1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Researcher claims that attackers can easily bypass current OSX security tools

By Justin Kahn ยท 10 replies
Apr 24, 2015
Post New Reply
  1. [parsehtml]<p><img alt="security researcher trivial bypass security tools macs " src="http://www.techspot.com/images2/news/bigimage/2015/04/2015-04-24-image-14.png" /></p> <p>Most Mac users feel as though they are impenetrable to viruses and malicious software, but according to one researcher that <a href="http://gizmodo.com/security-researcher-its-trivial-to-bypass-security-t-1699906408">is not the case</a>. While Apple has its fair share if security measures in place, recent data has surfaced suggesting those tools are &ldquo;trivial&rdquo; for any attacker to bypass. For sometime, most people believed that owning a Mac was a safe choice, and that only Windows users could get hacked. However, researcher Patrick Wardle <a href="https://threatpost.com/bypassing-os-x-security-tools-is-trivial-researcher-says/112410">doesn&rsquo;t seem to think so</a>.</p> <p>During a talk at the RSA Conference recently, Wardle explained the security measures on OSX are actually full of holes, if a competent hacker chose to exploit them.&nbsp; First up, he said that GateKeeper, Apple&rsquo;s app verifier, doesn&rsquo;t check extra content in apps, but rather only the app bundle itself. Meaning that attackers could load a verified app with dangerous extra content and it could, according to Wardle, slide right through Apple&rsquo;s security.</p> <p>The researcher went on to say that Apple&rsquo;s sandbox technology on OSX is quite strong in terms of security, but there were a number of bugs that can be used to bypass it. On top of what Wardle called a&ldquo;trivial to bypass&rdquo; anti-malware system, he also found issues with code signing:</p> <blockquote> <p>The code signing just checks for a signature and if it&rsquo;s not there, it doesn&rsquo;t do anything and lets the app run. I can unsign a signed app and the loader has no way to stop it from running.</p> </blockquote> <p>It&rsquo;s hard to imagine, with that many security flaws, that we haven&rsquo;t seen mass hysteria break out among the Mac crowd. But it is clear that Apple should be looking into these&nbsp;holes, as it is likely only a matter of time before serious issues start to arise.</p><p><a rel='alternate' href='http://www.techspot.com/news/60479-researcher-claims-attackers-can-easily-bypass-current-osx.html' target='_blank'>Permalink to story.</a></p><p class='permalink'><a rel='alternate' href='http://www.techspot.com/news/60479-researcher-claims-attackers-can-easily-bypass-current-osx.html'>http://www.techspot.com/news/60479-researcher-claims-attackers-can-easily-bypass-current-osx.html</a></p>[/parsehtml]
  2. Camikazi

    Camikazi TS Evangelist Posts: 858   +246

    Aren't Macs hacked quickly at most hacking competitions? How is this news at all?
    I really hope that they get a major worm or something. It would make my decade, there would be no more BS arguments about them being better.
  4. Chazz

    Chazz TS Evangelist Posts: 677   +74

    Last edited: Apr 24, 2015
  5. Darth Shiv

    Darth Shiv TS Evangelist Posts: 1,708   +409

    They have ~5% market share (Mac osx). The best defense is being hard to target. Low market share is a natural defense to hackers because they couldn't be bothered.
  6. Camikazi

    Camikazi TS Evangelist Posts: 858   +246

    So shocking, an OS making company wants to ditch a competing company's OS *utterly shocked face*. Not many Google employees even used Windows to begin with, this was just a parting shot at MS to make themselves look better.
  7. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 8,962   +3,152

    I missed something. How is Google involved?
  8. Jad Chaar

    Jad Chaar Elite Techno Geek Posts: 6,513   +974

    Hopefully Apple will fix these holes with 10.11--especially since it is going to be a primarily bug fixing update.
  9. Chazz

    Chazz TS Evangelist Posts: 677   +74

    It's to point out that these "researchers" are pretty much just PR these days. Security for users doesn't seem like the real motive.
  10. Mr WW

    Mr WW TS Member Posts: 23

    OSX is vulnerable, every mankind-made environment is imperfect
    I will only believe it when I see it

    PS: There is a difference by hacking a computer from outside or from the computer itself logged in with the admin account!
  11. veLa

    veLa TS Evangelist Posts: 740   +206

    Nobody hacks them because there's so few of them out there, in comparison to Windows I mean.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...