Apple intentionally created a security breach in macOS Big Sur

[fantomas 4,139]

In Big Sur Apple decided to exempt many of its apps from being routed thru the frameworks they now require 3rd-party firewalls to use (LuLu, Little Snitch, etc.)

 

Q: Could this be (ab)used by malware to also bypass such firewalls?

 

A: Apparently yes, and trivially so.

 

 

 

 

 

twitter

 

View full article

 

[eSaF 1,658]

This is getting to be seriously concerning, first we read about BS collecting personal data of it's users and possible spying, now this. BS is turning out to be a Big Surprise. 

[5T33Z0 279]

Here's a bit more technical insight on the issue:

 

https://sneak.berlin/20201112/your-computer-isnt-yours/

[eSaF 1,658]

1 hour ago, 5T33Z0 said:

Here's a bit more technical insight on the issue:

In the words of Spock - 'Fascinating'

[Hervé 2,365]

In the words of Jean-Luc Picard - "Meeerde !"

[eSaF 1,658]

@Hervé - Oh darn it man now you've put me in the mood to go and watch some reruns of 'Next Generation'.

[HenryV 107]

People who want to know what apps and processes are exempt can open the macOS terminal and enter sudo defaults read /System/Library/Frameworks/NetworkExtension.framework/Resources/Info.plist ContentFilterExclusionList.

[Muaitai 0]

Apple is addressing this issue in the article below:

 

https://support.apple.com/en-us/HT211931

[azul líder 1]

I'm pretty sure that's actually about a separate, stupid issue.