For decades now people have believed their Apple devices to be safe from hacker intrusion, they were seemingly unbreakable, but in late 2015 uncertainty set in when a security expert revealed that he had found a way to bypass Apple’s security. The same expert is now suggesting that not much has changed since then with regards to Apple’s security.
The original hole was discovered by using binary code of applications that had already been verified by Apple’s developers to pass through Gatekeeper. Because Gatekeeper was developed to ensure that all applications a user downloads are checked against the application’s Developer ID, if that ID is present that application will be allowed to run. Experts have proved that this is where the problem lies as malware can easily be hidden within Apple-trusted files and then activated once the application has been installed.
Shortly after these gaps in Apple’s security features were exposed Apple released patches to prevent further breaches. However according to experts in the field it appears that the same vulnerabilities remain and can be just as easily exploited today, in the same fashion, as they were back in September. The reason being is Apple has merely blocked the files that were reported but has not made changes to Gatekeeper’s verification process. The belief is that hackers would simply need to find a new trusted file that has not been blocked by the update, this trusted file can then be abused and used to bypass Gatekeeper. Once on the other side the trusted file will execute the malicious files and then begin to install malicious programs not trusted by Apple.
The experts suggest that in order for Gatekeeper to be secure it must be triggered anytime a new process is started, requiring each process to be signed off by an Apple-trusted developer.
Apple has yet to implement such changes. With OSX’s increasing popularity making it more and more of a target for malware creators it may just be time for Apple users to consider further protection of their devices and personal data.