Researcher claims that attackers can easily bypass current OSX security tools

By Justin Kahn
Apr 24, 2015
Post New Reply
  1. security researcher trivial bypass security tools macs

    Most Mac users feel as though they are impenetrable to viruses and malicious software, but according to one researcher that is not the case. While Apple has its fair share if security measures in place, recent data has surfaced suggesting those tools are “trivial” for any attacker to bypass. For sometime, most people believed that owning a Mac was a safe choice, and that only Windows users could get hacked. However, researcher Patrick Wardle doesn’t seem to think so.

    During a talk at the RSA Conference recently, Wardle explained the security measures on OSX are actually full of holes, if a competent hacker chose to exploit them.  First up, he said that GateKeeper, Apple’s app verifier, doesn’t check extra content in apps, but rather only the app bundle itself. Meaning that attackers could load a verified app with dangerous extra content and it could, according to Wardle, slide right through Apple’s security.

    The researcher went on to say that Apple’s sandbox technology on OSX is quite strong in terms of security, but there were a number of bugs that can be used to bypass it. On top of what Wardle called a“trivial to bypass” anti-malware system, he also found issues with code signing:

    The code signing just checks for a signature and if it’s not there, it doesn’t do anything and lets the app run. I can unsign a signed app and the loader has no way to stop it from running.

    It’s hard to imagine, with that many security flaws, that we haven’t seen mass hysteria break out among the Mac crowd. But it is clear that Apple should be looking into these holes, as it is likely only a matter of time before serious issues start to arise.

    Permalink to story.

  2. Camikazi

    Camikazi TS Maniac Posts: 795   +216

    Aren't Macs hacked quickly at most hacking competitions? How is this news at all?
    I really hope that they get a major worm or something. It would make my decade, there would be no more BS arguments about them being better.
  4. Chazz

    Chazz TS Evangelist Posts: 668   +72

    Last edited: Apr 24, 2015
  5. Darth Shiv

    Darth Shiv TS Evangelist Posts: 1,600   +369

    They have ~5% market share (Mac osx). The best defense is being hard to target. Low market share is a natural defense to hackers because they couldn't be bothered.
  6. Camikazi

    Camikazi TS Maniac Posts: 795   +216

    So shocking, an OS making company wants to ditch a competing company's OS *utterly shocked face*. Not many Google employees even used Windows to begin with, this was just a parting shot at MS to make themselves look better.
  7. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 8,430   +2,822

    I missed something. How is Google involved?
  8. Jad Chaar

    Jad Chaar TS Evangelist Posts: 6,477   +965

    Hopefully Apple will fix these holes with 10.11--especially since it is going to be a primarily bug fixing update.
  9. Chazz

    Chazz TS Evangelist Posts: 668   +72

    It's to point out that these "researchers" are pretty much just PR these days. Security for users doesn't seem like the real motive.
  10. Mr WW

    Mr WW TS Member Posts: 17

    OSX is vulnerable, every mankind-made environment is imperfect
    I will only believe it when I see it

    PS: There is a difference by hacking a computer from outside or from the computer itself logged in with the admin account!
  11. veLa

    veLa TS Evangelist Posts: 699   +164

    Nobody hacks them because there's so few of them out there, in comparison to Windows I mean.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...