Fisher-Price computer, and you feel you need to pay double the market rate for it, by all means, buy an Apple. And don't be too sad when your "new" computer is poorly supported, gets cut off from necessary updates, and bogs down under the "burden" of minor software updates over the course of the next two years. Everyone who has ever bought a Mac certainly understands your pain.

I used to be a fanboi like you, and if you don't believe me, check my username.

Re:Doesn't matter.

Butthurt that your favorite PC maker's sales have been running downhill for years while Apple's keeps climbing? Or is it that it STILL isn't the year of Linux on the desktop & that it has become a sad joke?

Market share means nothing, and not all Linux users are neckbeards.

Re:Doesn't matter.

I agree with you 100%. I dislike the company, I think Jobs was an egotistical asshole, but I do admire Woz. Meanwhile, when I would have suggested an Apple to certain people 5 or 10 years ago, I'm finding now that what most of those people actually need is an Android tablet.

Re:Doesn't matter.

[The-Ixian]

Well said.

I don't think of Apple today as the same company they once were.

My first computer was an Apple II+ on which I spent countless hours wring BASIC programs. I monopolized its use so much that it eventually just ended up in my room. I would write basic by hand during boring church and couldn't wait to get home and type it in.

I loved that computer....

But Apple has always been expensive and it was much easier for me to buy PC components over time and slowly assemble a computer with my lawn mowing money. I have never really looked back.

Over the years I have looked at Apple products with envy at times. I think Mac has always been a good computer. It was just that by the time I could afford one, I was already well down the PC path. In addition to that, at the time, not much software worked with Mac and so it felt like it would be a step backwards.

That said, whenever I have the opportunity, I will use a Mac in order to be able to provide basic support.

I have a work issued iPad which I use for testing and playing some games. I like it ok, but it almost seems quaint compared to an Android table or a Microsoft Surface.

Re: Doesn't matter.

Some people (See presidential debate) believe that they are a bad influence, and completely justified. Don't people happen to post negatively in an effort to persuade people to choose otherwise (see organic / vegetarian / anti fur on your nearest social media)

Many people people would agree that APL has a huge influence. The problem is when a company uses it maliciously poor excessively greedy.

They're the same company that was said "no reasonable person would believe our advertisements". They instituted a 30% "tax" for bring on their store. Etc.

This had lead to other companies emulating their behaviour, by brazenly lying in advertisements and other companies charging massive ,margins.

Re:Doesn't matter.

True. The customers are either and or ignorant people, who try to buy some status artifact to boost their low self esteem.

Re:Doesn't matter.

Who the fuck cares, what brand their computer has or what is its market share? Only Apple fanboys do. The rest of us use the applications and the OS behind them, not the logo behind the LCD.

Re:Doesn't matter.

Ding!

Apple won't even let you be an adult on your own devices. Wanna video chat in an adult chat room where nobody does anything lewd, the topics are just of an adult nature? Nope. 18+ conversation not allowed.

That right there tells me that Apple products are for CHILDREN. Not productive adults.

Re:Doesn't matter.

You might feel the need to be an ignorant ass, but I don't give a fuck.

If you can't act like a grown up, go back to fucking your sister, because I don't give a crap if you want to act like a childish prick.

Wah wah, someone disagrees with you ... grow the fuck up.

I do hope I have made my point...

Re:Doesn't matter.

iOS runs UNIX and you have absolutely no control over it.

OS X is officially a UNIX but as of the latest version you can't even use root to replace some of Apple's software with newer versions. Want to use the latest version of Ruby, and not

$ /usr/bin/ruby --version
ruby 2.0.0p645 (2015-04-13 revision 50299) [universal.x86_64-darwin15]

Tough shit. Root can't change it, you're stuck with it until Apple updates it.

Want to try a version of Perl that isn't three years old? Same. Tough shit. You're stuck with version 5.18.2, a branch that has been EOLed for over a year at this point.

Don't like the built-in Photos app and want to use Lightroom instead? Tough shit. Plug in a camera, and OS X will ALWAYS launch Photos. This can't be changed. Previously you could just delete /Applications/Photos.app to block it, but guess what? Not even root can touch it any more.

Re: Doesn't matter.

[Rosyna]

Have you never used a Mac? To change the default application for a camera, set it in Image Capture.app.

And, of course, idiots that think they know better can disable rootless. For those that know better, they install Perl or Ruby from source in a pace such as /usr/local/, which is designed for such installations and doesn't require disabling rootless.

Re: Doesn't matter.

Have you never used a Mac? To change the default application for a camera, set it in Image Capture.app.

Except changing it in Image Capture doesn't work. I know, I've tried. The solution offered was to delete Photos entirely. Oops!

And, of course, idiots that think they know better can disable rootless. For those that know better, they install Perl or Ruby from source in a pace such as /usr/local/, which is designed for such installations and doesn't require disabling rootless.

Except /usr is protected by rootless mode, so you can't.

Even if you could, you ALSO can't edit the PATH is OS X, so it hardly matters. (Go ahead. Tell me a way to change the PATH for ALL applications, launched from anywhere, and not just from Terminal in a shell. You can't. Any time an OS X app is launched, the PATH is reset to /usr/bin:/bin:/usr/sbin:/sbin.)

Re: Doesn't matter.

[Rosyna]

It's these claims that make me wonder if you've used a Mac. It's easy to confirm on a Mac those claims are not true.

Yes, Image Capture settings most definitely stick. That's what is consulted when you plug in a camera device.

Again, /usr/local/ is explicitly excluded from rootless.

As for your Ruby/Perl issue. You're seriously trying to replace the system libraries first and third parties depend on? Why?! They were only ever tested with those system versions.

However, you can change the PATH by editing rc files or using the dscl tool.

Re:Doesn't matter.

Meh whatever, get off your ass and learn some hotkeys. Plus there's a perfectly good bash shell with BSD basically sitting underneath. Use it.

More importantly, Apple is in the business to sell hardware, I trust them to resist inserting any backdoors for the gov't much more than Microsoft. Oh that's right, MS has been doing that since 1999 http://www.washingtonsblog.com...

MS doesn't give a shit about their reputation because they've got most of the corporate world locked-in which guarantees a recurring revenue stream forever. Apple has a metric fuckton more to lose if they misstep in the trust department.

Re:Doesn't matter.

[Guy+Harris]

iOS runs UNIX and you have absolutely no control over it.

OS X is officially a UNIX but as of the latest version you can't even use root to replace some of Apple's software with newer versions.

If you're referring to System Integrity Protection, then, if you want to replace some of Apple's software, feel free to disable System Integrity Protection. A bit of a painful process, but the setting persists, so you only have to do it once, unless you want to turn it back on once you're done and then turn it off again when you want to change one of the protected files.

(Pro tip for people running OS X under VMware Fusion: if you're going to be doing this, you'll probably want to increase the boot delay on your VM so that you have enough time to do the "boot to Recovery OS" dance. The Parallels folk don't require anything like that, apparently, but I haven't tried it with Parallels.)

Re:Doesn't matter.

Because it's still a better option (Gatekeeper) than anything in the Linux platform, despite flaws being found in it. I'm sure someone will bring up SElinux. Which has had plenty of flaws of it's own and is contributed by the NSA.

Re:Doesn't matter.

"And don't be too sad when your "new" computer is poorly supported, gets cut off from necessary updates, and bogs down under the "burden" of minor software updates over the course of the next two years. Everyone who has ever bought a Mac certainly understands your pain."

What an unsubstantiated (unsubstantiatable) load of shit. The latest OS X runs on computers made all the way back in 2007 and it actually runs quite well on older computers. How does a troll post with blatant falsehoods get modded informative?

Re:Doesn't matter.

Fucking developers! Arrogant SOBs think they know everything, but developers are simple OCD fucks that freak out if their "developer applications" break or are unavailable. Try writing code instead "developing software," you fucking egomanic!

Ask any professional administrator that works with Windows, Linux and Mac and you'll get a far more truthful assessment: it doesn't fucking matter. If you're not platform agnostic, then you have some hidden agenda.

Re: Doesn't matter.

[Dog-Cow]

OS X actually has a hidden Gatekeeper to keep out ignorant, bigoted pieces of shit like the GP. That's why he doesn't know anything about it.

Re:Doesn't matter.

Stroke that neckbeard. The rest of us will continue to be productive in OS X despite some slight problems.

A security issue like this isn't a "slight" problem you turtleneck wearing knob-slobber.

A security issue that has an "Exploitability Score" of 0.8 (on a scale from 0 to 10). Yeah, that's a "slight" problem at worst.

Re:Doesn't matter.

I honestly feel bad at anyone angry at Apple selling too many computers. Do you need a cookie? Want to talk about it? Did your parents love you enough as a child?

Maybe he should consider to not have his only investment strategy be "short AAPL".

Re:Doesn't matter.

[jbolden]

Since when are there any content restrictions on OSX?

Re:Doesn't matter.

[jbolden]

I think you may want to check your facts. OSX is heavily documented, check the developer's website. The system can be tweaked for performance using documented attributes as is regularly done by developers of many applications.

Re: Doesn't matter.

[jbolden]

change /etc/paths.

Besides why should you be changing the default Perl or Ruby for all applications and not just the ones the scripts you are writing or using that need a newer version?

This story sounds familiar...

[U2xhc2hkb3QgU3Vja3M]

Patrick: You fight with the strength of many men, Sir knight.
I am Patrick, King of the security experts.
[pause]
I seek the finest and the bravest knights in the land to join me in my Court of Camelot.
[pause]
You have proved yourself worthy; will you join me?
[pause]
You make me sad. So be it. Come, Patsy.
Gatekeeper: None shall pass.
Patrick: What?
Gatekeeper: None shall pass.
Patrick: I have no quarrel with you, good Sir knight, but I must cross this bridge.
Gatekeeper: Then you shall die.
Patrick: I command you as King of the security experts to stand aside!
Gatekeeper: I move for no man.
Patrick: So be it!
[hah]
[parry thrust]
[Patrick chops the Gatekeeper's left arm off]
Patrick: Now stand aside, worthy adversary.
Gatekeeper: 'Tis but a scratch.
Patrick: A scratch? Your arm's off!
Gatekeeper: No, it isn't.
Patrick: Well, what's that then?
Gatekeeper: I've had worse.
Patrick: You liar!
Gatekeeper: Come on you pansy!
[hah]
[parry thrust]
[Patrick chops the Gatekeeper's right arm off]
Patrick: Victory is mine!
[kneeling]
We thank thee Lord, that in thy merc-
[hah]
Gatekeeper: Come on then.
Patrick: What?
Gatekeeper: Have at you!
Patrick: You are indeed brave, Sir knight, but the fight is mine.
Gatekeeper: Oh, had enough, eh?
Patrick: Look, you stupid bastard, you've got no arms left.
Gatekeeper: Yes I have.
Patrick: Look!
Gatekeeper: Just a flesh wound.
[bang]
Patrick: Look, stop that.
Gatekeeper: Chicken! Chicken!
Patrick: Look, I'll have your leg. Right!
[whop]
Gatekeeper: Right, I'll do you for that!
Patrick: You'll what?
Gatekeeper: Come 'ere!
Patrick: What are you going to do, bleed on me?
Gatekeeper: I'm invincible!
Patrick: You're a loony.
Gatekeeper: The Gatekeeper always triumphs!
Have at you! Come on then.
[whop]
[Patrick chops the Gatekeeper's other leg off]
Gatekeeper: All right; we'll call it a draw.
Patrick: Come, Patsy.
Gatekeeper: Oh, oh, I see, running away then. You yellow bastards! Come back here and take what's coming to you. I'll bite your legs off!

Re:This story sounds familiar...

[ChrisMaple]

I am Zuul. I am the Gatekeeper.

The reason why apple's encryption doesn't matter.

As long as you can hack the phone it's superior encryption capability is rendered moot.

Lack of interest based security

[Flavianoep]

I've got the impression that security of MacOS relies strongly on the low market share and supposed lack of interest of the potential crackers. Am I too wrong?

Re:Lack of interest based security

Yes.

Re:Lack of interest based security

[Flavianoep]

Yes.

OK. Thanks for your appreciation.

Re:Lack of interest based security

No, you're right. But the other thing is that Gatekeeper isn't intended to keep OS X secure. It's intended to make running non-Apple code annoying and nothing more.

Keep in mind that in the Apple security model, you're not trying to protect the user from harmful code, you're trying to protect the computer from the user. The whole system is designed around preventing the user from doing things outside Apple's walled garden, not from preventing software from doing things it shouldn't be doing. As long as the average user can't run non-Apple code, from Apple's point of view, everything is working as intended. Even if a hacker CAN.

Re:Lack of interest based security

Not exactly. I do find the GateKeeper annoying in that if I want to install software that doesn't have an Apple signature, I don't even get the option to install like the signed software, and have to go to the security panel of system preferences to install it. By default, you don't even have that option.

While I'm sure it can be defeated just by getting something past the inspectors during the submission process, it does get me asking "do I trust where I just downloaded from" and "do I REALLY need to try out this utility".

Re:Lack of interest based security

[dgatwood]

In any mode, you can run an unsigned or non-Apple-signed installer or app by control-clicking on it and choosing "Open".

Re:Lack of interest based security

[Guy+Harris]

No, you're right. But the other thing is that Gatekeeper isn't intended to keep OS X secure. It's intended to make running non-Apple code annoying and nothing more.

To do that, it would have to be combined with making getting software from the Mac App Store, most of which is "non-Apple code", annoying. Presumably, then, you're saying that getting software from the Mac App Store is annoying.

Or perhaps you meant "it's intended to make non-Apple-approved code annoying", where "Apple-approved" means "approved by Apple to go into the Mac App Store". Whether that's the intent, yes, that's definitely a side-effect.

(I run non-App Store code quite a bit; for code installed by downloading a .dmg or installer package or..., it's a minor nuisance, and for stuff installed by downloading a source tarball, unpacking it, and doing the configure/make/make install dance or whatever that tarball requires, it doesn't come into play at all. At this instance, my biggest peeves with Apple software are 1) dealing with LLDB's misguided attempt to have a "better" command language than GDB and 2) having to teach Yosemite autocorrect that "sshd" isn't a typo for "sushi", "tarball" isn't a typo for "tarsal", etc.. :-))

Apple is New to Reacting to Security Threats

[bigal123]

Apple is new to reacting effectively to security. Microsoft gets beat up about security, but they have learned to attempt to react better. May not be perfect.

I know so many Apple people that think Apple immune security issues. I seriously wonder if we will see a day when Apple is is hit with the same type of security questions that have plagued Microsoft over the years.

Re:Apple is New to Reacting to Security Threats

[cant_get_a_good_nick]

To be honest, Apple is arguably better at this point than Microsoft was at a similar point in it's lifecycle, from a tech standpoint. Rootless MacOSX is a thing. Gatekeeper, though major holes, is a thing. It's just that back then, the Internet was not as much of a source of riches. There's never been a Slammer work for MacOSX. Nor a "I love you" virus.

You know who else had really bad security reputation? Redhat was horrible in the beginning. You know what famous developer doesn't pay enough attention to security? Linus Torvalds.

Not to skewer MS. Not to skewer Linus or Linux. But realize we're comparing relative bad here. The best OS from a security standpoint is just the least horrible OS on a security standpoint.

Security is hard. How do i patch an infinite state machine against people who can make a lot of money breaking it. It's not a trivial task.

Re:Apple is New to Reacting to Security Threats

[alvinrod]

Probably not.

The biggest issue right now as far as most people are concerned is javascript that hijacks a browser and tricks people into thinking their computer is completely locked up and that they need to call some tech support number to get it fixed. I recently had a relation call me about this because they didn't want to pay the $400 to get it fixed, which is what the website says they need to do.

All you need to do is just force quit the browser to fix the problem, but most people are too computer illiterate to know that. A short while after that, I saw a segment on the news about the exact same thing and warning people not to fall for the scam, because apparently hundreds of people had already been taken. You don't need to write complicated malware that exploits security holes in a system when you can be a shitty script kiddy and take advantage of people's lack of critical thinking.

What really perplexed me (besides the fact that what virus would advertise who to call in order to fix it) was that these people were claiming to be from Microsoft, but the person who called me had a Mac. It's far easier to just convince a stupid user to hand you their money or to install a program that will let them talk to horny singles in their area.

Most operating systems are fairly secure these days, but the weak point is still the people using them. If you're going to go to the trouble of exploiting some operating system security holes, you're far better off targeting an online retailer who has credit card information on file for thousands of people or enough of their personal information to facilitate identity theft. I don't expect we'll see the kinds of attacks that we used to see in the past with Windows. There are easier ways to make money from single targets that don't require security holes, and there are fatter targets that are more worthwhile to attack if you do find a security hole like that.

Re:Apple is New to Reacting to Security Threats

[SuiteSisterMary]

Been a while, but wasn't Slammer actually a SQL Server worm, and I love you was an email-based Trojan?

You're absolutely correct, however, in pointing out that in the age-old contest between warhead and armour, warhead wins.

Re:Apple is New to Reacting to Security Threats

[LichtSpektren]

Apple is new to reacting effectively to security. Microsoft gets beat up about security, but they have learned to attempt to react better. May not be perfect.

I know so many Apple people that think Apple immune security issues. I seriously wonder if we will see a day when Apple is is hit with the same type of security questions that have plagued Microsoft over the years.

Windows spent almost two decades with admin privileges by default 24/7, no mandatory-access control, installations that could occur silently and without user input, core system updates through the web browser, whilst also being the only real desktop PC operating system (i.e. it was the most lucrative target for malware authors). It's actually sort of miraculous that the security ecosystem wasn't in even worse shape than it was.

By contrast, OS X's origins in unix give it a fairly safe grounding. The keyring and SIP in El Capitan also seem to be quite robust. And Apple users are more trusting of automatic security updates compared to Windows users (Microsoft poisoned that well when they started pushing shitty drivers and malware through their updates).

Re:Apple is New to Reacting to Security Threats

[The-Ixian]

There are easier ways to make money from single targets that don't require security holes, and there are fatter targets that are more worthwhile to attack if you do find a security hole like that.

One thing that is missing from this equation is bot nets.

It certainly does benefit hackers to take over grandma's system if for no other purpose than to recruit it into the ranks of bitcoin mining, spam sending, ddos attacking, malware distributing, etc.

I guarantee you that if Apple was the dominant computing platform, it would have just as many issues as other platforms.

Re:Apple is New to Reacting to Security Threats

[dgatwood]

The biggest issue right now as far as most people are concerned is javascript that hijacks a browser and tricks people into thinking their computer is completely locked up and that they need to call some tech support number to get it fixed. I recently had a relation call me about this because they didn't want to pay the $400 to get it fixed, which is what the website says they need to do.

Agreed. I've gotten similar calls. And the problem is so simple that I can't believe Apple hasn't fixed it already (unless they have, and I just haven't noticed yet):

• Stop disabling the window close buttons while a JavaScript pop-up is visible (and when clicked, kill all active JavaScript and pop-ups associated with that window).
• Add a scroll view into JavaScript pop-up alerts so that it will be impossible for a malicious website to put so much text in an alert that the "Supress additional pop-ups from this window" bits end up below the bottom of your screen.

Re:Apple is New to Reacting to Security Threats

From scareware, I'd say the biggest threat is or will be ransomware. Just because it can grow and expand to deny access to so many different things. Couple that with how easy it is to throw malicious code around via the browser and add-ons, this is probably going to be the #1 problem soon. To boot, it doesn't need root or Administrator rights to do its dirty work (although it does help a lot). It just needs write access to files, and that's it. OS makers have put up very high barriers between the user and the admin account... but there is little to nothing separating the context of a user's web browser from nailing all the files in the user's work processor.

Ransomware is almost a perfect storm brewing:

Clued people can use virtual machines or sandboxes so code that escapes the browser can't flash firmware on the motherboard, HDD, or other devices... but realistically, not many people browse the web in a VM.

Backup technology is worse than it was 20 years ago. Back in the 1990s, you could buy a tape drive and every day, just swap tapes for a nightly backup. Then, write-protect them when restoring. Now, at best we have external drives (no write-protect capability) that are easily zapped with one malicious command. Same with cloud providers. Same with backups on shares and devices like Time Capsules. Heck, there are no devices under $50,000 that can "pull" backups, like Windows Home Server used to do, storing data safely away from client-residing malware.

The biggest security issue, next to Trojans (which always will be an issue) are web-based attacks like malvertising. No company is interested in doing anything about this vector. AV utilities? Worthless.

Even now, people still run with Windows domain admin creds. All it takes is malware to use those credentials and ransomware can lock out not just a workstation or laptop, but an entire domain, tree, or entire forest. Someone locks out a big company where AD, Exchange, and such don't work? They would pay a ransom in the 7-8 digit mark without even hesitating if they got their access back.

Re:Apple is New to Reacting to Security Threats

Wrong.

The warhead loses EVERY TIME. The armour loses SOME OF THE TIME.

You see, the warhead is DESIGNED to lose. Catastrophically. It blows itself up DELIBERATELY so as to break the armour in the collateral damage of its destruction.

And the warhead is designed to be lost. This is why you buy many more AT shells than you buy tanks. You are going to lose every single one you fire (you hope, otherwise it is a dud and wasted). You hope not to lose any tanks. You don't buy them to get them blown up, like you do with warheads.

Re:Apple is New to Reacting to Security Threats

Before Windows, I heard the same bellyaching about lack of security with Solaris and IRIX. In most operating systems, features are more in demand than security, so the makers deliver. As I was told in a previous job, "security has no ROI", and "the only person who gains financially from a lock is the locksmith", so it is understandable that security on the OS level will always take a backseat to virtually everything else.

OS X does keep improving [1]. I'd love to see a "real" rootless OS, where root becomes a role, not just a disabled user. Solaris does this now. Linux desperately needs signed executables, or a mechanism like AIX's trustchk, but politics keep that from ever appearing in the OS.

I do hope Apple does keep working on OS X's security. Because they have been proactive, malware, other than Trojans and Java-based attacks, has been very rare on the platform.

[1] OS X needs a real filesystem... HFS+/HFSX just doesn't cut it these days. Even ExFAT is more stable.

Re:Apple is New to Reacting to Security Threats

[pr0fessor]

I got a call at work the other day that I thought I recognized the number I was in a good mood and thought about answering "IT, have you tried turn it off and on again?" but settled for "Technical support, I'll be your password reset technician today."

Turns out it was a scammer claiming to be from MS... so after he said his intro I said "Yes, you've reach technical support. Do you need me to reset your password?" then he stammered and and tried to explain about how my computer was having issues and I said "Ok, I have reset your password but it will take about 15 minutes for the changes to go through. If you have any other issues go ahead and call back."

Re:Apple is New to Reacting to Security Threats

[Actually,+I+do+RTFA]

To be honest, Apple is arguably better at this point than Microsoft was at a similar point in it's lifecycle, from a tech standpoint. Rootless MacOSX is a thing. Gatekeeper, though major holes, is a thing.

Same point in the lifecycle? Apple has been around, as a company in the OS business, as long/longer than MS. And things like rootless OSX are expectations, because people learn from other people;s experience.

I get that rewriting means there are needed patches. But when Apple wrote OSX, security was a real thing. And eliminating a lot of legacy code should prevent the source of a lot of issues.

Re:Apple is New to Reacting to Security Threats

It would have been if the technology and bandwidth can you imagine trying to process the throughput 750,000+ zombie machine botnets would overwhelm a your good old 28.8/33.6kbps Modem on dial up... It always existed it's just scaling along with everything else.

Re:The reason why apple's encryption doesn't matte

How is its encryption superior?

With Android, I know it uses dm-crypt. The key for /data is initially generated randomly and encrypted to "default_password". When changed, and you can use a utility to change the boot password that decrypts /data from the screen unlock PIN, an attacker now has to deal with the length of the passphrase, not just the 4-6 PIN characters.

iOS? Well, I have to trust that a magic chip which decrypts /private/var automatically, and who knows how secure that is, because it is a separate item that is a complete black box. Does it have an override password? No way for me to know.

Software encryption is at least better since it is harder to backdoor. I'll take Android's known mechanisms for encryption which have been around since Linux 2.6, than something that is a complete unknown that I am supposed to trust without question. I'll use my 20+ digit password for /data, and pack my own parachute.

The logic probably goes something like this...

[mamono]

GK: We don't need to do anything apart from just stop him entering the room.
OSX: No, no, leaving the room.
GK: Leaving the room, yes.
OSX: Alright?
GK: Right. Oh if if if uh if if uh if uh if we oh... if oh.
OSX: Look it's quite simple. You just stay here, and make sure he doesn't leave the room, alright?
GK: Oh I remember, uh can he leave the room with us.
OSX: No No No No. You just keep him in here and make sure h...
GK: Oh yes, we'll keep him in here, obviously. But if he had to leave, and we went with him...
OSX: No wait, just keep him in here,
GK: Until you or anyone else
OSX: No, not anyone else, just me
GK: Just you
OSX: Get back.

Working As Intended

[BitZtream]

Its working exactly as its supposed to. Its not meant to stop everything, its just a whitelisting system with some authentication built it.

Blacklisting the offending apps is exactly how this type of system works.

Anything signed by a valid cert which has been signed by Apple's cert is trusted by default. Thats what having an Apple signature on top of the publisher signature means. This also means the applications are 'tamper proof' in theory, because changing the application invalidates the sig and the code no longer is whitelisted, so no virus will work.

The system then keeps a CRL, Certificate Revocation List. This list is ... blacklisted fingerprints. That is, certs or specific apps that were not known to be compromised or malicious when Apple originally vetted them, but something became known to be compromised after that process. The CRL list means Apple can effectively change its mind about apps that it previously approved.

This is all it is intended to do, and that alone mitigates a metric fuckton of exploit cases.

Doesn't prevent apps that don't get caught in review. But you won't get more than one or two malicious apps past them before you're completely cut off from getting certs ever again. Vendors outside the AppStore will have their certs revoked when exposed in the wild.

At no point was it intended to prevent every single exploit vector ever. You're pretty ignorant of how this stuff works if you think they ever said it was the cure all to security issues.

All it does is adds a layer of control to who can run arbitrary code on your system, and by default, allows Apple to give people permission to do so. You can also use your own certs and remove the AppStore cert, effectively making it so only apps signed with your cert will run on the machine ... or in the case of some companies, the company's cert is the only thing that runs on the machine.

itwbennet == bennet haselton / dumb

Re:Working As Intended

[Anubis+IV]

Indeed, the first thing I thought when reading this was, "What underlying issue? Blacklisting him is exactly how it's supposed to work."

Apps from trusted sources are supposed to be able to do pretty much anything they want until they prove they're not to be trusted. That's by design. And, inevitably, some developers will abuse that trust, which is why the design includes a means for the revocation of trust. Which is exactly what happened here.

Yes, he's shown that trusted devs can include external code that's malicious. So what? Trusted devs can also include internal code that's malicious. Either way, their certs will be revoked and the problem will go away. The primary benefit I can see is that this lets malware developers move their malicious code out of the bundle that goes through the App Store review process, but that's a marginal benefit at best, since the default Gatekeeper setting doesn't require apps to have gone through that process anyway.

Otherwise, the only other benefit is that this may allow someone to replace external libraries used be trusted apps outside of their control with libraries of their own design. E.g. Some video encoding apps require that you download additional libraries separately due to problems that arise with international copyright law, so you may be able to use this exploit to replace those libraries with malicious ones, thus turning a good app from a trusted developer into a vehicle for malware. That said, you'd need to provide a parallel exploit for replacing those libraries with your malicious ones before this would prove to be problematic.

Re:Working As Intended

Finally a bitztream post that is informative without his typical angry-teen douchebaggery.

Having said that, it really is too bad his mom made him suckle until the advanced age of 9. He does occasionally appear to have a bit of worthiness to contribute to the world.

Re:Working As Intended

Isn't anything not on the whitelist supposed to automatically be blacklisted? There's not supposed to be a grey area.

Re:Working As Intended

Security must be applied in layers if any reasonable expectation of Privacy or Trust is expected.

Doubleclick

Could someone please check what is funny over there?

Thanks! :D

Braid dead guard?

So like a bouncer at a bar that will happily let a 12 year old in if they have a license that says their 21?

It does when they buy it for work

[Sycraft-fu]

The reason I'm very anti-Apple is particularly our younger professors decide that they need to have apple computers, phones, and tablets to be hip. So they get them, against recommendations. Now never mind that these cost a lot more money than they'd spend on equivalent hardware but then the support issues start. Turns out that Mac don't just magically work, and they have problems with things (accessing the central storage is something Macs have been particularly problematic with) and they whine to us despite promising that they understand and will support things themselves.

Apple wants to pretend to be good for the enterprise, but their enterprise features are garbage. So people get them, want them to integrate, they don't, and then they cry about it.

Re:Gatekeeper isn't about security

[Guy+Harris]

Gatekeeper isn't for security. Gatekeeper is intended to make running non-Apple approved code just annoying enough to force most users to use the App Store rather than use non-Apple blessed code. As they've demonstrated with the latest OS X where not even root can write to /usr or /bin

Or, rather, where you have to go through an annoying procedure, involving two reboots, to write to /usr or /bin.

What malware?

Stupid Apple. Don't they know Apple computers have no viruses or malware? Every Mac owner knows that.

Microsoft Jobs

[wkwilley2]

I'm actually impressed that Apple named anything with "Gate" in it

Re:Gatekeeper isn't about security

Gatekeeper isn't for security. Gatekeeper is intended to make running non-Apple approved code just annoying enough to force most users to use the App Store rather than use non-Apple blessed code. As they've demonstrated with the latest OS X where not even root can write to /usr or /bin

Or, rather, where you have to go through an annoying procedure, involving two reboots, to write to /usr or /bin.

If you think that's annoying, you should try working with SELinux some time.

Re:Gatekeeper isn't about security

[Guy+Harris]

Or, rather, where you have to go through an annoying procedure, involving two reboots, to write to /usr or /bin.

If you think that's annoying, you should try working with SELinux some time.

I haven't tried actually working with it, but I've certainly been annoyed when it kept VMware's hgfs from working on Linux guests - it wasn't immediately obvious how to let it work. (I think my VMs running newer versions of Fedora don't have a problem with hgfs, so maybe either VMware or the SELinux people fixed it.)