A new Mac malware has been found in the wild that allowed attackers to steal data and install unauthorized apps on a compromised machine. What makes this malware different than other recent Mac malware, though, is that it breezes right past Gatekeeper… and the people behind it might have been gunning for the life of their malware victim.
All items tagged with "gatekeeper"
Another advantage of the Mac App Store, besides pausing downloads, safe uninstalls, and easy re-downloads of Mac OS X apps, is the safety of knowing that anything in the Mac App Store has been vetted by Apple.
One way your Mac makes sure you’re (relatively safe) from rogue apps is what’s called Gatekeeper. By default, this bit of software only allows you to install verified apps from the Mac App Store on your Mac. What if, however, you want to download software from a Mac developer who doesn’t distribute their software on the Mac App Store? You’ll need to bypass Gatekeeper in order to do so.
Here’s how to do that safely.
Redsn0w Is Fully Compatible With OS X Mountain Lion, But You’ll Have To Bypass Gatekeeper [Jailbreak]
The iPhone Dev-Team have confirmed that the latest version of Redsn0w is fully compatible with Apple’s new OS X Mountain Lion software. However, until it has been signed with a Developer ID, you’ll have to bypass Gatekeeper to use it.
Mountain Lion includes over 200 new features. Some of them are dramatic and hard to miss while others are minor conveniences that don’t stand out immediately. Many of those big and small new features and improvements have a lot of appeal for business users.
Here’s a list of the many new features in Mountain Lion that can help professionals in almost any industry work smarter, more efficiently, and more effectively.
In putting together the various features of Mountain Lion, Apple may end up encouraging business and enterprise customers to actually make their Macs less secure instead of ratcheting up security as some key Mountain Lion capabilities are intended to do.
There are a handful of technologies involved, but they center around iCloud and Apple’s requirement that apps sold in the Mac App Store support Apple’s application sandboxing technique.
One of the main reasons many of us turned to Apple’s machines and its OS X operating system is the belief that the company’s software is more secure than Windows, its biggest rival. However, Eugene Kaspersky, CEO and co-founder of Kaspersky, one of the industry’s leading security specialists, believes that Apple is “10 years behind Microsoft in terms of security,” and that Apple need to invest more into security audits for its software.
Apple uses digital certificates and code signing in various ways to help keep Macs secure. One common example is that apps sold through the Mac App Store are digitally signed, which allows an individual Mac to know that it’s getting the genuine article when a user launches the App Store app. It also allows a Mac to ensure that an application hasn’t been tampered with by a malicious user or a piece of malware each time that app is launched (Mountain Lion’s Gatekeeper feature will be based on the same technology).
The same process is used with Apple’s Software Update servers. Each update from Apple is digitally signed using a certificate that let’s each Mac know that they’re getting genuine updates from Apple.
Digital certificates are designed to expire periodically and tomorrow, March 23, 2012, the certificate associated with Apple’s Software Update functionality will be expiring. Apple already has a new certificate ready that won’t expire for seven more years (2019). The transition to the certificate will be transparent for almost all Mac users, but it may create problems with some OS X Server installations.
One of the new features of OS X 10.8 Mountain Lion has been the addition of Gatekeeper. By only allowing apps to be installed from the Mac App Store, Mountain Lion’s Gatekeeper feature gives users a new level of security from malicious software.
Some users feel Gatekeeper is a sign that Apple is moving toward a completely closed desktop operating system that will only allow apps from the Mac App Store to be installed. Easing concerns of this draconian controversy, this afternoon Apple announced the Developer ID program that will help third-party developers distribute their apps safely outside of the Mac App Store.
Although Apple just announced OS X Mountain Lion last Thursday, Mac apps are already getting updated for compatibility with the next-gen OS. Mountain Lion is only available as a developer preview, but that hasn’t kept Smile from updating its popular PDF editor for the Mac, PDFpen, with Gatekeeper compatibility.
Smile makes great productivity apps for the Mac, like TextExpander. With this latest update to PDFpen, a Gatekeeper-friendly Developer ID has been added to help future Mountain Lion users install the app in a secure environment.
Apple hasn’t made the Mac App Store the only source for Mac software, but the company is nudging both developers and users in the store’s direction. That’s fine for consumers, but it may create problems for businesses that need to buy software in bulk and distribute it to a large number of Macs.