Posted on 05/09/2015 6:10:00 PM PDT by Enlightened1
'I love Apple products, I just wish they were secure'
A former NSA staffer turned security researcher is warning that bypassing typical OS X security tools is trivial.
Patrick Wardle, a former NSA staffer and NASA intern who now heads up research at crowd-sourced security intelligence firm Synack, found that Apple's defensive Gatekeeper technology can be bypassed allowing unsigned code to run. Apple's Gatekeeper utility is pre-installed in Mac OS X PCs and used to verify code. The tool is designed so that by default it will only allow signed code to run or, depending on settings, only packages from the Mac App Store.
Apple's built-in mechanisms - Gatekeeper, XProtect anti-malware, sandboxing and kernel code-signing requirements - are "easy to get around" and "trivially exploitable", according to Wardle.
Wardle said he worked closely with Apple's internal security teams describing them as "responsive" while noting the wider consumer electronics firm had yet to embrace a culture where comprehensive security is baked into their OS X systems" from the onset. By contrast to OS X, iOS has solid security baked in, according to Wardle.
A bug bounty from Apple - along the lines of schemes introduced by Google, Microsoft and many others - would be beneficial, according to Wardle whose firm Synack would stand to benefit from such a scheme. "Google products have themselves, become more secure because of bug bounties," Wardle said. "Introducing them seems to be a no brainer."
(Excerpt) Read more at theregister.co.uk ...
Linux mint, fast and secure
Sure, but they have built-in Gaydar.
So, kwai Chang..
http://www.freerepublic.com/focus/f-chat/3262821/posts
“It Appears There Are Hijacked Freeper Accounts”
Has you find more of these account and why not show to public?
Why you so quiet on this?
You’re not humblegunner. humblegunner doesn’t post stuff like this.
I think the humblegunner account has been hacked!!!
If you want on or off the Mac Ping List, Freepmail me.
The latest Freepathon is rushing to the wire, so let's put it over the top! I challenge the members of the Apple ping list to each donate at least $10 each to the latest Freepathon. I HAVE donated $100. Many members of the Apple Ping list are already rising to the challenge. Join them. Let's show the power of the Apple Ping list in supporting Freerepublic!
PROVE YOUR IDENTITY.
WHAT’S THE PASSPHRASE??
But Apple malware has exquisite bevelled edges and handsome filigree work. The look and feel is impeccable. Every homo wants some.
No way you could have found us out!
We have taken great pains to cleverly disguise our takeover of these FReeper accounts using the latest in stealth pirating technology.
Why, we even have a brand new state-of-the-art Interociter shipped here from Metaluna and hand assembled by Gunner and myself!
So he is trying to get you to do exactly what he claims is the problem. Downloading unauthorized software.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.