Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sandboxed Mac Apps Can Record Screen Any Time Without You Knowing (bleepingcomputer.com)

Posted by msmash on from the security-woes dept.

Catalin Cimpanu, writing for BleepingComputer: Malicious app developers can secretly abuse a macOS API function to take screenshots of the user's screen and then use OCR (Optical Character Recognition) to programmatically read the text found in the image. The function is CGWindowListCreateImage, often utilized by Mac apps that take screenshots or live stream a user's desktop. According to Fastlane Tools founder Felix Krause, any Mac app, sandboxed or not, can access this function and secretly take screenshots of the user's screen. Krause argues that miscreants can abuse this privacy loophole and utilize CGWindowListCreateImage to take screenshots of the screen without the user's permission.

6 of 59 comments (clear)

  1. Implemented incorrectly by Anonymous Coward · · Score: 4, Insightful

    Should only be able to screenshot windows that are owned by the running process, not the entire display screen without being granted a specific permission to access whole display.

    1. Re:Implemented incorrectly by Anonymous Coward · · Score: 3, Interesting

      This is Tim Cook's Apple we're talking about here. The guy allowed a release of an OS where one could log in with a blank root password. Yeah, I know, he's a "supply chain genius" which is why the iPhone X wasn't available for three months after it was announced and the fucking homepod just shipped two months late.

    2. Re:Implemented incorrectly by Anonymous Coward · · Score: 2, Insightful

      Recent problems notwithstanding, Apple's operating systems have gotten vastly more secure under Tim Cook. Take a look at the scarcity of jailbreaks, for instance, or the inability for nation states to crack iPhone security, or the dedicated hardware functionality. There's a reason iOS vulnerabilities cost far more money on the black market than its competitors.

  2. Re:Is this news? by QuietLagoon · · Score: 3, Informative

    ...Does the sandbox promise to change this?...

    Yes. A sandbox is a sandbox. You play inside your sandbox and are unable to affect or access things outside your sandbox that you should not access. It seems that, at some point, Apple forgot to restrict access to this API for sandboxed apps.

  3. Re:Is this news? by TheFakeTimCook · · Score: 2

    Yes, the entire point of a sandbox is it can't get data from other apps.

    Or at least without specific warnings that it's doing something outside of just being a self contained app.

    I wonder if any other security-conscious OSes have this security-hole? Looks like a pretty easy one to miss.

  4. Its a re-run, a late-late-show, ... by loslosbaby · · Score: 2

    There is a saying: "You can program Fortran in any language"... and it applies here: "You can X Windows in any OS".