Apple earned their reputation for better security over Microsoft's platform, but this is no longer the case: Mac OS X has been the number one operating system with the most security. 'If you believe that macOS privacy protections are important, then yes, this is a very serious issue,' he said via email. 'On the other hand, if you were very satisfied with the level of macOS system security that existed prior to 2018, then no, you might not care about this much.
- This Is Serious Police Business Mac Os Catalina
- This Is Serious Police Business Mac Os X Yosemite
- This Is Serious Police Business Mac Os Download
- This Is Serious Police Business Mac Os C
- This Is Serious Police Business Mac Os X
SecurityFocus columnist Scott Granneman says that the FBI uses Macs, according to a recent article in which Granneman talks about his meeting with Dave Thomas, Assistant Special Agent in Charge of the FBI's St. Louis Division.
Thomas talked with Granneman at length about the risks and perils faced by Windows users these days, including trojan horses, viruses and worms. Granneman noted in the article that Thomas uses an IBM ThinkPad notebook.
'I asked him about that, and he told us that many of the computer security folks back at FBI HQ use Macs running OS X, since those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line. And they're secure out of the box,' said Granneman. 'In the field, however, they don't have as much money to spend, so they have to stretch their dollars by buying WinTel-based hardware. Are you listening, Apple? The FBI wants to buy your stuff. Talk to them!'
It gets better, at least if you're a hacker: Thomas told Granneman, 'If you're a bad guy and you want to frustrate law enforcement, use a Mac.'
'Basically, police and government agencies know what to do with seized Windows machines,' said Granneman. 'They can recover whatever information they want, with tools that they've used countless times. The same holds true, but to a lesser degree, for Unix-based machines. But Macs evidently stymie most law enforcement personnel. They just don't know how to recover data on them.'
We'll let it go for the moment that Mac OS X-based systems are indeed Unix-based machines.
'So what do they do?' asked Granneman. 'By and large, law enforcement personnel in American end up sending impounded Macs needing data recovery to the acknowledged North American Mac experts: the Royal Canadian Mounted Police. Evidently the Mounties have built up a knowledge and technique for Mac forensics that is second to none.'
The latest version of Apple's macOS comes with more than just a slew of fancy new features.
This Is Serious Police Business Mac Os Catalina
Buried inside macOS 11.3, which was released Monday morning, is a patch that fixes a critical vulnerability that was actively being exploited. This means that, yes, hackers or criminals or governments around the world were using this previously unreported bug for their own malicious ends.
That's according to Patrick Wardle, creator of the Mac security website and tool suite . Mickey shooting mac os. In a blog post timed to coincide with the release of macOS 11.3, Wardle explains just how serious the now-patched vulnerability is.
'This bug trivially bypasses many core Apple security mechanisms, leaving Mac users at grave risk,' he writes.
Worryingly, Wardle and Jamf, a company that makes Apple management software for enterprise customers, were able to detect real malware exploiting this bug in the wild.
We reached out to Apple to both confirm Wardle's report and that macOS 11.3 contains a patch for this specific vulnerability. An Apple spokesperson confirmed that the latest version of macOS does include a fix for the underlying issues.
Discovered and reportedby Cedric Owens, an offensive security researcher, the bug — a logic flaw — reportedly allows a bad actor to bypass Apple's File Quarantine and Notarization requirements. It also, according to Apple, allows malware to skip the display of the Gatekeeper dialogue box but not bypass XProtect, Gatekeeper's malware detection, itself.
Why is this such a big deal?
'When a user downloads and opens an app, a plug-in, or an installer package from outside the App Store, Gatekeeper verifies that the software is from an identified developer, is notarized by Apple to be free of known malicious content, and hasn't been altered,' explains an Apple support page. 'Gatekeeper also requests user approval before opening downloaded software for the first time to make sure the user hasn't been tricked into running executable code they believed to simply be a data file.'
Presumably, then, this bug allows malware to skip that latter part of the Gatekeeper process.
In other words, bad actors are able to use this exploit to render many of the protective measures your computer takes to ensure downloaded files aren't malware useless.
Wardle demonstrates what this looks like in practice with a quick proof-of-concept video. In the video, embedded below, he shows how a downloaded file — which, to the user, looks like a PDF file — launches the calculator app.
This Is Serious Police Business Mac Os X Yosemite
And while Mac users don't necessarily need to worry about their calculator apps, they should worry about supposed PDF files being able to launch random applications on their computers without a bunch of alarm bells going off.
A hacker, after all, won't be interested in simple addition and subtraction.
Instead, someone exploiting the vulnerability might be able to launch a hidden program that could be involved any number of worrisome activities — think ransomware, stealing credit card digits, or worse.
Wardle was quick to clarify that exploiting this bug requires a user to first click or download something. Still, that's only a partial assurance.
This Is Serious Police Business Mac Os Download
'The majority of Mac malware infections are a result of users (naively, or mistakenly) running something they should not,' explained Wardle over direct message. 'And while such infections, yes, do require user interaction, they are still massively successful. In fact the recently discovered Silver Sparrow malware, successfully infected over 30,000 Macs in a matter of weeks, even though such infections did require such user interactions.'
The lover of me mac os. Thankfully, macOS 11.3 contains a fix — a fact Wardle says he was able to verify by reverse-engineering the latest operating system. 'And good news,' writes Wardle on his blog, 'once patched macOS users should regain full protection.'
This Is Serious Police Business Mac Os C
SEE ALSO: How to stop your cell provider from sharing (some of) your data
We reached out to Apple to both confirm Wardle's report and that macOS 11.3 contains a patch for this specific vulnerability. An Apple spokesperson confirmed that the latest version of macOS does include a fix for the underlying issues.
Discovered and reportedby Cedric Owens, an offensive security researcher, the bug — a logic flaw — reportedly allows a bad actor to bypass Apple's File Quarantine and Notarization requirements. It also, according to Apple, allows malware to skip the display of the Gatekeeper dialogue box but not bypass XProtect, Gatekeeper's malware detection, itself.
Why is this such a big deal?
'When a user downloads and opens an app, a plug-in, or an installer package from outside the App Store, Gatekeeper verifies that the software is from an identified developer, is notarized by Apple to be free of known malicious content, and hasn't been altered,' explains an Apple support page. 'Gatekeeper also requests user approval before opening downloaded software for the first time to make sure the user hasn't been tricked into running executable code they believed to simply be a data file.'
Presumably, then, this bug allows malware to skip that latter part of the Gatekeeper process.
In other words, bad actors are able to use this exploit to render many of the protective measures your computer takes to ensure downloaded files aren't malware useless.
Wardle demonstrates what this looks like in practice with a quick proof-of-concept video. In the video, embedded below, he shows how a downloaded file — which, to the user, looks like a PDF file — launches the calculator app.
This Is Serious Police Business Mac Os X Yosemite
And while Mac users don't necessarily need to worry about their calculator apps, they should worry about supposed PDF files being able to launch random applications on their computers without a bunch of alarm bells going off.
A hacker, after all, won't be interested in simple addition and subtraction.
Instead, someone exploiting the vulnerability might be able to launch a hidden program that could be involved any number of worrisome activities — think ransomware, stealing credit card digits, or worse.
Wardle was quick to clarify that exploiting this bug requires a user to first click or download something. Still, that's only a partial assurance.
This Is Serious Police Business Mac Os Download
'The majority of Mac malware infections are a result of users (naively, or mistakenly) running something they should not,' explained Wardle over direct message. 'And while such infections, yes, do require user interaction, they are still massively successful. In fact the recently discovered Silver Sparrow malware, successfully infected over 30,000 Macs in a matter of weeks, even though such infections did require such user interactions.'
The lover of me mac os. Thankfully, macOS 11.3 contains a fix — a fact Wardle says he was able to verify by reverse-engineering the latest operating system. 'And good news,' writes Wardle on his blog, 'once patched macOS users should regain full protection.'
This Is Serious Police Business Mac Os C
SEE ALSO: How to stop your cell provider from sharing (some of) your data
This Is Serious Police Business Mac Os X
That's good news indeed. Clyde's world - episode 1 - pilot mac os.
So go ahead and download macOS 11.3, and rest easy knowing that at least this specific Mac security problem has been fixed. Don't, however, throw all caution to the wind — please still think twice before downloading random files from the internet.
