Security News > 2020 > July > After six months of stonewalling by Apple, app dev goes public with macOS privacy protection bypass

After six months of stonewalling by Apple, app dev goes public with macOS privacy protection bypass
2020-07-01 02:32

Six months after software developer Jeff Johnson told Apple about a privacy bypass vulnerability opening up protected files in macOS Mojave, macOS Catalina, and the upcoming macOS Big Sur, the bug remains unfixed - so he's going public.

This latest bug can be exploited by a maliciously crafted app to bypass a privacy system known as Transparency, Consent, and Control that was introduced in OS X Mavericks and got strengthened in subsequent releases through technologies like System Integrity Protection in El Capitan.

TCC is a sandboxing system designed to enforce user privacy decisions, like approving or denying app access to location data or data stored in files like the contacts database.

So an app with a copy of that identifier in another location gets treated as the original, authorized app.

"My personal opinion is that macOS privacy protections are mainly security theater and only harm legitimate Mac developers while allowing malware apps to bypass them through many existing holes such as the one I'm disclosing, and that other security researchers have also found," Johnson wrote.


News URL

https://go.theregister.com/feed/www.theregister.com/2020/07/01/apple_macos_privacy_bypass/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 68 212 1433 2208 257 4110