{"id":8157,"date":"2015-04-29T12:30:02","date_gmt":"2015-04-29T16:30:02","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=8157"},"modified":"2015-04-29T12:30:02","modified_gmt":"2015-04-29T16:30:02","slug":"researcher-claims-that-attackers-can-easily-bypass-current-osx-security-tools","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2015\/04\/29\/researcher-claims-that-attackers-can-easily-bypass-current-osx-security-tools\/","title":{"rendered":"Researcher claims that attackers can easily bypass current OSX security tools"},"content":{"rendered":"<p style=\"text-align:center;\"><a href=\"http:\/\/www.techspot.com\/news\/60479-researcher-claims-attackers-can-easily-bypass-current-osx.html\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/04\/2015-04-24-image-14.png\" alt=\"\" \/><\/a><\/p>\n<p>Most Mac users feel as though they are impenetrable to viruses and malicious software, but according to one researcher that is not the case. While Apple has its fair share if security measures in place, recent data has surfaced suggesting those tools are \u201ctrivial\u201d for any attacker to bypass. For sometime, most people believed that owning a Mac was a safe choice, and that only Windows users could get hacked. However, researcher Patrick Wardle doesn\u2019t seem to think so.<\/p>\n<p>During a talk at the RSA Conference recently, Wardle explained the security measures on OSX are actually full of holes, if a competent hacker chose to exploit them. First up, he said that GateKeeper, Apple\u2019s app verifier, doesn\u2019t check extra content in apps, but rather only the app bundle itself. Meaning that attackers could load a verified app with dangerous extra content and it could, according to Wardle, slide right through Apple\u2019s security.<\/p>\n<p>The researcher went on to say that Apple\u2019s sandbox technology on OSX is quite strong in terms of security, but there were a number of bugs that can be used to bypass it. On top of what Wardle called a\u201ctrivial to bypass\u201d anti-malware system, he also found issues with code signing:<\/p>\n<p>The code signing just checks for a signature and if it\u2019s not there, it doesn\u2019t do anything and lets the app run. I can unsign a signed app and the loader has no way to stop it from running.<\/p>\n<p>It\u2019s hard to imagine, with that many security flaws, that we haven\u2019t seen mass hysteria break out among the Mac crowd. But it is clear that Apple should be looking into these holes, as it is likely only a matter of time before serious issues start to arise.<\/p>\n<p>via <a href=\"http:\/\/www.techspot.com\/news\/60479-researcher-claims-attackers-can-easily-bypass-current-osx.html\" target=\"_blank\">Researcher claims that attackers can easily bypass current OSX security tools &#8211; TechSpot<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Most Mac users feel as though they are impenetrable to viruses and malicious software, but according to one researcher that [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[2,7,9],"tags":[785,1177],"class_list":["post-8157","post","type-post","status-publish","format-standard","hentry","category-apple","category-security","category-software","tag-os-x","tag-vulnerabilities"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-27z","jetpack-related-posts":[{"id":9910,"url":"https:\/\/nccomputertech.com\/techtalk\/2025\/02\/11\/slap-and-flop-siri-ios-18-3-update-apple-music\/","url_meta":{"origin":8157,"position":0},"title":"Slap and Flop &#8211; Siri, iOS 18.3 Update, Apple Music","author":"NCCT","date":"February 11, 2025","format":false,"excerpt":"https:\/\/youtu.be\/Xwqi58VczQ4 What's going on with Siri? iOS 18.3 update is out now, along with a fix to a zero-day flaw. You can buy iPhones on eBay with TikTok installed on them as TikTok is still not available for download on the App Store. And on January 27th, 2010, Steve Jobs\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/Xwqi58VczQ4\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9940,"url":"https:\/\/nccomputertech.com\/techtalk\/2025\/05\/16\/the-blue-and-the-gray-m4-macbook-air-m4-max-mac-studio-apple-intelligence\/","url_meta":{"origin":8157,"position":1},"title":"The Blue and the Gray &#8211; M4 MacBook Air, M4 Max Mac Studio, Apple Intelligence","author":"NCCT","date":"May 16, 2025","format":false,"excerpt":"https:\/\/youtu.be\/e_K-4_7i08k Is Apple's 'Sky Blue' really blue? Apple is delaying its 'more personalized Siri' Apple Intelligence features. Is anyone excited about RollerCoaster Tycoon coming to Apple Arcade? And Dropbox now supports Live Photos! ... after ten years. \u2022 Sky (blue)\u2019s the limit: M4 MacBook Air offers lower price, improved camera,\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/e_K-4_7i08k\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9655,"url":"https:\/\/nccomputertech.com\/techtalk\/2021\/03\/09\/fuquay-varina-and-holly-springs-computer-repair\/","url_meta":{"origin":8157,"position":2},"title":"Fuquay Varina and Holly Springs Computer Repair","author":"NCCT","date":"March 9, 2021","format":false,"excerpt":"Welcome to our blog. NC Computer Tech services Fuquay Varina, Holly Springs, and surrounding NC areas. We offer prompt, professional, courteous service with over twenty years of experience dealing with residential and small business clients offering them solutions and fixing their computer and network issues at reasonable rates. Our services\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9389,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/08\/05\/this-week-in-tech-678-popcorn-and-brown-liquor\/","url_meta":{"origin":8157,"position":3},"title":"This Week in Tech 678: Popcorn and Brown Liquor","author":"NCCT","date":"August 5, 2018","format":false,"excerpt":"https:\/\/youtu.be\/nzryn9DScp0 This Week in Tech Trillion Dollar Apple, Facebook dating, Surface Go review, and more. --Apple is the first trillion dollar company ever. --Is Universal Basic Income the fix for poverty in America? --Alexa is Now the Ultimate in Home Security --Why you should avoid Chinese phones. --Facebook Dating is\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/nzryn9DScp0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9522,"url":"https:\/\/nccomputertech.com\/techtalk\/2019\/02\/24\/will-it-bend-this-week-in-tech-707\/","url_meta":{"origin":8157,"position":4},"title":"Will It Bend? &#8211; This Week in Tech 707","author":"NCCT","date":"February 24, 2019","format":false,"excerpt":"https:\/\/youtu.be\/qC0DabXmX8Q Folding phones at MWC, Hololens 2, conspiracies on YouTube, and more. -- Foldable Phones Hit MWC 2019 -- Microsoft Announces Hololens 2 -- Netflix at the Oscars -- Apple and Goldman Sachs Release Credit Card Linked to iPhone -- Apple to Combine iPhone, iPad and Mac Apps -- YouTube:\u2026","rel":"","context":"In &quot;Microsoft&quot;","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/qC0DabXmX8Q\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9511,"url":"https:\/\/nccomputertech.com\/techtalk\/2019\/01\/22\/millsplain-it-to-me-this-week-in-tech-702\/","url_meta":{"origin":8157,"position":5},"title":"Millsplain It to Me &#8211; This Week in Tech 702","author":"NCCT","date":"January 22, 2019","format":false,"excerpt":"https:\/\/youtu.be\/EtTfFJVBZ6s -Apple's Tim Cook Calls for Data Privacy. -773M Passwords Pwned - How to Find Out If Yours Was. -Amazon Tries to Make Alexa Sound \"Newsy.\" -Google Buys Fossil. -74% of Facebook Users are Clueless. -Facebook's 10 Year Challenge. -Atari Founder Making Alexa Board Games. -Stop Using Windows Phone! -Tokyo\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/EtTfFJVBZ6s\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8157","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=8157"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8157\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=8157"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=8157"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=8157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}