macOS Unpatched for Executing Untrusted Code off the Network May 25, 2019 https://www.bleepingcomputer.com/ne...for-executing-untrusted-code-off-the-network/ MacOS X GateKeeper Bypass
Apple should really start to take security more seriously. This is also worrying: https://www.deepinstinct.com/2019/04/29/remote-code-injections-in-mac-os/
While there's always room for improvement, they already take security seriously: https://www.apple.com/business/site/docs/iOS_Security_Guide.pdf It's actually quite impressive how secure they made iOS; a jailbreak for iOS 9 was worth a million dollars.
They're improving that as well, for example with their T2 chip (though it will be harder as the platform is more open): https://www.apple.com/mac/docs/Apple_T2_Security_Chip_Overview.pdf
They aren't exactly slacking in seriousness. https://www.apple.com/uk/macos/security/ They do take it seriously. Gatekeeper's sometimes too serious. https://www.apple.com/uk/business/resources/docs/macOS_Security_Overview.pdf
Guys, obviously they take security seriously, but not enough if you look at the serious security bugs that were found in the macOS in the last 2 years. Just do a search on the forum, and you will see what I mean. This is just one example: https://www.wilderssecurity.com/thr...pilfering-flaw-in-apples-macos-mojave.413066/
Most if these bugs get fixed though, and I'm not so sure they're all that 'serious'. How much experience have you had with macOS? How many infections have you contracted on macOS? Every OS can have vulnerabilities and when discovered they are usually patched. You can say the same for Android, Chrome OS and Linux. I certainly have no immediate plans (or otherwise) to put an AV on my iMac, laptop running Ubuntu or Chromebook. To say that Apple just aren't serious enough about security is risible at best and seems bordering the farcical. Even Microsoft take security seriously, especially these days.
That's not the point. But it seems like the bugs that were discovered were quite silly, Apple should hire better developers and bug-hunters, that's all I'm saying. And even on a Mac I would personally still take security quite seriously, I don't care about that it's less targeted. You might want to check out these tools: https://objective-see.com/products.html
What isn't the point? First you state Apple aren't serious about security, then you say they are but ... now you say they should hire better developers. I'm pretty serious about the security on my Mac, I'm also pretty serious it doesn't need free 3rd party security apps, even if I could get them past Gatekeeper, which is unlikely. Running Unix isn't like running Windows, it's a different mindset.
Waiting for GlassWire for Mac (beta) to come out so I don't have to worry about Apples Gatekeeper anymore. Running GlassWire on Win 7 and love it.
The point is that these bugs should have been discovered by Apple themselves! Especially the ones related to the Keychain. These aren't advanced kernel exploits. And the only reason why you're not seeing a lot of successful attacks on the Mac, is because it's being targeted way less. But I'm way too paranoid, I would definitely make use of third party tools. Why wait for GlassWire, why not go for Little Snitch? https://www.obdev.at/products/littlesnitch/index.html
I don't see your logic. How do you know they wouldn't have discovered them anyway? Apple might benefit by a bug bounty, although it seems they aren't in favour of it. Probably. Security by obscurity is one approach. Third party security freeware is an accident waiting to happen though. Most of it scrapes information (probably why they're free) and a good deal of it is superfluous and ineffective. And in MBAM's case mainly just finds false positives, when it isn't accidentally quarantining system drivers. I'm probably just not paranoid enough, there again, I don't run Windows.
BTW, here is another example. Even on a Mac you should take security seriously, I would definitely install "third party" behavior blocking tools. This is about a Firefox zero day exploit: https://objective-see.com/blog/blog_0x43.html
Which third party behaviour blocking tools have you installed on your Mac? https://arstechnica.com/information...used-to-install-undetected-backdoors-on-macs/ 'So far, attacks are known only to target Mac users involved in cryptocurrency.' op cit 'Wardle said he believes that Apple is in the process of updating XProtect and Gatekeeper so they scan all files, not just those with a quarantine bit. He said the change may be introduced in macOS 10.15.' op cit There's no guarantee third party tools would be any better defence anyway. I'm not going to get too super-Kevin about this.
https://i.imgur.com/HvdkC7v.png https://i.imgur.com/om61HcC.png https://i.imgur.com/HbnJNbT.png From Apples WWDC Sessions.
New Mac malware abuses recently disclosed Gatekeeper zero-day Researchers find new OSX/Linker malware abusing still-unpatched macOS Gatekeeper bypass June 25, 2019 https://www.zdnet.com/article/new-mac-malware-abuses-recently-disclosed-gatekeeper-zero-day/
I don't know if you have read the article, but this exploit could bypass GateKeeper and XProtect. But with the help of the Objective-See tools you could at least mitigate the attack. Yes, especially the GUI looks quite attractive.
Possibly, but isn't it improbable it would even affect me? You know, I don't want to sound too cynical, and I'm aware of security, but a lot of these supposed exploits are being used more to promote and market antivirus programs for macOS than anything else. I've run Linux for years and I just don't have your super-Kevin Windows paranoia anymore. In over fourteen years of regularly using the Internet I've only ever contracted malware once and that was a trojan dropper/gen in 2008. It was in the SeaMonkey browser running Vista on a Russian site. The Google Translate filter spotted it after I had tried to click an annoying Cyrillic pop-up off. Neither my AV or two anti-malware programs found it. Finally, the third AM program (SUPERAntiSpyware believe it or not) found and removed it. OTOH, of the several AV's I've used over the years, only MSE and BullGuard never showed a false-positive and all of the other AV's would try to eviscerate my hard drive with a frightening and astounding regularity. MBAM has only ever removed perfectly good system drivers for no apparent reason and programs like SpyBot S&D probably couldn't even detect themselves. I'm sitting using my Mac without an AV behind a perfectly good hardware router firewall and I feel pretty safe. Unix isn't Windows.
