Security News > 2020 > July > After six months of stonewalling by Apple, app dev goes public with macOS privacy protection bypass
Six months after software developer Jeff Johnson told Apple about a privacy bypass vulnerability opening up protected files in macOS Mojave, macOS Catalina, and the upcoming macOS Big Sur, the bug remains unfixed - so he's going public.
This latest bug can be exploited by a maliciously crafted app to bypass a privacy system known as Transparency, Consent, and Control that was introduced in OS X Mavericks and got strengthened in subsequent releases through technologies like System Integrity Protection in El Capitan.
TCC is a sandboxing system designed to enforce user privacy decisions, like approving or denying app access to location data or data stored in files like the contacts database.
So an app with a copy of that identifier in another location gets treated as the original, authorized app.
"My personal opinion is that macOS privacy protections are mainly security theater and only harm legitimate Mac developers while allowing malware apps to bypass them through many existing holes such as the one I'm disclosing, and that other security researchers have also found," Johnson wrote.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/07/01/apple_macos_privacy_bypass/
Related news
- Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS (source)
- Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations (source)
- Apple offers $95 million in Siri privacy violation settlement (source)
- How to use Apple’s App Privacy Report to monitor data tracking (source)